Stu @securitystu
Security Architect London, England Joined September 2017-
Tweets149
-
Followers33
-
Following373
-
Likes174
My next book is finally in early-access at @nostarch, with the goal for release at the end of 2023. More details are available at nostarch.com/windows-securi…
The on-going game of cat and mouse between features and security
The on-going game of cat and mouse between features and security
Token binding is a "game changer" for zero trust. Bearer token exportation is something I identified as a major impediment to ZT in my Blackhat talk in 2018. In 2023 we finally have tokens bound to the hardware in Windows (using a TPM and VBS of course)…
This is superb, although I’d like an ELK version too
This is superb, although I’d like an ELK version too
Neat AV evasion, reminds me of user mode debugging tricks. googleprojectzero.blogspot.com/2019/04/window…
Neat AV evasion, reminds me of user mode debugging tricks. googleprojectzero.blogspot.com/2019/04/window…
ICMP RCE! 😱 well, only if you have an application bound to a raw socket 😅 I wonder the number of apps out there using raw sockets, other thank nmap etc perhaps some games or real-time apps maybe? msrc.microsoft.com/update-guide/v… #CVE #msrc #CVE_2023_23425
An interesting ad on the way to the ExCel this morning for #BlackHatEurope.
*walks in to a pub* Me: Hi how are you? Barman: Not bad, I’ve got a cold though *proceeds to cough all over the bar* 🤧 Me: Ah that’s a shame, bye then!
Great community spirit in the #solderingskillsvillage and the #hardwarehackingvillage. Everyone helping each other out to get their projects done. #DEFCON
The A320 sim is flying, Otto the autopilot is on hand to assist. Come fly with us & learn about hacking electronic flight bags at @defcon @SecureAerospace
It’s hard to wrangle software to support multi-tenancy managed service environments when it wasn’t designed for this use case. Great presentation about managed PostgreSQL cross tenant vulnerabilities from @nirohfeld and @shirtamari #BlackHat2022 #BlackHat
Secure your hardware/software supply chain and protect your management interfaces. ‘Do not trust the ASA, Trojans!’ by @Junior_Baines demonstrates why very nicely. #BlackHat2022 #BlackHat
"Oh sweet, these IOCs are in a PDF!" exclaimed no one ever.
“Defaults are an attackers best friend” from @ErmeticSec talk ‘IAM the one that knocks’ at #blackhat2022. The balance between frictionless dev and security is tricky but defaults need work.
defcon.outel.org "The ONE!", a combined schedule of DEFCON villages, all speaking events @defcon plus more on one page, HTML, PDF, google calendar 41 villages, 773 events 777 speakers #defcon30 #defcon @girlshackvllg @DC_BHV @VillageIDIOTLab @toool @AppSec_Village
My favorite bug among the vulnerabilities I presented today! 😆 The original intent was to compare the password. However, the developer copy-and-pasted the code but forgot to replace the variable name. That leads to the Authentication Bypass on IIS.
My take away from @C_C_Krebs Keynote: We need to sell our industry to new talent to help fix the skills shortfall. Cyber security is fun, lucrative, durable, interesting and has an important mission. Also “Don’t work for an arsehole” #blackhat
My take on @rubin_mor AAD lateral movement talk. NegoEx (docs.microsoft.com/en-us/openspec…) offers a new lateral movement technique for AAD joined machines. Mitigation: SMB signing! Excellent from Mor here: medium.com/@mor2464/azure…. Great tools also released including Wireshark dissector.
Bold infosec marketing optimism. Nice transformer-esque owl though. #blackhat
Make money easily @fg7Y4CeZ26f0soT
11 Followers 578 Following MEXC focuses on financial management, stocks, cryptocurrencies, digital assets and investments. Currently, new users can get free dollars when they sign up.
PortcullisLabs @portcullislabs
2K Followers 4K Following Portcullis Labs is the R&D arm of @cisco's Security Advisory team in EMEA. Follow our journey at https://t.co/BIbV67locX.
Matthew English @Matt_REnglish
4 Followers 75 Following
Prudhvi Sai @b9158fc85eae44c
27 Followers 375 Following
SocIalGuy @SociaIGuy
0 Followers 17 Following
Michæl Brunton-Spall @bruntonspall
3K Followers 332 Following Civil Servant, Troublemaker at large, Security Wonk, Author, Speaker, Father, Geek and Nerd. at-Bruntonspall at all good systems
Tal Maor @talthemaor
1K Followers 425 Following Security Researcher @Microsoft #MicrosoftThreatIntelligence Tweets are my own personal opinion.
DevOcean Security @devOcean_Sec
85 Followers 858 Following #SecOps platform for #cloudnative applications. Get control & multi-layer visibility into your cloud apps' security stack from a single pane of glass.
Thomas Skjortan O @skjortan
602 Followers 472 Following Hacking, web3, privacy, ml/ai Sec-int https://t.co/FJWOPujsWQ founder and Justified and ancient software developer of MuMu CTO @gofyeo
Black Hat USA Parties @BHUSAParties
338 Followers 639 Following Unofficial listing of Black Hat Conference & Vendor Parties. Not affiliated with Black Hat. Serverless build by @sheffus on @AWScloud. https://t.co/Tnvi6voFot
Adam Fowler 🇬🇧�... @adamfowleruk
943 Followers 1K Following Founder @bilberrysw - We solve knotty problems. Basher of Bluetooth @HeraldProximity . @PSIOxford DPhil Clinical Medicine Student. Opinions my own.
Penny MacNeil @pennymacneil
258 Followers 180 Following
Roppers @RoppersAcademy
3K Followers 2K Following We teach free computing and security courses with the goal of introducing as many beginners to Capture the Flag competitions as we can.
Jake Moore @JakeMooreUK
7K Followers 5K Following Global Cybersecurity Advisor at ESET | Former Police Head of Digital Forensics / Cybercrime Officer. Passion for tech, AI, the sea and Dorset
Sheepy Meh @sheepymeh
6 Followers 477 Following
Platform Security Sum... @platformsec
980 Followers 4K Following Conference on composable software supply chain integrity and hardware-assisted platform security, with OpenEmbedded, OpenXT and other ecosystems
LP @jotunvillur
3K Followers 1K Following #SecKC | #FSD 🦆 | Not @jfug_ | Hunt, CTI, SecOps | Ultrarunning and powerlfiting | tweets != employers
Yubico | #YubiKey @Yubico
40K Followers 4K Following Creator of the #YubiKey and big fans of multi-factor authentication. Join us on our mission to make secure login easy and available for everyone!
Tash Norris @TashJNorris
4K Followers 3K Following Head of Cyber Security. Threat Modeler. Cloudy things. Drawer of graphs. Radical optimist. Netball. Malbec. Fat dog owner. #BlueTeam #viewsmyown
Shuan_X @shuan_x
3 Followers 132 Following
Corelight @corelight_inc
4K Followers 616 Following Corelight transforms network and cloud activity into evidence so that data-first defenders can stay ahead of ever-changing attacks.
Glenn Ambler @gambler2073
647 Followers 2K Following @2TSecurity | Architect | Security | All things tech | M0LRV | Views are my own
cefyn arch @cefynarch
17 Followers 487 Following
Tradecraft @tradecraftsec
347 Followers 308 Following Security consultancy specialising in attack. Your friendly neighbourhood hackers. https://t.co/J7w1e2Leqj #RedTeam #AdversarySim
Threat Protect @CybersecurityTP
892 Followers 2K Following Enabling organisations to work with confidence by providing tailored, cost-optimised IT and security solutions
Cyber Ty @CyberTylerSH
109 Followers 348 Following Let's be PROACTIVE, not REACTIVE. A very nice chap and dabble at placing professional Cyber professionals: [email protected]
Intaso - Cyber Securi... @IntasoCyber
1K Followers 4K Following Not your stereotypical cyber/infosec recruiters...Get in touch for market trends, new opportunities or confidential career advice [email protected]
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
SighBearUK @SighBearUK
237 Followers 732 Following Are you a UK Bear suffering sadness, tiredness, or gained relief or if you like good Cyber then follow the Bear #CyberEducationForFree @SighBearUK
dragosr @dragosr
24K Followers 9K Following Stop, Think, Pwn! (see also @[email protected], https://t.co/BjclXYWQ9R for alternate)
Nicole Beckwith @NicoleBeckwith
42K Followers 7K Following Director, Security Operations @kroger 🍓 Intel, Hunting, IR, Detection Engineering, Insider Risk, Fraud & Forensics 💻 Fmr LE & DFIR for OH & Secret Service TF.
Andrew Morris (afk) @Andrew___Morris
21K Followers 3K Following 🔳 Internet listener. Founder/Chief Architect of GreyNoise Intelligence (@GreyNoiseIO)
Hussein Daher @HusseiN98D
49K Followers 197 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 21th/270000 BugCrowd Hacking Platform
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Roberto Rodriguez �... @Cyb3rWard0g
26K Followers 628 Following AI Security Researcher @nvidia | Prev: @Microsoft | Founder of the @OTR_Community
Nate Guagenti @neu5ron
3K Followers 1K Following
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
The Art of Network En... @artofneteng
19K Followers 1K Following A podcast for Network Engineers by Network Engineers! Cohost @andylapteff #aone #neteng #IAATJ
TracketPacer @TracketPacer
58K Followers 396 Following 🚀 rockit network engineer 👩🏼💻🛜 weird use cases & silly tech | find me on a platform not run by a nazi 👋🏼
John Kindervag @Kindervag
8K Followers 6K Following Creator of Zero Trust. Chief Evangelist at Illumio. Former SVP at ON2IT. Former Field CTO at Palo Alto Networks. Former Forrester analyst.
The Azure Security Po... @AzureSecPod
2K Followers 31 Following Your twice-monthly Azure Security podcast. News and security chats with special guests. Hosted by @marksimos, @_sarahyo, @michael_howard and @Cyber_batgirl.
Nino @ninocass
255 Followers 219 Following Service delivery lead at @PenTestPartners, tasked with designing, implementing and supporting; Pen Testing, Consulting, DFIR and ICS services.
