Tim McGuffin
@NotMedic
Followers
6K
Following
53K
Media
1K
Statuses
10K
Back to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky
Joined February 2011
RT @uffeux: Hello friends. Check out this awesome and unique role that just opened up on my team in SEAR. Wanna secure Apple silicon, ROMs,….
jobs.apple.com
Apply for a Red Team Platform and Hardware Security Researcher job at Apple. Read about the role and find out if it’s right for you.
0
55
0
RT @RedTeamPT: 🚨 Our new blog post about Windows CVE-2025-33073 which we discovered is live:. 🪞 The Reflective Kerberos Relay Attack - Remo….
blog.redteam-pentesting.de
It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While...
0
178
0
RT @raikiasec: Alright everyone, it's up! I'm hiring an entry-level Associate Red Team Consultant on my team at Mandiant (part of Google Cl….
0
38
0
RT @SpecterOps: 🚨 New blog post alert!. @_xpn_ drops knowledge on LLM security w/ his latest post showing how attackers can by pass LLM WAF….
specterops.io
Meta's Prompt Guard 2 aims to prevent prompt injection. This post looks at how much knowledge of ML we need to be effective at testing these LLM WAFs.
0
47
0
If you're setting this up, the instructions are a bit unclear for the Azure side. You need 2 model deployments:.gpt-4o.text-embedding-ada-002.The deployment name should match the model name. I'm open to help if you have any questions.
Okay so this is HUGE - our amazing AI red team have open sourced their AI red team labs so you can set up your own training!. @ram_ssk.
1
4
26
HAD? .It’s still in use in most AD environments 23 years after it was superseded. 😂.
2002: DES was superseded by AES, after Rijndael beat 14 other designs in a competitive process to replace it. DES had a 25 year run.
3
10
50
RT @akamai_research: Today we unveil BadSuccessor - a new no-fix Active Directory privilege escalation technique. We will explore the rece….
0
179
0
In what feels like a few lifetimes ago, I got to shoot an @therejects concert at a college. huge stage presence, awesome crowd interactions, and an overall fun experience. I bet the energy on the House Party is AMAZING.
The All-American Rejects are ditching arenas for backyards. They’re doing a “House Party” tour, sign up on their IG and they might show up to throw a show in your city. 2005 is back
1
0
4
RT @0xTib3rius: Instead of tagging grok with "is this true?", we should just start tagging random people we follow.
0
28
0
It feels like a lot of the current LLM security issues could be mitigated with lessons learned from the networking world by separating the control plane from the data plane. So many issues are caused by mixing those two concepts into the same stream.
2
2
10
RT @JohnLaTwC: Come help me create mechanical advantage in defense. If you love threat hunting, learning from incidents, building new way….
0
27
0
I love this so much. "Export the consolidated policies into a JSON file (sawsage.json) to use it in the canteen ( and feed the hungry doggy (.". Beautiful Work!.
We are proud to introduce #dAWShund to the world: a framework for putting a leash on naughty AWS permissions. dAWShund helps blue and red teams find resources in #AWS, evaluate their access levels and visualize the relationships between them.
1
5
8
RT @sekurlsa_pw: 🟥💻 Handy source to check if and how your action or command will be detected with any of the 7500 rules in this detection r….
0
1
0