est.social

1 postitusega1 osalejaga0 postitust täna

G :donor: :Tick:This is kinda cool - my <a href="https://infosec.exchange/tags/Azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Azure</a> <a href="https://infosec.exchange/tags/VaultRecon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VaultRecon</a> vulnerability (that <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> say is by design and is not a vulnerability) is now listed in the <a href="https://infosec.exchange/tags/CloudVulnDB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudVulnDB</a> 🤩 <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> —<a href="https://infosec.exchange/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudSecurity</a> <a href="https://infosec.exchange/tags/KeyVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KeyVault</a> <a href="https://infosec.exchange/tags/Enumeration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Enumeration</a> <a href="https://infosec.exchange/tags/SharingIsSecuring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SharingIsSecuring</a> <a href="https://infosec.exchange/tags/WeAllWinTogether" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WeAllWinTogether</a> 🤘🏻💪🏻<a href="https://www.cloudvulndb.org/azure-vault-recon-keyvault-secret-metadata-control-plane-exfiltration" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.cloudvulndb.org/azure-vault-recon-keyvault-secret-metadata-control-plane-exfiltration</a>

G :donor: :Tick:I iz in ur logicappz, stealin ur secretz <a href="https://infosec.exchange/tags/SilentReaper" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SilentReaper</a> <a href="https://infosec.exchange/tags/Azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Azure</a> <a href="https://infosec.exchange/tags/VulnNotVuln" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VulnNotVuln</a> <a href="https://infosec.exchange/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataExfiltration</a> <a href="https://infosec.exchange/tags/CredentialTheft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CredentialTheft</a> <a href="https://infosec.exchange/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloud</a> <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a>Blog: <a href="https://cirriustech.co.uk/blog/azure-silent-reaper/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cirriustech.co.uk/blog/azure-silent-reaper/</a> Tools: <a href="https://github.com/Az-Skywalker/Az-Skywalker" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/Az-Skywalker/Az-Skywalker</a>

Christoffer S.Johann Rehberge - ChatGPT Operator: Prompt Injection Exploits & Defenses <a href="https://embracethered.com/blog/posts/2025/chatgpt-operator-prompt-injection-exploits/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://embracethered.com/blog/posts/2025/chatgpt-operator-prompt-injection-exploits/</a>Johann explores vulnerabilities of the ChatGPT Operator, a web-enabled agent from OpenAI, focusing on prompt injection exploits and the associated risks. Categorizes risks into three areas: user misalignment, model misalignment, and website misalignment.We need research like this!<a href="https://swecyb.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://swecyb.com/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> <a href="https://swecyb.com/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://swecyb.com/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChatGPT</a>

Christoffer S.Joshua Rogers <a href="https://joshua.hu/proxy-pass-nginx-decoding-normalizing-url-path-dangerous" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://joshua.hu/proxy-pass-nginx-decoding-normalizing-url-path-dangerous</a>Joshua explores vulnerabilities/weaknesses related to how web servers, particularly nginx (through proxy_pass), handle URL normalization and path traversal. It highlights that paths can be manipulated using sequences like /../, leading to potential security issues such as path traversal vulnerabilities, cache poisoning, and authentication bypass.<a href="https://swecyb.com/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nginx</a> <a href="https://swecyb.com/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> <a href="https://swecyb.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a>

mle✨Going to <a href="https://infosec.exchange/@BSidesLV" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@BSidesLV</a>? Don't miss these talks from <a href="https://infosec.exchange/@censys" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@censys</a> and <a href="https://infosec.exchange/@greynoise" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@greynoise</a> researchers while you're there👇🔸 Defensive Counting: How to quantify ICS exposure on the Internet when the data is out to get you (shameless self promotion, I'll be presenting this!) Ground Truth, 15:00 Tuesday Abstract: <a href="https://bsideslv.org/talks#LNDN9Z" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bsideslv.org/talks#LNDN9Z</a>🔸 What Do We Learn When We Scan the Internet every hour? by <a href="https://infosec.exchange/@amirian" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@amirian</a> Ground Truth, 15:30 Tuesday Abstract: <a href="https://bsideslv.org/talks#DVYNJJ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bsideslv.org/talks#DVYNJJ</a>🔸 Discover the Hidden Vulnerability Intelligence within CISA’s KEV Catalog by <a href="https://infosec.exchange/@ntkramer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ntkramer</a> Ground Floor, 14:30 Wednesday Abstract: <a href="https://bsideslv.org/talks#WXAEQR" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bsideslv.org/talks#WXAEQR</a>Hope to see you there!<a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearch</a> <a href="https://infosec.exchange/tags/InternetMeasurement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InternetMeasurement</a> <a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KEV</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://infosec.exchange/tags/BSLV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BSLV</a> <a href="https://infosec.exchange/tags/blackhat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blackhat</a> <a href="https://infosec.exchange/tags/defcon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#defcon</a>

MegaWorking on a research paper on <a href="https://social.villains.live/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> that uses <a href="https://social.villains.live/tags/Discord" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Discord</a> as a Command & Control server. I infect my own sandbox machine to observe and document behavior of published malware from GitHub and Discord bans me for policy violations.Refuses to hear my appeal or investigate. Is this how security researchers are going to be treated?Please boost to bring attention. Thx.<a href="https://social.villains.live/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://social.villains.live/tags/cybersec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersec</a> <a href="https://social.villains.live/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://social.villains.live/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blueteam</a> <a href="https://social.villains.live/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.villains.live/tags/whitehat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#whitehat</a> <a href="https://social.villains.live/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://social.villains.live/tags/securityresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityresearch</a>

mle✨Imagine you have a friend who’s worked in security for nearly a decade and they’re feeling burned out. The spark is still there, they care about the work, but they are ✨tired✨. Nothing feels exciting or interesting anymore. Apart from taking some time off, they’ve asked for podcast or book recs—stories that will help them feel that twinge of excitement, that will remind them of how rewarding and fascinating this field can be. What do you suggest? <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/securityresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityresearch</a> <a href="https://infosec.exchange/tags/bookstodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bookstodon</a>

Viimatised otsingud

Otsimisvalikud

Administraator:

Serveri statistika:

#securityresearch