Happy to introduce "Pivot Atlas", a digital pivoting handbook for cyber threat intel analysts. I've been working on this as a personal project with the goal of graphing the "pivotability" of threat intel artifacts and providing real-world examples and reference material. (1/2)🧵

Very curious to see how this plays out but I'm optimistic - while there's a risk of media overhyping early disclosures ("There's an iOS 0day but you'll need to wait 90 days to be protected!!111"), ZDI has had a similar policy for a while now and it's been fine.

RT @galnagli: I hacked a popular vibe coding platform with a simple, straight-forward logic flaw - allowing access to private applications….

Check out @merav_br's great in-depth writeup on TraderTraitor's tradecraft (traitcraft?) and history of operations:.

RT @wiz_io: 🚨 New research: A cryptomining campaign is hijacking exposed PostgreSQL, hiding payloads in fake 404 pages, and abusing legit i….

RT @leak_ix: Just a heads-up, attackers found a way to leak information, including keys entirely from memory. Checking for "the file" is no….

RT @cloudvillage_dc: ⚡️Excited to have @AminovDanielle & Yaara Shrike at Cloud Village @DEFCON 33 presenting:.“Auths Gone Wild: When ‘Authe….

RT @adnanthekhan:

RT @wiz_io: 🚨 Research update: #ToolShell is back, and it just leveled up. Two new vulnerabilities in Microsoft SharePoint Server, CVE-202….

RT @nirohfeld: We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part?.The exploit is just th….

RT @wiz_io: 💡 Eden hosts @sherrod_im, @IssaUrbanGirl & @41thexplorer . Cloud chaos, career confessions & the future of cybersecurity. This….

RT @sweetdelightss: I love when people share their screen. You instantly have all my attention. How many tabs are open?.What’s the icon si….

RT @wiz_io: 🎙️ Scattered Spider's new target? Airlines. Eden & @AmitaiCo break down the latest in the cloud >> .1. Help desk hacks .2. AI'….

RT @wiz_io: 🚨 New vulnerabilities in #NetScaler (incl. a 0-day) are now exploited in the wild. 2 enable admin access via session theft. 3.5….

RT @Horizon3Attack: Indicators of Compromise:.🔹 Depending on logging configurations, log entries in ns.log with non-printable characters ar….

RT @wiz_io: 🚨 Wiz spotted a JDWP RCE attack deploying a stealthy cryptominer within hours. Custom XMRig, no CLI flags, deep persistence. D….

RT @AwsSecDigest: Tracking Cloud-Fluent Threat Actors – Part Two: Behavioral Cloud IOCs.By Merav Bar & Gili Tikochinski. Sophisticated atta….

RT @nirohfeld: Something I’m incredibly proud of is finally live. We've launched the Cloud Security Championship: a 12-month series of dee….

RT @wiz_io: 🎙️ New drop: @DavidJBianco joins Crying Out Cloud to talk threat hunting, the Pyramid of Pain, and more. Don't miss this cyb….

RT @merav_br: Check out Gili and my BSidesSF talk before Taylor’s team takes it down for copyright infringement (which would be an honor) ✨….

Check out @AminovDanielle and @GiliTikochinki's recent talk at @DistrictCon about exploitation in the wild of application misconfigurations - this category of risk is well known to threat actors but often ignored by defenders: