Michel de CREVOISIER
@mdecrevoisierSenior Security Analyst / Threat detection lead
Similar User
@elasticseclabs
@CraigHRowland
@olafhartong
@SecHubb
@ForensicITGuy
@Wietze
@SOC_Prime
@threatinsight
@Cyb3rMonk
@decoder_it
@rootsecdev
@ionstorm
@k3dg3
@BlackMatter23
@NathanMcNulty
So what happens if you buy us-east-1.com? Answer: You get DNS traffic from misconfigured services And emails from likely AWS test environments dev.to/aws-builders/i…
Chinese hackers exploit Fortinet VPN zero-day to steal credentials - @billtoulas bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk hackread.com/cybersecurity-…
RustiveDump: dump the memory of the lsass.exe process meterpreter.org/rustivedump-du…
Veeam Backup & Replication exploit reused in new Frag ransomware attack securityaffairs.com/170717/malware…
Automate on-premises Windows Server from the cloud using Azure Arc thomasmaurer.ch/2024/04/automa…
Two-Step Phishing Technique Leveraging Microsoft Visio Files Exposed by Researchers securityonline.info/two-step-phish…
My friend Arnim created a Top 50 vendor list from @CISAgov’s KEV list with filter on CVE-202* 148 Microsoft 63 Apple 50 Google ** 25 Cisco** ** 21 Ivanti** 20 Apache 19 VMware 12 Oracle 12 Adobe 11 Samsung 11 Android ** 10…
I’d love to see @CISAgov publish a ‘Top 10 Vendors’ list for releasing products with serious, frequently exploited vulnerabilities (CVSS > 8.5). It’d be a data-driven ‘wall of shame’ based on their exploited vulnerability reports. If they won’t do it, I might. And if a vendor…
🇩🇪 Vodafone Germany - eSIM Panel Access Leak Access to Vodafone Germany's eSIM management panel has been leaked and is circulating on the dark web. This exposure could allow unauthorized parties to manipulate eSIM configurations, posing risks of fraud, data theft, and…
🛡️ New Blog: UAL = Unaligned Activity Logs In this blog, four different Unified Audit Log acquisition methods are compared. The key finding is: - None of the acquisition methods get 100% coverage Many more findings are included in the blog! 🔗 kqlquery.com/posts/ual/
Process injection isn't just for Windows. 👀 Akamai researcher @oridavid123 provides a deep dive into Linux process injection techniques in our most recent publication. Read to uncover some new tricks and protections for your organization. 🔐 akamai.com/blog/security-…
Citrix RCE en EoP overview Blog post: labs.watchtowr.com/visionaries-at… PoC: github.com/watchtowrlabs/… Citrix support article: support.citrix.com/s/article/CTX6… Credits: @watchtowrcyber @SinSinology
Don't fall into the trap of misattributing threat actors by pivoting on Parking IPs. Props to Qianxin for spotting this.
🔥 Excited to announce HEARTH (Hunting Exchange And Research Threat Hub)! Hey thrunters! A new open-source home to: - Share hunt ideas - Learn from others - Level up together Built by hunters, for hunters 🎯 threathuntingcommunity.com #threathunting #thrunting #infosec #HEARTH
Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools - @serghei bleepingcomputer.com/news/microsoft…">bleepingcomputer.com/news/microsoft… bleepingcomputer.com/news/microsoft…">bleepingcomputer.com/news/microsoft…
How can attackers escalate privileges in #Microsoft Entra ID? The #Mandiant Red Team reveals tactics and defenses in this latest blog post. See how attackers exploit Intune-managed PAWs to elevate privileges in #EntraID → bit.ly/3YZECzw
Collection of commands that will help automate the configuration of the Defender for Endpoint settings github.com/nathanmcnulty/… #MicrosoftDefender #Security #MicrosoftSecurity #Cybersecurity #DefenderXDR #MicrosoftThreatIntelligence
GitHub - cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. github.com/cisagov/decider
Amazon confirms employee data breach after vendor hack - @serghei bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
United States Trends
- 1. Joe Douglas 6.882 posts
- 2. Maxey 9.191 posts
- 3. Jaguar 33,7 B posts
- 4. Embiid 17,5 B posts
- 5. Rodgers 10,3 B posts
- 6. #OnlyKash 10,7 B posts
- 7. Woody 13,7 B posts
- 8. Russia 924 B posts
- 9. $CUTO 8.219 posts
- 10. Nancy Mace 45,6 B posts
- 11. Ukraine 993 B posts
- 12. #HMGxCODsweeps N/A
- 13. WWIII 163 B posts
- 14. Merchan 22,2 B posts
- 15. Sony 69,8 B posts
- 16. Hacker 23,9 B posts
- 17. The Jets 26,4 B posts
- 18. SPLC 17,5 B posts
- 19. #InternationalMensDay 82,8 B posts
- 20. Sarah McBride 43,9 B posts
Who to follow
-
Elastic Security Labs
@elasticseclabs -
Craig Rowland - Agentless Linux Security
@CraigHRowland -
Olaf Hartong
@olafhartong -
John Hubbard
@SecHubb -
Tony Lambert
@ForensicITGuy -
Wietze
@Wietze -
SOC Prime
@SOC_Prime -
Threat Insight
@threatinsight -
Mehmet Ergene
@Cyb3rMonk -
ap
@decoder_it -
rootsecdev
@rootsecdev -
ɯɹoʇsuoı
@ionstorm -
Kelsey
@k3dg3 -
Vadim Khrykov
@BlackMatter23 -
Nathan McNulty
@NathanMcNulty
Something went wrong.
Something went wrong.