Infosec hive, if you're in London and keen to put them skills to good use, @CyberpeaceInst will be hosting a chill IRL meetup this Friday🍻
Come join us and find out what it's all about
eventbrite.ch/e/cyberpeace-i…
London, England 🇬🇧 English
Leo Tsaousis
506 posts
Leo Tsaousis
@LAripping
Senior Security Consultant @ Reversec (fka @withconsulting / MWR). Talks mostly about security. As Rino put it, sometimes maybe good sometimes maybe shit
Katılım Eylül 2017
678 Takip Edilen586 Takipçiler
@__noided Indeed, VAPI like Twilio and the ElevenLabs telephony feature were nice and simple.
Just didnt seem possible to spoof caller ID (and leverage the legit CNAM) which I needed for my scenario (business impersonation) as it increased perceived legitimacy from before even saying Hi
English
@LAripping Cool post. For my simulations I found it easier to skip the whole PBX setup and just use an all-in-one provider like VAPI. They even have ElevenLabs models built in, so one less thing to wire up.
English
New blog post out:
We built an AI Vishing system in 7 days to show that Scattered Spider's helpdesk campaigns can be automated at mass scale, easily.
(clip included 🔊)
labs.reversec.com/posts/2026/02/…
English
Go read @HTTP418InfoSec
article if you haven't.
Shout outs also to @googlecloud and @mandiant for their reporting on Scattered Spider, Deepfakes, and for the AI Threat Tracker.
And thanks to @fr4nk3nst1ner and Sumir (sumirbroota.com) for their caller ID spoofing guides
English
@_xpn_ @_RastaMouse @Lauratobin1 We reached peak TV ca 2009 with Petroula on prime time. And we all know what happened to our economy once this ended...
youtu.be/O1CWR_tqYqM?si…
YouTube
English
@_RastaMouse @Lauratobin1 I mean, if I lived in Greece I’d be dancing over the weather too… “Drizzle in Manchester with winds of up to 50mph” set to Darude - Sandstorm doesn’t have the same vibe 🤣
English
@Lauratobin1 I expect Greek-style weather reporting from now on.
Brian Roemmele@BrianRoemmele
Weather report: Germany Vs. Greece
English
Oh, and you might recall his @fwdcloudsec EU talk, last September, covering some of this but not all!
youtu.be/OL6Okw0fLuc?si…
YouTube
English
Start from here, the blog post that ties together all the advisories:
labs.reversec.com/posts/2026/01/…
English
My brilliant colleague Sharan @Tagging_SP has just published his research on #AzureArc:
- 4 Privilege Escalation CVEs
- complete with exploit scripts and PoC videos
- earning him a Most Valuable Researcher (MVR) from @msftsecresponse
There is A LOT in there
English
@0xAggelos People still ask me where I'm from! so I guess still room for improvement 😄
English
Important tips from the UK's deep south!!
Offensive X@TheOffensiveX
Want to submit a talk for @TheOffensiveX 2026? Leonidas Tsaousis (@LAripping) and James Henderson share their experience from the #OffensiveX 2025 stage and what actually matters when preparing a CFP submission. If you’re thinking of submitting this year, stay close more tips are coming. #OffensiveX2026 #CFP #OffensiveSecurity #CyberSecurity #HackingCommunity #RedTeam
English
@coolestcatiknow Not a defender but having worked with SOCs in ATT&CK-based purple teams, I think Option 1 captures more about the gist of the actual attacker action, -the How- and therefore makes rule writing more targeted. Will be clearer when to tag in TI reports too.
Happy to DM for more 🙂
English
I’ve been deep in the DE split in @MITREattack lately, — and once you start breaking things, Valid Accounts feels like fair game 😹 So I want your thoughts on how this should go. 🧵👇
#ThreatHunting #AdversaryEmulation #MITREATTACK
GIF
English
An entire generation of Greek hackers dipped their toes in appsec trying to hack (and defend) eClass in @sol3gga's iconic "Web Wars" exercise 4
This brought back some memories...
Shout out to all the @dit_uoa alumni out there (cc @0xAggelos)
twelvesec@twelvesec
This #vulnerability was identified by TwelveSec Lab #Cybersecurity researchers George Tyritidis and Edward Pasenidis. TwelveSec Lab is dedicated to supporting the #opensource community through active contributions and #security research. #Infosec #CVE buff.ly/USeP70r
English
@techspence Uncomfortable truth: it gets a bad reputation because noone's ever done baselining so they live with the fear it will impact users. Phased deployment too much effort
English
Application control works, I don't think there's many who debate that. But part of the reason it gets a bad reputation is because of flawed deployments.
Here's a few things to avoid:
1. Overly permissive path rules (e.g. wildcard paths)
2. Overly permissive publisher rules (e.g. everything from a publisher is allowed)
3. Using only hash rules
4. Allowing CMD/PowerShell/PowerShell_ISE/Terminal
English
Leo Tsaousis retweetledi
English
@kmcnam1 Love this collection! This particular one on Deansgate I used to walk past every day on my way to work
visitmanchester.com/event/mcr-mons…
English
@BBCiPlayer has this new docuseries telling the stories of great empires through artefacts in the British Museum.
Unfortunately, they "forgot" that other great empire which decorates like half the British Museum at the moment... 🤔
English
2️⃣ The other way around: If you control SharePoint, what other SaaS'es can you compromise, via detours to endpoints? (of their admins)
English
Interesting Project 💡
I wrote about clever use of PowerShell Profiles to pivot from cloud-to-endpoint a while ago
labs.reversec.com/posts/2025/07/…
There's probably many ways to combine the two in Attack Path Mapping exercises: 🧵
Panos Gkatziroulis 🦄@ipurple
ProfileHound - a post-escalation tool to help find and achieve red-teaming objectives by locating domain user profiles on machines. It uses the BloodHound OpenGraph format to build a new edge called HasUserProfile github.com/m4lwhere/profi…
English