Joined April 2026
- Tweets 34
- Following 135
- Followers 6
- Likes 220
10 Photos and videos
Dylan🛡️AttacktheSOC retweeted
‼️🚨 This is alarming: Researchers found a one-click data exfiltration vulnerability in M365 Copilot. A single click on a trusted microsoft[.]com link let attackers pull emails, MFA codes, meeting notes, and SharePoint/OneDrive files, no permissions or second click required.
Microsoft has patched it as CVE-2026-42824, rated critical.
9
52
302
18,953
sygnia.co/blog/operation-hig…
This was a great read and lesson on thoughtful response. For all the tradecraft displayed, some basic security hygiene would’ve gone a long way here.
1
8
I try to keep in mind that we never really get the internal teams story (assuming there’s “Sec” team). What budgetary constraints did they have, how many hats were they expected to wear, did they have stakeholder support. Something sitting this long seems systemic
6
Another great article!
Had me thinking of the fear some physicists expressed of the possibility of the atomic explosion causing a cataclysmic chain reaction.
Jun 11
🤖 Entra Agent ID can have a larger blast radius than you think. Join us for a new series on all things agent identity!
Check out part 1 on Agent ID fundamentals here:
securitylabs.datadoghq.com/a…
1
1
210
*posted on the sidelines watching this whole Nightmare situation play out*
don't get the reference? It's not actually Larry's car getting shmacked...
11
Dylan🛡️AttacktheSOC retweeted
‼️ Nightmare Eclipse is back on GitHub under a new alias and has released a new Windows Defender vulnerability zero-day called RoguePlanet.
PoC: github.com/MSNightmare/Rogue…
New GitHub Account: github.com/MSNightmare
17
189
1,240
67,977
Dylan🛡️AttacktheSOC retweeted
Join me on Tuesday June 9th for a deep dive into
Microsoft Entra Secure Service Edge: Global Secure Access, Internet Access & Private Access.
Use code JoshGatewood for 10% off 😎
premium.patriotconsulting.co…
1
3
696
Dylan🛡️AttacktheSOC retweeted
Jun 4
NEW: While Meta publicly said it was still deciding whether to deploy facial recognition in its smart glasses, the company was distributing it to millions of users
We found an unreleased facial-recognition system embedded in the Meta's AI companion app
wired.com/story/meta-smart-g…
7
100
168
54,649
This is awesome sauce. Client-side processing of the logs in the Azure Monitor Agent. From filtering to aggregation before landing in Sentinel. Multi-stage transformations in Data Collection Rules:
techcommunity.microsoft.com/…
18
Wait... did we always have Azure Resource Graph Explorer query history??
9
Seems it can’t be stated enough but execs looking to replace their SOC with Agentic workflows.. you’re doing it wrong. It ain’t happening. Perhaps it is “not there yet” but fact remains you’re not replacing humans. It’s increasing and optimizing output. Allowing
1
16
us to make more informed decisions and put our attention where it’s needed most.
The leaders that understand this have teams that are killing it right now. Unmatched output. Bespoke solutions. And a better understanding of their environment and the tools they use to navigate it.
1
11
On the other hand, I see teams wading through an understandable air of frustration, mistrust, and resentment on a path that leads to conversations above your pay grade
11
All points made by @BertJanCyber and you should be asking yourself if any information provided by the source can be trusted. If an appointed MS MVP (and self-proclaimed KQL expert) isn’t catching this many foundational mistakes before hitting “post”.. it may point to a pattern
May 27
For people who just started with #KQL and want to learn why this is AI-slop. Some indicators are explained in the 🧵
1
2
65
A pattern that could leave you in hot water. Also, AI-generated queries shouldn’t even be this bad anymore…. Not only was there no effort in verification but there doesn’t appear to have been effort in their prompt engineering. Womp, womp
2
48
Insane. Age verification is a Trojan horse for total control over everything you do on the internet.
May 23
South Carolina just passed a law requiring platforms to estimate your age every 100 hours of use, or any time they run their algorithms on you. 80% confidence minimum, $10k fine per wrong guess. The incentive is to collect more data about everyone, including kids.
reclaimthenet.org/south-caro…
10
73
353
24,631
Dylan🛡️AttacktheSOC retweeted
May 9
1/ AI agents in Microsoft Entra can involve more than one identity object.
To understand their security model, you need to know how these objects fit together.
Here’s the mental model 👇
2
11
75
4,437