Nehal Mehta

Thwarted Thursday: When Dark Web Credentials Didn’t Lead to a Breach—or Business Impact linkedin.com/pulse/thwarted…

Attackers try brute force, phishing, MFA fatigue, replay, automation. Rainbow Secure turns passwords into visual identity signals, not text. Thwarted Thursday Variable font size vs keylogging & copy-paste. Keys logged ≠ usable login. “Since when does size matter?!” #Identity

@zbraiterman @MidnightNtwrk Congratulation @zbraiterman

Proud to have earned my "Certificate of Midnight Scholar” from ⁦@MidnightNtwrk⁩ upon completion of the Midnight Academy course on zero knowledge proofs. 🔐 #MidnightForDevs #DataPrivacyDay

@ARCYBER Respect the mission. In today’s cyber conflict, protecting systems, data, and people requires security by design and constant adaptation. Appreciate the work being done to defend critical operations in this era.

New Year. Same Mission. #CyberReadyCyberStrong

Secure Boot works only when it’s security by design—part of the system trust architecture, not a post-deployment checkbox. This guidance helps defenders avoid fragile configurations and future gaps.

@NSACyber Well said. Secure Boot works best when it’s designed into the device security model and aligned with other controls—not treated as a checkbox. Security by design prevents today’s misconfigurations and tomorrow’s gaps. Built into the trust chain, not added later.

We recently published guidance on how to addresses challenges associated with Secure Boot configuration. If you’re a network defender or device owner who’s unclear on how Secure Boot interacts with other protective tech, read on. 🔗media.defense.gov/2025/Dec/11/20…

@DBhaduri94 Appreciate the effort to organize info. For something this serious, I’m sticking to verifiable updates—court filings/official statements—until the investigation is complete. Speculation (from any side) adds noise.

I believe it is my responsibility to provide you with a detailed status report on the investigation conducted by the Government of India on the Red Fort Blast in New Delhi so that you can avoid all the chaos & confusion the Indian & global media houses are creating and really understand what is the current status quo. All the journalists are being fooled by their “Sources” every now & then due to which they are bring all sorts of theories which are collapsing within hours. Hence, I present you the 1st of many weekly reports: x.com/DBhaduri94/sta…

Pakistan Army opens heavy artillery fire in LoC Jammu sectors of Poonch-Rajauri, Mendhar & Bhimber Gali. The big escalation at the LoC has begun.

@TaiDurojaiye Well said. When security is designed around how academics actually work, it protects research now and anticipates future threats—without adding friction or training fatigue. Check @RainbowSecure

The reframe ❌ "Enable MFA for compliance" ✓ "Prevent unauthorised access to your research" ❌ "Phishing is a threat vector" ✓ "Competitors target researchers to steal pre-publication work" ❌ "Follow our security policy" ✓ "Collaborate internationally without risking your IP"

"I don't have time for another IT training." That's what a senior professor said before walking out of a cyber security briefing. Here's what a resistant academic's response revealed about security: 🧵

@Starlink Nice work! Have you noticed any differences in connection stability during peak usage times?

Stream. Scroll. Surf. Get speeds up to 400+ Mbps to connect with friends and family without delays.

@sarbjeetjohal @jonfortt @nvidia @fblasvegas @CNBC Love your energy in this post!

It was great to catch up with @jonfortt after @nvidia keynote at #CES2026 at @fblasvegas. He’s wearing a leather jacket as well, I wonder who’s his guest on the set will be in next 30-45 minutes ;) Be on the lookout for his coverage of Nvidia and more from @CNBC, this week!

@Snubs @CNET Congrats, Shannon! That's an amazing achievement! What topics are you most excited to cover for CNET?

It's official! I'm writing for @CNET voices! You can see me listed here: cnet.com/cnet-voices/

@cybergeekgirl What an incredible moment, Lisa! Your journey is inspiring and a testament to resilience. Congratulation Lisa

Last Tuesday was one of the best days of my life, and I had the most surreal experience. I was presented with my MBE by King Charles III at Windsor Castle 😊 To those who bullied and abused me... I am enough ♥️ I was always enough ♥️ I will always be enough, this proves it ❤️

@atishmisra Great insights! I’ve seen firsthand how crucial clean data is for recovery. What strategies have you found effective in maintaining data integrity?

Protection alone isn’t enough. The HTN Now cyber resilience panel highlighted why NHS organisations need clean data and isolated recovery environments when malware hides in backups. A must-watch for digital leaders: sprou.tt/1f9EEh88uHR sprou.tt/1f9EEh88uHR

@karhashofficial This is such a striking contrast! It really highlights the disconnect between rhetoric and reality. What do you think drives that gap?

While Netanyahu has famously touted "Israel" as a global leader in cyber-intelligence and offensive spyware, his personal reliance on a five-cent piece of adhesive tape suggests a profound lack of trust in the very technology his government export.

Why Identity Security Keeps Failing — And What We’re Getting Wrong linkedin.com/pulse/why-iden…

URGENT: Patch fast. Assume compromise. Office zero-days prove users will open files. At @RainbowSecure , we design identity security so plain password text is useless to them.

@TheHackersNews This is exactly why identity-layer security matters. At @RainbowSecure , we design MFA so even if a malicious Office file is opened, plain password text is useless to them. Patch fast — but assume users will click.

🛑 URGENT: Microsoft rushed out out-of-band fixes for an actively exploited Office zero-day. CVE-2026-21509 (CVSS 7.8) lets attackers bypass Office security using a malicious file that must be opened by the victim. 🔗 Details → thehackernews.com/2026/01/micros…

Passwords can be stolen. MFA can be bypassed. Session hijacking lets attackers stay logged in—without triggering alarms. Rainbow Secure ends session hijacking. 👇 Read more: zurl.co/L6bUu #SessionHijacking #IAM #CyberSecurity #ZeroTrust #RainbowSecure

What if authentication worked for people—not attackers? That’s Login Liberty. 🌈 See security users don’t want to skip. #LoginLiberty #IdentitySecurity #CyberSecurity #InfoSec #MFA #IAM#PhishingResistant #CISO #CTO #RainbowSecure

@TheHackersNews This is a serious issue! It's alarming how sophisticated these phishing schemes have become.

🛑 European hotels are facing a phishing campaign abusing Booking-com cancellation emails. Victims hit a fake site, see a fake blue screen, and are told to run a PowerShell “fix.” That installs DCRat via MSBuild.exe, sets Defender exclusions, and persists on the system. 🔗 Learn more → thehackernews.com/2026/01/fake-b…