Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐Ÿผ

@[email protected]
11.1K Followers
487 Following
474 Posts
Personal social media, use specific contact info below!โ€จโœŒ๐Ÿผ๐Ÿ’—๐ŸŒบโ€จโ€จCEO @LutaSecurity Founder @payequitynow MIT &Harvard visiting scholar, @NewAmCyber & @MasonNatSec Fellow. Hacker.โ€จโ€จ#BugBounty #VulnerabilityDisclosure expert โ€จโ€จ๐Ÿ‘ฉ๐Ÿปโ€๐Ÿ’ป๐Ÿ‘ฉ๐Ÿปโ€๐Ÿ’ป๐Ÿ‘ฉ๐Ÿปโ€๐Ÿ’ปโ€จHire us or refer a customer: [email protected]โ€จ๐Ÿ’ฐEarn ca$h for referrals that lead to new customers:
https://LutaSecurity.com/referralbountyโ€จ๐Ÿ’ต โ€จ๐Ÿ‘ฉ๐Ÿปโ€๐Ÿ’ปโ€จApply for a job with us:โ€จhttps://LutaSecurity.com/careersโ€จQuestions and resume submission: [email protected]โ€จ๐ŸŒบ๐ŸŒบ๐ŸŒบโ€ฉโœจโœจโœจโ€จโœจMedia/public speaking: [email protected]โœจโ€จ๐ŸŽค๐ŸŽค๐ŸŽคโ€จโ€จ๐Ÿ˜ป๐Ÿ˜ป๐Ÿ˜ปโ€จ๐Ÿ˜ปCat/vacation/thirst traps/food pics: โ€จhttps://Instagram.com/kmoussourisโ€จ๐Ÿ’ƒ๐Ÿป ๐Ÿ’ƒ๐Ÿป๐Ÿ’ƒ๐Ÿปโ€จIโ€™ve been a molecular biologist, bioinformatics engineer, UNIX sysadmin, Linux developer, professional penetration tester, security code reviewer, and now founder of a successful bootstrapped cyber company. Iโ€™m far older than I look & therefore have no time for nonsense.โ€ฉ๐Ÿšจ๐ŸšจMansplain to me at your peril.๐Ÿšจ๐Ÿšจโ€จโ€จPeace, love, and healthy boundaries to you all โœŒ๐Ÿผ๐Ÿ’–๐ŸŒบ
Equalityhttps://Payequitynowfoundation.org
Work - Let Me Pay Youhttps://LutaSecurity.com/referralbounty
Kobayashi Maruhttps://ManglonaLab.org
Instgram Cats & Thirst Trapshttps://www.instagram.com/kmoussouris/
Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 15, 2023
CheRosachApr 13, 2023
The problem with capitalism
Show threadKatie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 13, 2023
@amuse thanks Matt ๐Ÿซถ๐Ÿผ
Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 13, 2023
Matt Linton Apr 12, 2023

Every time I get into a debate about Coordinated Vulnerability Disclosure and am trying to make someone understand a particular opinion that I strongly hold, I know I can look and find a video of a talk or blog post by @k8em0 which makes that point more firmly and eloquently and with more data than I could possibly do so.

I really appreciate that, and y'all should too.

Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 12, 2023
Phil ReitingerApr 12, 2023

Shout out to @wendynather in the Inside Cybersecurity story on the one-year anniversary of #CyberCivilDefense. https://insidecybersecurity.com/share/14540

โ€œThereโ€™s a nice synergy between IST and GCAโ€ on equipping organizations in the fight against ransomware, Stifel said, adding, โ€œWe really need to think collectively about this, particularly those below the โ€˜cybersecurity poverty line,โ€™โ€ a phrase coined by cyber pro Wendy Nather to describe a dividing line between organizations with and without cyber resources.

