Joel Oliva

@master_vim

Alumnus, Carnegie Mellon University Information Security Policy and Management (MSISPM) - Cybersecurity Specialist

Joined April 2014

135Posts 57Followers 404Following

You might like

@OchoCR401

@techn00bguy

@F4Tt0Um

@ne0x01

Pinned

Joel Oliva

@master_vim

Aug 26, 2020

Just got my Pwnagotchi up and running for the first time! I am so excited to take Lil'Pwn out into the world and feed him regularly! #Pwnagotchi #wifi #handshakes #pcap #hackers #Hacked #raspberrypi4

master_vim's tweet image. Just got my Pwnagotchi up and running for the first time! I am so excited to take Lil'Pwn out into the world and feed him regularly!
#Pwnagotchi #wifi #handshakes #pcap #hackers #Hacked #raspberrypi4

Joel Oliva reposted

Defused

@DefusedCyber

Oct 21

Actor exploiting CVE-2023-46747 (F5 BIG-IP Auth Bypass Vuln ) from 195.248.71.38 🇷🇺 ( LLC Melt-internet ) VirusTotal Detections 0/95 🟢 Actor attempts to create a new admin user with full permissions

DefusedCyber's tweet image. Actor exploiting CVE-2023-46747 (F5 BIG-IP Auth Bypass Vuln ) from 195.248.71.38 🇷🇺
( LLC Melt-internet )

VirusTotal Detections 0/95 🟢

Actor attempts to create a new admin user with full permissions

Joel Oliva reposted

INFOSEC F0X 🔥

@infosec_fox

Oct 26

My startup won't have to rely on AWS cloud anymore 😂😂

Joel Oliva

@master_vim

Jul 31

Palo Alto Networks to Acquire CyberArk in $25 Billion Deal By Guru Baran - July 30, 2025 cybersecuritynews.com/palo-alto-netw…

master_vim's tweet card. Palo Alto Networks, a leader in cybersecurity, announced today that it has agreed to buy CyberArk, a company known for identity security, for about $25 billion. This move is expected to change the...

Palo Alto Networks to Acquire CyberArk in $25 Billion Deal

Source: cybersecuritynews.com

Joel Oliva

@master_vim

Jun 12

0-Click Microsoft 365 Copilot Vulnerability Lets Attackers Exfiltrate Sensitive Data Abusing Teams By Guru Baran - June 12, 2025 cybersecuritynews.com/zero-click-mic…

master_vim's tweet card. A critical zero-click vulnerability in Microsoft 365 Copilot, dubbed "EchoLeak," enables attackers to automatically exfiltrate sensitive organizational data without requiring any user interaction.

0-Click Microsoft 365 Copilot Vulnerability Let Attackers Exfiltrates Sensitive Data Abusing Teams

Source: cybersecuritynews.com

Joel Oliva

@master_vim

Jun 10

Fortinet 0-Day Vulnerability that Allows Remote Code Execution By Guru Baran - June 9, 2025 cybersecuritynews.com/poc-exploit-fo…

master_vim's tweet card. A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure.

PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution

Source: cybersecuritynews.com

Joel Oliva

@master_vim

May 30

cybersecuritynews.com/deloitte-data-…

master_vim's tweet card. A threat actor using the alias "303" allegedly claimed to have breached the company's systems and leaked sensitive internal data on a dark web forum.

Deloitte Data Breach: Alleged Leak of Source Code & GitHub Credentials

Source: cybersecuritynews.com

Joel Oliva reposted

Hahahahhahahaha Unironically a good idea. It's so unbelievably stupid and it works. Depending on explorer layout, the .exe might not be visible. Filename.mp4 + ??? spaces + .exe Hahahahahaha UNC6032 is wild as hell

vxunderground's tweet image. Hahahahhahahaha

Unironically a good idea. It's so unbelievably stupid and it works. Depending on explorer layout, the .exe might not be visible.

Filename.mp4 + ??? spaces + .exe

Hahahahahaha UNC6032 is wild as hell

Joel Oliva

@master_vim

May 28

redcanary.com/blog/news-even…

master_vim's tweet card. Red Canary is officially part of Zscaler. Read our blog to learn more what this exciting acquisition means for your security operations.

Red Canary joins Zscaler | Red Canary

Source: redcanary.com

Joel Oliva

@master_vim

May 22

Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT - By Guru Baran - May 22, 2025 cybersecuritynews.com/linux-kernel-s…

master_vim's tweet card. A zero-day vulnerability in the Linux kernel was discovered, utilizing OpenAI's o3 model. This finding, designated as CVE-2025-37899, marks a significant advancement in AI-assisted vulnerability...

Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT

Source: cybersecuritynews.com

Joel Oliva reposted

M4lcode

@M4lcode

May 17

just hunted down fresh undetected & low detected APT43 (kimsuky) infra by pivoting using HTTP header analysis and SSL JARM fingerprinting 162[.]220[.]11[.]84 --> 0/94 194[.]63[.]129[.]86 --> 0/94 3[.]89[.]115[.]251 --> 0/94 110[.]142[.]212[.]109 --> 1/94 More IOCs in replies

M4lcode's tweet image. just hunted down fresh undetected &amp; low detected APT43 (kimsuky) infra by pivoting using HTTP header analysis and SSL JARM fingerprinting

162[.]220[.]11[.]84 --&gt; 0/94
194[.]63[.]129[.]86 --&gt; 0/94
3[.]89[.]115[.]251 --&gt; 0/94
110[.]142[.]212[.]109 --&gt; 1/94
More IOCs in replies

Joel Oliva

@master_vim

May 9

👁‍🗨Nmap 7.96 Released With New Scanning Features & Upgraded Libraries cybersecuritynews.com/nmap-7-96-rele…

master_vim's tweet card. The Nmap Project has officially released version 7.96 of its powerful network scanning tool. The release introduces a suite of technical enhancements, including dramatically faster DNS resolution

Nmap 7.96 Released With New Scanning Features & Upgraded Libraries

Source: cybersecuritynews.com

Joel Oliva

@master_vim

May 8

OneDrive - New Default Sync Feature: Automatic syncing bypasses established security protocols, as it lacks inherent controls, logging mechanisms, and corporate policies that typically govern the synchronization of personal accounts on business devices. cybersecuritynews.com/microsoft-oned…

master_vim's tweet card. Microsoft is rolling out a new OneDrive feature this month that allows users to sync their personal accounts with corporate accounts by default, raising significant security concerns among IT...

OneDrive New Feature Allows Default Sync of Personal & Corporate Accounts

Source: cybersecuritynews.com

Joel Oliva reposted

Lorenzo Franceschi-Bicchierai

@lorenzofb

May 7

NEW: CrowdStrike announced that it will lay off around 500 workers as part of "a strategic plan" to "to evolve its operations to yield greater efficiencies." The cuts represent 5% of its global workforce. techcrunch.com/2025/05/07/cro…

lorenzofb's tweet card. The cybersecurity company said it will lay off 5% of its global workforce.

CrowdStrike says it will lay off 500 workers | TechCrunch

Source: techcrunch.com

Joel Oliva

@master_vim

May 2

linkedin.com/posts/danielma…

master_vim's tweet card. Cybercriminals are now using a kit called Session Shark. It's phishing-as-a-service built to bypass Office 365 MFA. •Steals session tokens to defeat MFA •Adversary-in-the-middle (AiTM) attack kit...

Cybercriminals are now using a kit called Session Shark. | Daniel Kelley

Source: linkedin.com

Joel Oliva reposted

Phillip Wylie

@PhillipWylie

Apr 2

Cloud-Centric Permission Management: A Conversation with Ron Nissim podcasters.spotify.com/pod/show/phill…

PhillipWylie's tweet card. About The Guest: Ron Nissim is the CEO of Entitle, a company that focuses on permission management and access control. He has a background in cybersecurity and intelligence, having served in the...

Cloud-Centric Permission Management: A Conversation with Ron Nissim by Phillip Wylie Show

Source: creators.spotify.com

Joel Oliva reposted

Corey Lynch

@coreylynch

Mar 13, 2024

We are now having full conversations with Figure 01, thanks to our partnership with OpenAI. Our robot can: - describe its visual experience - plan future actions - reflect on its memory - explain its reasoning verbally Technical deep-dive 🧵:

From Figure

Joel Oliva

@master_vim

Jan 20, 2024

Check out my latest write-up summary on LinkedIn: RE#TURGENCE Campaign, Targeting MSSQL Servers for Ransom with MIMIC Payloads! Big S/O to @Securonix Threat Research for the heavy-lift when it comes to threat research! linkedin.com/pulse/returgen…

master_vim's tweet card. Upon analyzing a recent article published by Securonix that details the recent RE#TURGENCE threat campaign, a wealth of compelling insights and key takeaways surface. The threat intelligence derived...

RE#TURGENCE Campaign, Targeting MSSQL Servers for Ransom with MIMIC Payloads

Source: linkedin.com

Joel Oliva reposted

Joe Tidy BBC News

@joetidy

Sep 12, 2023

Scene in MGM Grand according to a TikTok user who said slots machines down and casino floor empty after cyber attack. She also says staff had to make and distribute physical room keys and an admin error caused her to walk in on another guest. Source: vm.tiktok.com/ZGJnKXd6R/