Nuria Lago @enelago
4K Followers 353 Following STEM. IoT. Linux. Infosec. Security Architecture. Woman. CISO. I want to change the world but I can not find the exploit. Shall we dance?
The Cultural Tutor @culturaltutor
1.7M Followers 69 Following I've written a book, and you can get it here:
Dan Underwood @DanCUnderwood
492 Followers 2K Following Security Engineering @ , Ex-UK Gov. [email protected] (he/him)
Hadley Beeman @hadleybeeman
14K Followers 7K Following Architect for #openstandards & the Web. Tech policy. Co-founder @300_Seconds. Data&security geek. Active in NHS, UK gov & W3C. @[email protected]
Cyber Statecraft @CyberStatecraft
9K Followers 171 Following Official account of the @AtlanticCouncil's Cyber Statecraft Initiative. Working at the nexus of geopolitics & nat sec with cyber. RT≠Endorsement
Alastair MacGibbon @macgibbon
8K Followers 484 Following Chief Strategy Officer, CyberCX. Former National Cyber Security Adviser & Head of Australian Cyber Security Centre.
Sarah Armstrong-Smith @SarahASmith75
5K Followers 2K Following Microsoft Chief Security Advisor, Keynote Speaker, Best Selling Author, Lover of Doggos. Eternal Optimist! Aston Baby. All views my own 🇬🇧
Marc Rogers @marcwrogers
17K Followers 1K Following Ramblings of Mad Englishman: Hacker @ BBC Real Hustle & Mr Robot. Head of Sec @ DEFCON. Founder @ CTI-League, Ransomware Taskforce, (He/Him).
Philip Ingram MBE �... @PhilipIngMBE
18K Followers 10K Following Presenter, Ex Mil spook & planner, specialised in taking over countries (tongue in cheek), writer & broadcaster -novelist - PTSD & Cancer survivor
Cloud Village @cloudvillage_dc
6K Followers 24 Following Cloud Village is an open space to meet folks interested in offensive and defensive aspects of cloud security.
Oleg Kutkov 🇺🇦 @olegkutkov
14K Followers 277 Following Electronics engineering, Software development, Radio, Embedded, Hacking. Starlink hacking and fixing. Born and raised in Crimea, Ukraine. Currently in Kyiv.
Chris Inglis @ncdinglis
9K Followers 31 Following National Cyber Director. Principal adviser to the President on cyber policy and strategy.
Azeria @Fox0x01
122K Followers 597 Following Sneaky bit flipper | CEO @azeria_labs | Author of “Arm Assembly Internals & RE” @BlueFoxBook | Adjunct Professor @SAISHopkins | Forbes 30u30
wytshadow @theDarracott
985 Followers 1K Following Wireless hacker and tinkerer of things. I break EULAs and void warranties. Winner DEFCON 29, 30, 31 and 32 RFCTF. CVE-2020-28251
RF Hackers Sanctuary @rfhackers
10K Followers 151 Following The Radio Frequency Village Team from all your favorite hacker cons. Discord link on our website.
Tal Maor @talthemaor
1K Followers 425 Following Security Researcher @Microsoft #MicrosoftThreatIntelligence Tweets are my own personal opinion.
Ænna Westelius @bubblewire
12K Followers 1K Following Director of Security @ Netflix | Chaotic Good | tweets are my own | https://t.co/mEdXg4AhiX
[email protected]... @0xdea
14K Followers 19 Following When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Adam Chester 🏴�... @_xpn_
36K Followers 498 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Alex @alexlomas
1K Followers 266 Following
ARCHIVED: Jen Easterl... @CISAJen
63K Followers 49 Following Archived: Director, CISA—America’s Cyber Defense Agency. Combat Veteran. Proud Mom. Rubik’s Cuber. Aspiring Electric 🎸. ❤️/RT ≠ endorsement
Shannon Morse @Snubs
74K Followers 1K Following Content Creator 📸 Owner @ Morse Code Creative Also @SailorSnubs 🔗 https://t.co/8H10rZ0vqO https://t.co/sf2HG0kaxl 🧵 https://t.co/ArXgfnP1eF 🦋
Ken Munro @TheKenMunroShow
10K Followers 296 Following Car hacker, IoT destroyer, sock purveyor, EV bore
Sarah Young @_sarahyo
10K Followers 1K Following Security & AI stuff @microsoft | Co-host of @AzureSecPod | Mother of shibes | Mostly dogs, carbs & security posts | Opinions mine
Hack-A-Sat @hack_a_sat
9K Followers 2K Following The world’s first #CTF competition in space... https://t.co/ewDBh1jVcJ
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Nir Ohfeld @nirohfeld
4K Followers 842 Following Head of Vulnerability Research @wiz_io | @Microsoft MVR (2021-2025) | Pwn2Own 2025 | @Forbes 30 Under 30
丂卄ㄖᗪ卂几 - ... @therealshodan
5K Followers 440 Following Microsoft Threat Intelligence Centre, deaf, BSL https://t.co/ZaRUlLAHgkTrends for United States
You might like
