Olivia
Online
__ऋश__
@prohack
Security, DFIR & /dev/urandom. Retro gamer & machine with a mission. Once published free threat feed at Views are my own, Cogito, ergo rish.
The other side at Fruxlabs
Joined December 2008
2K Following
1.3K Followers
4.8K Posts
MSRC; Tell The Whole Story Please - https://t.co/6DA9yBD5NV
“Shared responsibility”, my ass. If you did the work to find a bug, you do you. If they want it so bad they can pay you for it or they should have found it themselves. End of.
Vendors are afraid of the asymmetry, and try to turn it back on you with shaming, mistreatment, and failing that, threats. Screw that.
Since we are on the MSRC drama bandwagon.. I'll share a story. Microsoft sent their attorneys after me in 2009, shutting down all my hosting servers and registrar account using DMCA despite not hosting any Microsoft products. All for some research I did against Microsoft COFEE.
@GabrielLandau @MarcOverIP I stopped reporting CVEs because of similar experience with vendors. Better to hoard and trade.
Who to follow
Silas Cutler (p1nk)
@silascutler
You may know me from your logs
Principal Security Researcher @Censysio
#Threats / #CTI / #Malware / #Hacking
Crowdfense
@crowdfense
Crowdfense is the world-leading research hub and acquisition platform for zero-day exploits and vulnerability research. We offer the highest bounties
Harshit Mahajan
@HarshitRMahajan
Trekker | Gamer | Book Lover | Father |
Personal Views...!
Follow every Mythos discovery through our coordinated vulnerability disclosure dashboard.
https://t.co/xri3fTpf77
PICARD: Data, shields up
DATA: Brilliant! Shields can reduce damage we sustain. Not immunity. Not hubris. Just prudence. It's not precaution—it's strategy.
[camera shakes]
WORF: HULL BREACHES ON NINE DECKS
DATA: Here's what happened: you told me to raise shields, and I didn't
Microsoft has banned Nightmare Eclipse from GitHub: https://t.co/EmeiJnJ0Ps
This is the researcher who disclosed several zero-days after Microsoft also deleted their MSRC account.
They have now moved on to GitLab: https://t.co/Npj0gplSum
(h/t to: @[email protected])
Hey @airtelindia @Airtel_Presence, connection request AJUKP8ZFZ7. Your own team is rejected request because your own team absolutely inept and is asking to wait for 3 months. Are you insane? Here is a customer ready for you, and your team is rejecting this. What is wrong with you
@x_rahulraj Our own fighter jet (Marut)
@MissPookems MGS2/ 3
God of War Series
Mario Galaxy and many, many more
Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time.
@ShivAroor Apocalypse Now and The Bridge on the River Kwai as well.
@abanteindia @pankajbansalm3m Residents of #Smartworld Gems 89 are fed up 3rd class service + CAM hiked by ₹1.5/sqft — when previous charges were already irrational. This is daylight robbery. Residents deserve accountability, not exploitation. STOP LOOTING! @SMARTWORLDDEV
‼️🚨 Microsoft calls this "intended behaviour," so here we go.
How to dump the credentials of every user stored in Microsoft Edge:
1. Open Edge. Don't browse anywhere, just open it.
2. Flip to Task Manager, find Edge, expand the task.
3. Highlight the "browser" sub-task, right-click, and choose "Create Memory Dump."
4. Open the dump file and look for credentials.
The logged-in Windows user can dump every stored Edge credential with no additional rights. Which means any malware that user executes has those credentials for the asking.
Thanks to Rob VandenBrink at SANS: https://t.co/ebtVZxne4L
Car Hacking with GearGoat Simulator
GearGoat is a realistic environment for learning automotive hacking by simulating a vehicle’s internal CAN network
https://t.co/SpdNGO4qCU
@three_cube @_aircorridor
#hacking
The internet has survived a period where a handful of late teens and early 20s kids were the only ones that knew about pre-malloc integer overflows as a bug class, and you could "grep malloc | grep \*" to find a bug in OpenSSH.
This is why I am pretty chill about Mythos.
@LundukeJournal @gf_256 @gf_256 is absolutely amazing at what they do, and is highly qualified to do this security audit.
@PanasonicIndia and once again. Bad hold times, no support. @jagograhakjago would soon come to you since Panasonic has shown no obligations post sale. This is an absolute joke.
@PanasonicIndia you may have great products, but your customer service is really bad. Request I29042627236230, and many more. I purchased 4 ACs, and no one is interested in installing them. Other brands like @LGIndia chase us, you avoid us. What a crying shame.
Also this one — I30042627257887. Product was purchased on 26 April, today is 2nd May. No sense of after-sales support. Joke of a company.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers