I can finally release my work on Amazon Cognito Ratelimit Bypassing as the fix is now globally deployed. Huge shoutout to James Kettle who discovered this attack vector and made the info public. Let me know what you think in the comments.

RT @CICADA8Research: Hi friends, Recently @mansk1es presented his research about LPE in AnyDesk (CVE-2024-12754). Our team developed a POC…

@mame82 Because sometimes you maybe want to have a bad ass looking display mini or just don’t have time to paint a whole army.

@mame82 The most satisfying part of it all

RT @ShitSecure: Tired of using ts::multirdp, because Mimikatz is a nogo nowadays and get's flagged anyway most of the time? 🧐 Well, here i…

@ShitSecure Uh this is nice indeed. Thanks

@troyhunt @UKThermomix @ThermomixUSA @thermomixaus PN

@SeenTomaz @ADAllTheTime will then probably also need to test it

RT @Dinosn: CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution

RT @watchtowrcyber: 8 million requests, $400 later - we’re back. 🚀 We have demonstrated supply chain attacks that could have allowed us t…

RT @reprise_99: A little while ago I wrote a long piece detailing some of the issues we commonly find in Active Directory during compromise…

RT @cyb3rops: I spent a few days gathering ideas for this year’s blog posts on trends in the threat landscape - hope you’ll like it ⚡️ Cyb…

My colleague just publicly released a tool he was working on for the last 3 years aimed at providing deep insights in your user landscape in hybrid MS environments with a special focus on security related info and tasks. You can find msuserstats here:

Small helper to check Exchange Version, Releasedate and NTLM auth realm:

@dasgrog @techspence Because humans choose them.

RT @techspence: 🙌💪 wicked awesome. The amount of service accounts I’ve cracked because of weak password is ridiculous and is completely sol…

@techspence This sounds interesting. Will dive in tomorrow. Any first hand experience already?

RT @_EthicalChaos_: dMSA support has just landed into Rubeus thanks to @JoeDibley2. I also have it on good authority that there might be a…

RT @etguenni: Schwachstelle in TeamViewer - sollte umgehend gepatcht werden

RT @egre55: We're running a FREE hands-on cloud security workshop "Intro to Purple Teaming Azure", covering: - Introduction to Azure, M365…