arandomhacker

#GRID was Conquered last week - now in preparations to take on the remaining #OSCE3 certificates I require (OSWE & OSED) - Thats my goal for 2024

As you likely noticed, yesterday, Mandiant lost control of this X account which had 2FA enabled. Currently, there are no indications of malicious activity beyond the impacted X account, which is back under our control. We'll share our investigation findings once concluded.

The Mandiant Twitter account takeover could have happened a number of ways. Some folks are giving the advice to turn on MFA to prevent ATO and of course that is a good idea always *but it's also possible that someone in Support at Twitter was bribed or compromised which allowed the attacker access to Mandiant's account*.

Tackling #GRID from @SANSInstitute next - Love me some ICS/OT Protocols

Next Course Picked & Booked. Exciting to be taking SANS ISC515 this Q4 - Hopefully get the GRID certification nailed before End of Year @SANSInstitute

Lmao I love Linux

Finally achieved #OSEP Certification. Thanks to @offsectraining for another fantastic course. The new mode of taking the training is amazing and the setup is excellent. Cant wait to continue to work towards #OSCE3

@EoinKeary @NoelAnderson_ @HMcEntee @gardainfo Scandanavian Taxes with North Korean infrastructure.......A great oul island

This is why @HMcEntee we have been crying out for more @gardainfo in the city center. Was only a matter of time. independent.ie/regionals/dubl…

@EoinKeary @rahimjina @ger_heffernan Preaching to the choir! Im going to one desert to get away from another, hotter desert! ill make sure to pop by the booth and say hello!

@rahimjina @EoinKeary @ger_heffernan Will any of you Gents be at BlackHat this year? I will be in Vegas from the 3rd - 12th - If so, be great to grab a Pint & catch up with you!

100 #redteam projects A list of 100 projects that are worth a close look at the source code for someone who wants to become a high-level professional: Advanced Network Attacks Data analysis Payloads Cryptography Reverse Engineering Post exploitation github.com/kurogai/100-re…

K.I.S.S. reddit.com/r/programmerhu…

@EoinKeary 5 years ago you'd be labelled a Conspiracy theorist Nut for saying this0!.......now you're just a Nut! 😅

CISO role £57k ... quick sign me up!! 😂😂😂

#OSEP Kicked my ass for a 2nd time - Attempt 3 coming before end of summer. Topped off by my first trip to #blackhat & #Defcon - Been a bucket list item since I started in the industry Life is good

@haksecio Uniform Resource Locator

Without checking, what does URL stand for?

Leaks and Breaches for OSINT Long and detailed article about using data leaks in OSINT from Security by Accident blog. @security-by-accident/leaks-and-breaches-for-osint-a7e3eb6bb56f" target="_blank" rel="nofollow noopener">medium.com/@security-by-a… Surprisingly, there is no mention of Telegram channels with leaks, but still interesting.

the hardest part of learning rust is learning how bad every other language really is

Ask A Hacker: "Rachel, is it actually a big deal if I Google my name and my email address or phone number pop up. Why could that matter for someone like me?" It can matter because many services you trust still use knowledge based authentication (KBA -- info like email address/phone number/date of birth) to verify identity when someone calls Customer Support. Someone could pretend to be you, call Customer Support for a service you use, then leverage your public email address/phone number to "verify their identity" and make changes to your account and take it over. Here's an example:

@CrimeNicola @nicolatallantsw 🙀 - Eagerly awaiting this!

Available tomorrow on YouTube, Spotify, Apple and other podcast platforms.