โ€œItโ€™s not 20-30 percent, itโ€™s more like 97 percent below the poverty line,โ€ Reitinger added. He highlighted the GCA cyber toolkit for individuals and other resources.

| InsideCyberSecurity.com

Show threadKatie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 12, 2023
@jaydotno I included the picture Credit and license - itโ€™s not a picture I took.
Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 12, 2023

Ah yes, another high profile bug bounty forcing non-disclosure โ€” even for fixed bugs.
๐Ÿคฆ๐Ÿปโ€โ™€๏ธ
Itโ€™s the bugs they wonโ€™t fix that will put users at risk.
All orgs need a vulnerability disclosure program that doesnโ€™t ban Disclosure.
But what do I know.
I just coauthored the standard
#GPT

โ€œBut itโ€™s a bug bounty & they are paying so itโ€™s fair to ask for non disclosureโ€
Thatโ€™s fine if everything submitted is paid work, like a penetration test.
Oh, only paying selectively & only the first of any duplicates?
Thatโ€™s labor abuse & the worst gig economy deal out there.

โ€œBut pen tests donโ€™t get you all the eyeballsโ€

Neither do bug bounties - you get a random number of eyeballs willing to sign NDAs.

If orgs actually care about security, they cast as wide a net s as possible to get the best researchers - especially those who wonโ€™t sign NDAs.

โ€œThis is better than no bug bountyโ€

No, it isnโ€™t.

It breeds a false sense of security for users & the org itself, while actively excluding the highest skilled researchers who will never sign an NDA for speculative pay or who want to see the bugs FIXED as their motivation.

Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 12, 2023
SwiftOnSecurityApr 11, 2023
๐Ÿค– In AD 2101 war was beginning
๐Ÿ”…๐Ÿ’ฅ ๐Ÿ”†๐Ÿ’ฅ
๐Ÿ‘ธ๐Ÿฝ what happen
๐Ÿ‘ท๐Ÿปโ€โ™€๏ธ someone set up us the bomb
๐Ÿ’๐Ÿพโ€โ™‚๏ธ we get signal
๐Ÿ‘ธ๐Ÿฝ what !!
๐Ÿ’๐Ÿพโ€โ™‚๏ธ main screen turn on
๐Ÿ‘ธ๐Ÿฝ itโ€™s you !!
๐Ÿ‘พ how are you gentlemen !!
๐Ÿ‘พ all your base are belong to us
๐Ÿ‘พ you are on the way to destruction
๐Ÿ‘ธ๐Ÿฝ what you say !!
๐Ÿ‘พ you have no chance to survive make your time
๐Ÿ‘พ ha ha ha ha
๐Ÿ‘ท๐Ÿปโ€โ™€๏ธ captain !!
๐Ÿ‘ธ๐Ÿฝ take off every ZIG
๐Ÿ‘ธ๐Ÿฝ for great justice
๐Ÿš€๐Ÿš€๐Ÿš€๐Ÿš€๐Ÿš€๐Ÿš€๐Ÿš€๐Ÿš€
Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 12, 2023

Today I cried with joy & gratitude that Iโ€™m alive when I saw the Olympic mountains.

So much better than the tears Iโ€™ve been crying lately.

Find your tears of joy among all the tears of sorrow.

Cookies need both salt & sugar to come out right๐Ÿช
Pic cred:

https://commons.wikimedia.org/wiki/File:The_Brothers_from_West_Seattle.jpg

File:The Brothers from West Seattle.jpg - Wikimedia Commons

Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 11, 2023
Luta SecurityApr 11, 2023

We're excited to announce that @LutaSecurity is sponsoring 4 @swsissec scholarships of $5K each for women pursuing undergraduate or graduate degrees in #cybersecurity or related fields.

https://www.lutasecurity.com/post/luta-security-sponsors-four-scholarships-for-women-pursuing-cybersecurity-careers

Luta Security Sponsors Four Scholarships for Women Pursuing Cybersecurity Careers

Luta Security is sponsoring 4 SWSIS scholarships of $5K each for women studying cybersecurity or related fields.

Luta Security
Katie Moussouris (she/her)๐Ÿฅœ๐Ÿ‘‹๐ŸผApr 10, 2023

Just got good news.

The kind that makes you cackle.

Such great news!!