Hello, le thread de la #CoRIIN2024 est disponible ici Pour ceux qui veulent le lire d'un coup ça se passe ici :) : threadreaderapp.com/thread/1…

things that bother me about working in cybersecurity (in no specific order): - glorified burn out culture - the toxic mindset of “if you’re not spending your free time studying up on cyber, you aren’t working hard enough” - the toxic mindset of “i had to spend 5 years working on help desk and 3 years as a sys admin before landing my first cyber role, so you should have it this hard too” - the gatekeeping - the weird belief that GRC isn’t as important as red or blue teaming - the insecure men who feel threatened when a female is more successful than them ick

did u know u can prompt inject the ai overview

I wish I knew who made this. I stole it from my discord

General PSA about photos you share online: In recent years, some people have gotten incredibly good at guessing locations based on simple photos—look up geoguessr if you're unfamiliar. Now ChatGPT has gotten quite good at doing it too. 1/

You all are misreading the MITRE CVE situation. MITRE ran out of numbers and was not prepared to move to CVEv6.

Seeing the Ghibli memes flood my feed with people’s kids' pictures honestly makes me feel very uncomfortable. Currently, people are generating so much Gen AI CP that it’s become increasingly difficult for law enforcement to find & rescue real human child victims— 1/

Twitch Streamer @CarnyJared full combo'd Through the Fire and Flames at 200% speed on Guitar Hero, something never done before He spent 9 months and 50,000 attempts to achieve this... actually insane

have you been using webshells recently? we've been watching you hack govts and more. join us on our latest ill-advised adventure... until next time.. :-) labs.watchtowr.com/more-gove…

another day, another Bonto

Investigation Scenario 🔎 An employee was terminated for moonlighting with a competitor. While reviewing their Windows laptop, you find Slack is installed. What do you look for to investigate their Slack use and if an incident occurred? #InvestigationPath #DFIR #SOC

Les indicateurs statistiques (moyenne, écart-type,v...) ne sont que des résumés d'une série mais ils ne la caractérisent pas car des séries différentes peuvent avoir les mêmes indicateurs. Illustration: blog.revolutionanalytics.com…

New from 404 Media: police freaking out at iPhones stored for forensic examination mysteriously rebooting themselves. This makes brute forcing much harder. Cops hypothesize Apple pushed an update that tells nearby iPhones to reboot if not on phone network 404media.co/police-freak-out…

reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a sufficiently long username will make it accept any password. to fix this you can sha256 the input first.

Okta allowing login bypass for any usernames with 52 characters is insane Official Security Advisory: trust.okta.com/security-advi…

Exec at Ferrari gets a call from "CEO" asking about acquisitions. Exec realizes that this could be a voice clone & asks the "CEO" which book they just talked about, catching the attacker! Thanks @FortuneMagazine for talking with me about AI voice clones. fortune.com/2024/07/27/ferra…

War Thunder forums is a DLS, change my mind

Chillin at the beach 🏖️ #Pokemon #anipoke #ポケモン #リーフ #ハルカ

Nice thread about why security by design is important and not a given. It'll be nice to see how MSFT responds to those findings.