Olivia
Online
Security Errata
@securityerrata
Pointing out the good and bad in InfoSec via links, RTs, and commentary.
This account is no longer monitored.
Joined November 2011
0 Following
4.8K Followers
5.9K Posts
I am verifying that @hexwaxwing's new account is now @0xwxwng. I have authenticated her identity, so as not to cause any doubt or confusion. She locked herself out of her old account in 2021 and wanted her identity to be verified for this account.
Reminder!
Anyone can write a blog / article exposing bad actors, be it threat actors or 'infosec' bad actors. Cross your T's, dot your I's, consult your lawyers (seriously). But it isn't as difficult as people think, and the more that do it, the harder it is for the bad ones.
This has long been concern for victims of domestic violence/stalking who risk escalating prob when they discover they're being tracked and disable it. Security people who help victims remove spyware from their phones have to be careful about this risk https://t.co/iPICD0yPmD
Got email this wk from writer who got laid off from job and wanted advice to go freelance. My advice: Never sign 1st contract they give you. Always negotiate better terms or write for pub that will give better terms. They do exist and the editors tend to be nicer, more respectful
Who to follow
Kevin "Johnson" Tackett
@secureideas
Secure Ideas is a security consulting firm focused on helping clients have the best penetration testing and training experience.
Chris Nickerson 
@indi303
I build global cybersecurity companies, Red Teamer, CxO, Investor, Speaker, Mentor, Student, & Sprirt Animal . I'm also a liability #Damovo #Lares #BSides
David Litchfield
@dlitchfield
Given enough AIs, all bugs are shallow
Read this thread. Resiliency is the new landscape. One and done "hacks" are not how the world works.
STOP POSTING FAKED STUNT HACKS!
Remember the guy "smoking" his power meter with a Flipper? Yet another faked video!
The guy (Peter Fairlie) had extra meters setup on the side of his house for this, & these meters can't do what is shown anyway.
https://t.co/6tp0vGMnR7
“A Survivor’s Guide to Talking About Sexual Assault: The Quick List of Do’s and Don’ts” by Ariel Robinson
https://t.co/U5huPGYi50
Hey @HushCon ! Here’s a resource
A popular newspaper in Switzerland claims that the rise of successful cyber attacks is because we do not talk about them. This is utter rubbish. They are possible because management doesn’t care and wants to optimize profits. That’s the main reason. Everything else is a lie.
Forbes just created a top 200 list of the most secure companies.
This will end badly.
H/T @mikepsecuritee
https://t.co/Vf2XM880yA
Stunning details in this FTC settlement with Amazon’s Ring security camera company. Employee viewed 1000s of videos from women’s bathrooms & bedrooms. Hackers used two-way functionality to taunt children with racist slurs, sexually proposition owners. Family threatened for ransom
XDR companies trade for billions & we can't protect against "wmic, ntdsutil, netsh, and PowerShell." #weak Test your tools, learn your gaps and fix them. Focus on resiliency not some vendor pitch. If you can't go hunt these TTP's right now you're blind. https://t.co/DwM18g6hqa
TL;DR: Skytalks has regretfully decided to not participate in DEF CON 31. For our full statement, read our full blog here: https://t.co/NVNEIkR2d2
@Turbo81 Things more dangerous to the electric sector than cyber:
Kelly's family wishes to prevent rumors on circumstances of her passing from being spread.
Kelly did not take her own life, but passed due to progressed critical illness, in a hospitalized setting surrounded by her family.
🔥 take: I take a lot of notes on who in the security industry pops off on the current zeitgeist without _any_ actual knowledge of the situation.
Nuance means so much in security… to bloviate by “reading between the lines” is irresponsible.
Much like cDc and them bragging about their lies during the 90's and 00's, gloating at how they deceived the media.
'Ethical hacker' among ransomware suspects cuffed by Dutch cops https://t.co/MotYuJ7qc1
I don't have a CISSP mostly because I'd be too embarrassed. To pass the test, you have to claim things that are false. For example, from this official study guide, the entire page is complete nonsense -- none of it's true.
I cannot describe the agony of resetting/losing a phone that had your Authentication app on it. I’m four hours in to an absolute disaster of an evening that will stretch so long. 2FA apps NEED to have multi-device access
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers