Discover and read the best of Twitter Threads about #hackers

Most recents (24)

Fellow tweeps, you might not be as safe as you had thought. Yeah, #Twitter might be posing some risks to you. ⚠👀

In this thread, I’ve compiled some security checks you SHOULD do on your @Twitter account.

You don’t want to read it? As you wish. 🧵🏌️‍♂️ Image
Oh, well, I guess you decided to read it anyway. That’s so thoughtful of you, and while we’re at it, I’ll appreciate and urge you to follow me. I provide exquisite contents that’ll interest you. 💯

For the taking, this thread is not about the internal vulnerabilities of Twitter;
I mean those private data leaks, account hacks, internal errors, and whatnot; no, it ain’t about all that. ❌👎

But you see those access and authorizations you give to external apps and sites via the Application Programming Interface (#API), they’re toast, man. 😂
Read 25 tweets
⚠️ A browser extension is always a double-edged sword.

In general, there isn't much to disagree with in what @panosmek has written in this fantastic thread, but here are few additional thoughts:

🧵👇 [1/13]
[2/13] Browser extensions in and of themselves can easily be the source of #exploits.

So, rather than securing your #browser session, increasing your #privacy, or acting as a warning tool before signing transactions, it may turn out to be your worst enemy.
[3/13] — Attack Vectors —

🧐 There are merely two malicious concepts that will be exploited by #hackers to harm you while using #browser extensions:

🔸 Supply-Chain attack
🔸 Man-in-the-middle attack
Read 14 tweets
My recent #aws threads always startet with creds, but how to get these creds will be the topic over the next days.
#hacking #recon #cloud

Lets start here:
Definitions first:
#aws creds: classic name and passwords e.g for IAM, or aws access and secret keys
Outside: no creds, and no connections in any way to the org and its aws cloud to be tested
Interaction Point: Any potential point, application ressource, system, vulnerabilty etc, where there is a pawsibilty to gain #aws creds, can be a lot of things

lets do outside first: #hackers are cold, let them in.
Read 13 tweets
1/ #Ukraine #Sudan #Denmark #hackers #Quran #aviation

Russian KILLNET Hackers target Danish airports

Quote: Our friends from Sudan carried out attacks on the infrastructure of Danish airports due to the burning of the Koran:
2/ 🔴 | Copenhagen Airport…

🔴 | Aalborg Airport…

🔴 | Vesthimmerland Airport…
Read 6 tweets
1/ #Ukraine #RussiaUkraineWar #hackers

Russian KILLNET Hackers target Italy

Quote: Italy will supply Ukraine with the sixth military aid package, which will include three types of air defense systems.
2/ As the Prime Minister of Italy said during a press conference in Kyiv, we are talking about the SAMP-T, Skyguard complexes, as well as the Spike anti-tank systems.
3/ 🔻Website of the Italian Carabinieri (one of the military formations subordinate to the Ministry of Defense):…

🔻Website of the largest banking group BPER Banca - now the portal works only for Italian visitors:…
Read 4 tweets
1/ #Ukraine #Russia #Hackers

Russian KILLNET Hackers target France & Italy

Quote: 👩‍💻In the meantime, we are going to hit pindostan!

🇨🇵France will hand over AMX-10 RC light wheeled tanks to Ukraine at the end of next week, said French Minister of the Armed Forces Lecornu.
2/ 🔻French National Gendarmerie website:…

🔻The site of the French defense company Naval Group, which builds warships:…

🔻Website of the National Institute of Labour, Employment and Vocational Training:…
3/ 🇮🇹On February 21, the Prime Minister of Italy will rush to Kyiv to discuss the sixth package of military assistance to Bandera with the still President of Ukraine Zelensky.

🔻Italian Ministry of Defense website:…
Read 4 tweets
3 Ways to hide your private IP address from Hackers in 2023.

A thread 🧵
Internet Protocol (IP) is essentially the system that enables data to move across the internet. IP is an address given to a specific device that is connected to the internet.
Every single device that is connected to the internet, whether it’s a desktop computer, smartphone, laptop, or tablet, has a unique IP address.
Read 6 tweets
President #Biden ignores question on why #classified documents were found at his think tank | Jan 10
- the classified documents that were found at the #PennBidenCenter for Diplomacy and Global Engagement in #Washington, D.C.…
'Storm Joe #Biden's homes', #Trump tells #FBI after classified documents found in private office | Jan 10
- "When is the FBI going to #raid the many homes of Joe Biden, perhaps even the #WhiteHouse? These documents were definitely not declassified."…
#Trump Wildly Speculates #Biden Gave #Classified Docs to #China Before Adding Denial No One Asked For: 'I Certainly Wouldn't Do That' | Jan 10
- #Not a good situation for our Country to be in!”
Read 104 tweets
Je viens de recevoir un email de la Quadrature qui ne nous apporte pas de bonnes nouvelles si vous pratiquez l'#activisme ou le #hacking. Je trouve important de partager ça avec vous. #thread
La LOPMI pose de nombreux problèmes pour les libertés fondamentales au niveau du numérique. Des députés de la majorité (les filous) ont profité de cette loi pour renforcer la répression du piratage informatique et des atteintes aux systèmes de traitement automatisés de données.
Les articles qu'ils ont proposé n'ont pas été discutés au Sénat et très peu à l'Assemblée. Par contre, ils ont été validés dans le texte. Les conséquences pour l'image du hacking (au sens noble) et la répression de pratiques annexes peu problématiques sont graves. #hacking
Read 6 tweets
At #IWCON2022, we have 15+ amazing #cybersecurity speakers from around the world 🌍

To share unique methods and findings with y’all 😍🙌

Get ready with your questions. Our experts will answer you live 🔥

Book your ticket:

Meet our speakers 🧵👇 Image
#1 Gabrielle Hempel @gabsmashh, #security engineer @Netwitness 🥳

Her topic: #Threat hunting in #cloud environments 🌩️

Time: 17th Dec, 7:30 pm IST

Want to attend this talk? 😍

Book your ticket here:

#cloudhunting #threathunting Image
#2 Luke Stephens @hakluke, founder of @haksecio 🔥

His topic: How I used #recon techniques to identify a prolific #scammer 👊

Time: 17th Dec, 6:30 pm IST ❤️

Don't wanna miss it?

Register today:

#infosec #hacking #hackingthehacker Image
Read 18 tweets
#IWCON2022 — The much-awaited virtual #Infosec conference is happening in a month 😍🙌

We have expert talks covering NINE major #security verticals🔥🔥

Join us & learn new skills before 2022 ends: 👊

Here are the session topics 🧵👇 Image
#1 Cloud Security:

1. #Threat #hunting in cloud environments by @gabsmashh (#security engineer @Netwitness)

2. #Hacking #cloud: for fun and profit by Dhiyaneshwaran B (#AppSec #researcher at @pdiscoveryio)
#2 Bug Bounty:

1. My approach to accessing #admin panels by @hunter0x7 (admin pwner)

2. Reading #RFCs for #hacking by @securinti (head of #hackers @intigriti)
Read 12 tweets
1) Continuing from where we left off yesterday, we were to look into how Shyft Discover solves the VASP discovery, AKA address attribution issue.

But before we do that, there's something we must first understand: "Attestations"

It is a key functionality of Shyft Network. 💡 Image
2) So today, we will cover attestations, but only the basics, leaving meaty details for later.

What VASP stands for, though?

VASP = Virtual Asset Service Provider, which basically means a crypto-related business.

Let's begin now! Shall we?
3) Attestations enable VASPs to share user data along with transactions while keeping user data confidential. 

And it does so by encrypting user data.

(Note: Under the FATF Travel Rule, it is mandatory for VASPs to share user data along with crypto transactions)
Read 7 tweets
#Binance est propulsé sur le devant de la scène depuis plusieurs semaines 🎤

Comment son fondateur, CZ, a fondé l’exchange #crypto le plus profitable sur terre gérant plus de $100 Milliards par jours ? 🤯

Un thread court pour tout comprendre (et en apprendre!)🧵👇 Image
[0 - 15] Si vous êtes plus blog, retrouvez cet article en version longue sur mon Medium !…

Le même contenu suit ci-dessous 👇
[1 - 15] Une Main de Maître 🤝

Changpeng Zhao est né en Chine 🇨🇳 et a ensuite déménagé au Canada 🇨🇦. Il vit aujourd'hui à Singapour 🇸🇬

Au 1er Mai 2022, sa fortune est estimée à 65 Milliard de dollars, ce qui le rend plus grand #milliardaire #crypto 🤑 Image
Read 17 tweets
#URGENTE | El colectivo de #hackers #black_reward ha liberado toda la información hackeada a Irán sobre su programa nuclear. Esta información ya está siendo descargada y analizada globalmente.
En Argentina, hay rumores sobre preocupación en el gobierno por sus vínculos con Irán.
Esta es el mensaje que publicó el colectivo #black_reward dando cuenta de la expiración del tiempo que le ofreció al gobierno iraní para que deposite USD 100 M en bitcoins.
Disponible en canales usuales de deepweb y Telegram la información revelada sobre el plan nuclear persa.
Ya comienzan a aparecer las primeras imágenes y datos sobre la filtración de #black_reward sobre el plan nuclear iraní.
Argentina aparece mencionada más de 400 veces...
Read 4 tweets

#GR15 has already begun, the biggest funding event in #web3, GR15 runs until Sept 22
We support the projects we love and help to build and shape web3/if you haven't been following here is PART1

🧵🕵️⚡️ Image

#JediSwap is a fully composable and #permissionless #AMM that enables users to #swap assets and earn #yields on their assets instantly in a #gasless manner.

JediSwap is built on #StarkNet and is an entirely community-driven project. Image

ENS.Vision is a page, where you can bulk search and bulk register ENS #domain names. Our page provides a free, simple-to-use interface to find domains.

Their next goal is to create an exclusive #marketplace for #ENS
Read 12 tweets
[1/5] A small thread.
#nuclei is a really nice and fast scanner by @pdnuclei that is also popular with #bugbounty #hackers.
Being so fast out of box, quite often it can overwhelm the target server(s).
Here are couple of tips on how to improve your #nuclei scanning results:
[2/5] The -rl flag defines the number of requests per second, and it is set to 150 by default.
This can be too much for some sites so drop it down to about 50 (or even less if you fear WAF/IPS blocking you) which should not be too much.
[3/5] The -c flag defines the number of templates to run in parallel. In my tests this didn't affect the results a lot until I dropped it to a very low value such as 1 or 2.

Disable the interactsh server if you do not need it with -ni
This will remove OAST tests.
Read 5 tweets
Les #deepfakes sont de + en + faciles à utiliser, et les #cyber criminels ne s'en privent pas. Petit tour d'horizons des risques, et quelques conseils pour les repérer dans ce thread ! 🧵(1/12) Image
Les démos de #deepfake de "simples" internautes font dire à certains que "l'on ne peut plus croire en rien". 👊Nous verrons à la fin de ce thread pourquoi il ne faut pas baisser les bras si vite... 🧵(2/12)
Pourtant, les arnaques au #deepfake explosent et le #FBI alerte sur la recrudescence de faux candidats usurpant l'identité de vrais profils intéressants pour l'employeur lors d'entretiens en #visio
🧵(3/12) Image
Read 13 tweets
Since your malicious cyberattack timelines matched cybersecurity’s research to strengthen security for years and now, you hack alone but with a cooperative goal to damage national security. Which Advanced Persistent Threats group/s #APTs are you in, #Animez_UK? Image
Converting traditional crime to cyber-enabled crime and becomes a malicious attacker against the UK, for

1- financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the UKGOV.

#Animez_UK ImageImage
1st stage- early life:
-Experienced #exclusion/#discrimination.
-Didn’t learn to communicate with #women.
-favours #authoritarianism.
-enjoys #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.

#Animez_UK ImageImage
Read 214 tweets
[THREAD] Les différentes arnaques qui tournent sur #Twitter et comment les éviter.

Les derniers mois, de plus en plus d'arnaqueurs, ont recours à Twitter pour mener à bien leurs arnaques. Leur objectif est simple : dérober vos #cryptomonnaies et #NFT.

Voyons cela ensemble 🧵 Image
Nous allons aborder le sujet en 4 parties :
1. Arnaques visant les serveurs #Discords
2. Arnaque aux faux fichiers #PDF
3. Arnaque du "wallet étudiant"
4. Comment se prémunir face à ces arnaques
1⃣ Arnaques visant les serveurs #Discord

De nombreux projets utilisent Discord comme outil de communication entre les équipes de développeurs et la communauté. Ainsi, cela fait de ces serveurs des cibles privilégiées pour les arnaqueurs.
Read 17 tweets
Having fun with cyberstalking #UKGOV, attacking organisations, universities & individuals connected to the justice system, UK #military against #NCSC, treating #intelligence & #GCHQ as jokes to your 15- 20 yrs malicious #hacking for #China & #Russia inside #Britain, @Animez_UK?01
Converting #traditional crime to cyber-enabled crime and becomes a malicious #cyberattacker against the UK, for

1- #financial income,
2- #sexual desire and #harassment with #pornography sent to #women,
3- attacks for #politics against the #UKGOV.

@Animez_UK @NCSC

02 Image
1st stage- early life:
-Experienced #exclusion/#discrimination.
-Didn’t learned to communicate with #women.
-favours #authoritarianism.
-enjoys to #control targeted women & whom against his will.
- Expresses hidden #hatred & #violence on through cyberattacks.

@Animez_UK @NCSC Image
Read 188 tweets
Starting a new Rus - Ukr thread

Last one ended here
No major movements on the map since my last update.
The only notable news is the reported entrance of Rus forces in Vovcherovka, 7 - 8 km south of #Lisichansk
The photos are reportedly from there but it's not known currently whether it's cleared completely ImageImageImageImage
Another interesting detail is that 2 small settlements Sinetski & Pavlograd (just across the river from #Lisichansk) are in the gray zone on the map.
The Rus probably haven't entered them likely due to being exposed to Ukr fire from the other bank Image
Read 142 tweets
- Un système de stockage moléculaire de l'énergie solaire permettant une restitution sous forme d'électricité ... beau potentiel
- #PaLM le nouveau modèle d' #IA de #Google : expliquer des blagues, corriger du code informatique… rien ne lui résiste. Derrière ces perf. : 540 Mds de paramètres et 9M$ pour l'entrainement…
Read 7 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!