@dotBATman profile picture
Tor Vigesdal | @dotBATman@infosec.exchange @dotBATman

InfoSec Pro working as Advisor and CISO. GIAC GSLC, GDSA and GDAT. Scripter, architect, awareness, governance, risk and compliance. @dotBATman@infosec.exchange

Joined April 2009
  • Tweets 9,682
  • Following 580
  • Followers 363
1,529 Photos and videos
#JoinATeam - How else can you be #Fresh and #Experienced, #GenderDiverse, #Young and #Old, #Optimist. #Realist and #Pessimist, #Structured and #Instinctive, #mentor and #trainee?
2
2
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Michael Epping@_michaelepping
11 Nov 2024
In case you missed it, back in October we published a brand new guide for deploying phishing-resistant passwordless in your organization with Entra ID: aka.ms/PasswordlessGuide ! This is the outcome of a ton of effort across Microsoft, please use it to begin your journey!

Get started with a phishing-resistant passwordless authentication deployment in Microsoft Entra ID...

Detailed guidance for planning the prerequisites to deploy passwordless and phishing-resistant authentication for organizations that use Microsoft Entra ID.

learn.microsoft.com
2
57
180
15,806

ALT Batman Facepalm GIF by WE tv

Brian in Pittsburgh@arekfurt
7 Nov 2024
Oh, I just saw that it's actually even better than that: Notepad will now be a vector for up-selling you.😵‍💫 So if you're writing that term paper--in *Notepad*--and you want to rely heavily on integrated Gen AI help, make sure you keep track of your credits or buy CoPilot.
1
139
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Joseph Cox
@josephfcox
6 Nov 2024
Did you vote in America yesterday? If so, you just got doxed This site takes voter records that can be hard to source and puts them all into one place. Name, address, voter history, for free. It turns voting into a privacy and security risk 404media.co/voted-in-america…

Voted in America? This Site Doxed You

Voting rolls are technically public records but can be laborious to get hold of. A right-wing site weaponizes that information by allowing anyone, anywhere, to search for a voter’s physical address...

404media.co
29
301
808
111,456
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
🕳@sekurlsa_pw
4 Nov 2024
The ‘Windows Server 2025 Security Book’ is also available at techcommunity.microsoft.com/… Two things that caught my eye: ▪️Credential Guard is now enabled by default on servers. ▪️Delegated Managed Service Account (DMSA) is now introduced.
This tweet is unavailable
36
131
19,798
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Trung Phan
@TrungTPhan
4 Nov 2024
my work calendar completely packed this week
79
4,460
64,240
2,183,951
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Unit 42@Unit42_Intel
1 Nov 2024
Acting as digital detectives, we uncovered the sale of a bypass tool on underground forums. This investigation began when a bad actor tried to test an EDR bypass tool. Read what we learned from there: bit.ly/4eb8nlh
Representation of malware displayed over a computer screen

ALT Representation of malware displayed over a computer screen
110
282
71,497
#MustRead! And please, don’t think this is not relevant because you run with a different vendor. Physical access is King, they next turn their findings into seemingly random attacks, which you may ignore as noise, before activating targeted mode. #SupplyChain
Andy Greenberg (@agreenberg at the other places)
@a_greenberg
31 Oct 2024
Sophos detailed to me its 5-year cat-and-mouse game with Chinese hackers repeatedly exploiting its firewalls. The company resorted to installing spy "implants" on devices the hackers were testing on—tracing them to a university and contractor in Chengdu. wired.com/story/sophos-cheng…
1
1
89
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
GeroDoc
@doc_gero
31 Oct 2024
Internet Archive has not been archiving since 10/8. Google Cache has stopped caching. The Alexa service - the one that used to rank web traffic (not the Amazon virtual assistant) is gone. The ability of censors to memory-hole the internet is growing. brownstone.org/articles/they…

They Are Scrubbing the Internet Right Now

Archive.org has stopped taking images of content on all platforms. We have gone a long time since this service has chronicled the Internet.

brownstone.org
367
6,328
22,538
4,863,581
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
RT@RT_com
27 Oct 2024
The US Treasury Department sign falls off when Secretary Janet Yellen is asked how concerned she is about the US dollar's status as the world's reserve currency. Poetic.
0:12
173
738
2,563
139,170
Dear candidates in the US election, please communicate your values, your goals and your party programs. #rotw
1
41
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Telenor SOC@TelenorSOC
24 Oct 2024
Fortinet svakheten aktivt utnyttet siden juni av UNC5820. Nå fått CVE-nummeret CVE-2024-47575. Fortinet har publisert sikkerhetsoppdatering for å patche sårbarheten. telenorsoc-news.blogspot.com…
1
414
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Hank Green
@hankgreen
12 Jul 2022
Everything in this image that doesn't have spikes coming off of it is a galaxy. Every. Single. Dot.
2,920
61,253
519,178
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Nathan McNulty
@NathanMcNulty
18 Oct 2024
If you find Defender for Endpoint missing in 24H2, let @JasonSandys know OEMs were notified a long time ago, and shocking, they haven't fixed it This is why Intune and other solutions should automatically remediate as part of onboarding Don't trust OEMs..
Ugur Koc@UgurKocDe
17 Oct 2024
👀 The mssense service is missing on Windows 24H2 images. If you're using Defender for Endpoint, the absence of mssense prevents onboarding devices to MDE on 24H2. This issue affects all devices running 24H2, not just Copilot devices. Here is a detection and remediation script for you to deploy: github.com/schwerdti/Endpoin… Steffen has a great post here about it: manage-everything.cloud/post… #Windows11 #24H2 #MDE
6
14
47
13,397
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Charlie Weston@CWeston_Indo
17 Oct 2024
Bank of Ireland customers targeted in ‘online chat’ scam independent.ie/business/bank…

Bank of Ireland customers targeted in ‘online chat’ scam

Bank says it is mostly business customers who are being hit by fraudsters

independent.ie
3
8
9
2,429
The irony is strong with this one…
CNN asks why we are watching influencers that ride out hurricanes. Next they want us to spend five minutes with them in a house that is still flooding..

ALT CNN asks why we are watching influencers that ride out hurricanes. Next they want us to spend five minutes with them in a house that is still flooding..
55
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Brewster Kahle
@brewster_kahle
10 Oct 2024
What we know: DDOS attack–fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security. Will share more as we know it.
162
924
7,681
1,366,374
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Cloudflare
@Cloudflare
7 Oct 2024
Introducing Cloudflare’s free security.txt generator, empowering all users to easily create and manage their security.txt files. cfl.re/4eK1sAq

Enhance your website's security with Cloudflare’s free security.txt generator

Introducing Cloudflare’s free security.txt generator, empowering all users to easily create and manage their security.txt files. This feature enhances vulnerability disclosure processes, aligns with...

blog.cloudflare.com
9
37
157
16,460
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
edskoudis
@edskoudis
2 Oct 2024
Sweet! The 2024 @SANSInstitute #HolidayHack Challenge reg page just dropped this morn! Lotsa new game dynamics this year & fun hints in the artwork! Register to be notified when this year's free holiday-themed range launches Nov 11, 2024. Check. It. Out! sans.org/mlp/holiday-hack-ch…
2
57
110
12,540
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
Microsoft Mechanics
@MSFTMechanics
1 Oct 2024
Protect desktop, documents, and pictures folders with unique keys per user account, ensuring files are only readable during active sessions—even on shared or multi-user devices. Check out Windows 11, version 24H2's personal data encryption. #Windows1124H2 youtu.be/lgCt1Z2Da_E

Windows 11, version 24H2 | Security, experience, performance, and...

Enhance security, performance, and user experience with Windows 11,...

youtube.com
4
10
1,373
Tor Vigesdal | @dotBATman@infosec.exchange retweeted
U.S. Secret Service
@SecretService
26 Sep 2024
In an effort to interrupt international money laundering and cybercrime operations, indictments were unsealed against two cybercriminals. Sergey Sergeevich Ivanov allegedly operated multiple international payment services to aid cybercriminals. secretservice.gov/sites/defa…

28
67
167
66,199
Load more