A small tip for academic researchers looking to work with industry ... industry is often not quite looking for those with general knowledge, but specific expertise - knowledge that the company cannot find anywhere else - so focus in on true expertise in key and interesting areas.
Doing a little Shodan Safari, whilst I try to get to grips with it, and it made me laugh a little that someone has a security camera facing at their RSA Authenticator token 😂
2021-03-24 (Wednesday) - #IcedID (#Bokbot) infection with
#CobaltStrike - List of indicators with link to archive comtaining
malware from an infection available at
https://t.co/4DQiATbl31
Yikes, strongest hypothesis is that the attackers have owned Twitter’s employee admin panel which allows Twitter employees ability to change pw/disable MFA to allow an attacker to take over a prominent account and tweet on their behalf without dealing with their password or MFA.
Taught my grandparents about #phishing and #scams online. Today, my Gran got a text message from "HMRC". This was her reply... proud! (And no, I've not redacted the scammers phone number)
The best user awareness advert I have EVER seen! If you watch one video today, it needs to be this one! (Better with volume - great tune) 😂 #CyberSecurity#socialengineering
If you're into OSINT ... forget Facebook, LinkedIn and Twitter ... Reddit is place to pick up chatter on organisation. If you're serious in your market, get those Python scripts mining the chatter..your CEO will be impressed in what people are "really" saying about your company.
When a company doesn't have a responsible disclosure Email/page....I have to choose an unexpected communication channel... :/
Please use security.txt @securitytxt#BugHunting#ResponsibleDisclosure
I rejected all media calls for WhatsApp vulnerability ... as media typically wanted a "scare story" and bash Facebook a bit more... but there's a lot more in this story than "Go Patch WhatsApp" .. but media seem to be avoiding the targeted nature of this. https://t.co/aOrFCAnnAy