security researcher @PaloAltoNtwks
Joined November 2012
- Tweets 37
- Following 148
- Followers 28
- Likes 266
Photos and videos
Stav Setty retweeted
28 Oct 2025
The Jingle Thief campaign targets cloud-based service to maintain longterm persistence and, ultimately, conduct gift card fraud. This enables near-instant cash flow. Learn how the scheme works: bit.ly/47JWCSY
ALT Pictorial representation of a gift card fraud campaign. A glowing skull and crossbones on a circuit board.
1
12
20
5,254
Stav Setty retweeted
6 Aug 2025
From MSAs to dMSAs: Unit 42 traces the evolution of Managed Service Accounts and explains the BadSuccessor attack vector in Windows Server 2025. This article includes discussion of the PoC SharpSuccessor. bit.ly/40S4j5V
ALT Pictorial representation of a BadSuccessor attack. A person analyzing data on a computer screen in a busy office environment, with digital graphs and code overlaying the image.
1
14
45
5,315
18 Dec 2024
Check out our latest research on LDAP-based attacks!
17 Dec 2024
Cybercriminals can leverage the vendor-agnostic #LDAP for lateral movement and to target critical assets. Stay informed about the risks and learn how to detect and mitigate LDAP-based attacks. bit.ly/4iE9LAy
ALT Pictorial representation of attackers leveraging Active Directory or LDAP. Close-up view of a server rack panel with illuminated lights and a digital display reading 'SYSTEM HACKED'.
40
Stav Setty retweeted
19 Jan 2023
Hidden in the depths of the Microsoft Learn Docs are some really great Azure AD incident response playbooks covering phishing, password sprays, app consent grants and compromised & malicious apps, including some really great flow charts - learn.microsoft.com/en-us/se…
5
159
594
59,769
Stav Setty retweeted
19 Jan 2023
If you are investigating suspicious Office 365 activity, chances are you will be deep into the Unified Audit Log before you know it. One of our very smart @MicrosoftDART team members put together some tips for good UAL hunting - techcommunity.microsoft.com/…
2
44
140
9,789
Stav Setty retweeted
1 Mar 2022
GMSA passwords aren’t what you think.
Read all about it in @YuG0rd’s post, where he dives into how gMSA passwords are generated and introduces the Golden GMSA attack.
semperis.com/blog/golden-gms…
1
75
172
Stav Setty retweeted
11 Jan 2022
📢 New Article Released!
📝 Domain Escalation - ShadowCoerce
pentestlaboratories.com/2022…
#pentestlaboratories #redteam #redteaming
1
52
85
10 Jan 2022
Excited to share our research and detection on the CVE-2021-42278 and CVE-2021-4487 Kerberos vulnerabilities with @cortexbypanw
paloaltonetworks.com/blog/se…
2
2
Stav Setty retweeted
10 Jan 2022
Learn how @cortexbypanw XDR detects the Kerberos noPac vulnerabilities - CVE-2021-42278 and CVE-42287 #cybersecurity #Security @PaloAltoNtwks bit.ly/3F23tWc
3
3
Stav Setty retweeted
10 Jan 2022
Detecting the #Kerberos noPac Vulnerabilities with Cortex XDR paloaltonetworks.com/blog/se…
by the amazing @stavsetty and yes we are hiring! so come join her! @cortexbypanw @Unit42_Intel @PaloAltoNtwks
1
5
5
Stav Setty retweeted
14 Dec 2021
great hunting work on #log4j #Log4Shell from the @cortexbypanw team by @Mind0xP and @odedaw
paloaltonetworks.com/blog/se…
3
4
Stav Setty retweeted
8 Dec 2021
Friendly reminder: You can detect NTLM relay attacks
posts.bluraven.io/detecting-…
1
78
315
Stav Setty retweeted
11 Dec 2021
A short and sweet addition to my previous post describing a couple more uses for the samaccountname impersonation bug:
exploit.ph/more-samaccountna…
2
55
134
Stav Setty retweeted
10 Dec 2021
So with some help from @_EthicalChaos_ I found a way to weaponise CVE-2021-42287/CVE-2021-42278 and more help from @4ndr3w6S we put some detections together:
exploit.ph/cve-2021-42287-cv…
7
202
364
hello world!
we're launching pandas tutor! it visualizes Python pandas code step-by-step: pandastutor.com/
(developed with my advisor philip guo)
28
713
3,282
Stav Setty retweeted
3 Dec 2021
🚨Now with us @shacharoitman with SSH Session Hijack Analytic
#infosecjupyterthon
1
6
9