@nicoSWD profile picture
Nico @nicoSWD

InfoSec at @seat_code

Joined February 2009
  • Tweets 3,966
  • Following 765
  • Followers 524
145 Photos and videos
Nico retweeted
Simone Margaritelli
@evilsocket
26 Sep 2024
Attacking UNIX Systems via CUPS, Part I evilsocket.net/2024/09/26/At…

Attacking UNIX Systems via CUPS, Part I | evilsocket

Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Lin…

evilsocket.net
175
1,119
3,614
1,059,713
New Linux CVE with score or 9.9 of 10, regarding unauthenticated remote code execution (RCE) vulnerability expected to be revealed on 30th September 2024, with more details on 6th October. Watch @evilsocket for updates.
1
1
1
504
Nico@nicoSWD
20 May 2023
medium.com/@bobbyrsec/the-da…
125
Nico retweeted
Lance McDonald@manfightdragon
3 Oct 2022
It's... beautiful. The PlayStation 5 has been jailbroken.
2:13
689
6,714
54,003
Nico retweeted
Infosecurity Magazine
@InfosecurityMag
29 Sep 2022
🛑 [NEWS] @RevolutApp has suffered a serious #DataBreach which may have led to the compromise of over 50,000 customers’ personal information > @philmuncaster reports bit.ly/3C8YlR1

Revolut Breach May Have Hit 50,000 Customers

Major phishing risk as personal details are compromised

infosecurity-magazine.com
5
4
Nico retweeted
Infosecurity Magazine
@InfosecurityMag
26 Aug 2022
LastPass Hackers Stole Source Code infosecurity-magazine.com/ne…

LastPass Hackers Stole Source Code

Password management firm reveals incident in early August

infosecurity-magazine.com
7
7
Nico retweeted
🎻 ➡️ BlueSky@ericlaw
7 May 2022
Clever portswigger.net/daily-swig/w…

Web Application Security, Testing, & Scanning - PortSwigger

PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.

portswigger.net
2
6
38
Nico retweeted
uɐpʇou@ ✸
@notdan
25 Apr 2022
Holy shit
William Fleshman@willcfleshman
25 Apr 2022
Replying to @notdan
"this was a faux vulnerability for credibility nobody questioned" Time lapse of output as a super resolution resnet trains on the task:
6
13
64
Nico retweeted
HACxyk.@Hacxyk
16 Apr 2022
We found a way to spoof ENS domains and were awarded a $15k bug bounty by @ensdomains 👇Check out the write-up medium.com/@hacxyk/how-we-sp…

How we spoofed ENS domains for $15k

TL;DR: We found a flaw that allowed us to spoof Ethereum domain names and received a $15k bounty.

medium.com
4
22
120
Nico retweeted
Gi7w0rm
@Gi7w0rm
9 Apr 2022
#Nginx 1.18 exploit in the wild! #infosec #0day #exploit @campuscodi
This tweet is unavailable
7
207
512
Nico retweeted
Swati Khandelwal
@Swati_THN
2 Apr 2022
A 15-year-old developer account hijacking #vulnerability has been disclosed in the PEAR #PHP repository that could've allowed attackers to launch supply-chain attacks by releasing new malicious versions of existing packages. Details: thehackernews.com/2022/04/15… #infosec #hackernews

15-Year-Old Bug in PEAR PHP Repository Could've Enabled Supply Chain Attacks

A 15-year-old account hijacking vulnerability has been disclosed in the PEAR PHP repository that could allow attackers to launch supply chain attacks.

thehackernews.com
1
3
1
Nico retweeted
vx-underground
@vxunderground
22 Mar 2022
LAPSUS$ extortion group claims to have breached @Okta. They have released 8 photos as proof. The photos we are sharing has been edited so no sensitive information or user identities are displayed. Image 1 - 4 attached below.
21
262
672
Nico retweeted
Joel Schectman@joel_schectman
24 Feb 2022
NEW: Ukraine is asking its hacker underground to defend the country from Russia @Bing_Chris reuters.com/world/exclusive-…

EXCLUSIVE Ukraine calls on hacker underground to defend against Russia

The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according...

reuters.com
24
340
1,074
Nico retweeted
Florian Roth ⚡️
@cyb3rops
10 Dec 2021
How to test your apps for #log4shell vulnerability 1. Generate a DNS token canarytokens.org/generate# 2. Wrap that token in Prefix: ${jndi:ldap:// Suffix: /a} 3. Use that value in search forms, profile data, settings etc. of your apps 4. Get notified when you triggered a reaction
37
1,224
3,169
Nico retweeted
Chris Wysopal
@WeldPond
16 Nov 2021
"This model enables 0day devs to generate substantial earnings by renting the 0day out while waiting for a definitive buyer...renting parties could test proposed 0day & later decide whether to purchase the exploit on an exclusive or non-exclusive basis" zdnet.com/article/ransomware…

Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

Zero-day cybersecurity vulnerabilities have traditionally been the preserve of nation states - but now criminal gangs have the funds to buy their own.

zdnet.com
4
1
Nico retweeted
Tom Warren
@tomwarren
6 Oct 2021
it looks like Twitch has been hacked in a massive breach. A 125GB file reportedly includes Twitch source code, details on creator $$$ payouts, and even a Steam competitor. Full details here: theverge.com/2021/10/6/22712…
53
735
2,101
Nico retweeted
Hexadecim8@hexadecim8
24 Sep 2021
ouch. bleepingcomputer.com/news/se…

2
26
37
Nico retweeted
BSides Barcelona@BarcelonaBsides
21 Jul 2021
And early bird tickets are out: eventbrite.es/e/bsides-barce… Grab them while they are hot!

BSides Barcelona 2021, Virtual Edition

Virtual edition of the information security conferece created by and for the community happening on September 30th and October 1st.

eventbrite.es
2
14
15
Nico retweeted
Codely ﹤🍍﹥
@CodelyTV
9 Apr 2021
🎉 SORTEACO 100% GRATIS Monitor curvo Dell 34" U3421WE de 900€ y 1 mes de CodelyTV Pro 😳 Cómo participar bit.ly/monitor-codely-infojo… 📆 Hasta Jueves que viene 18:30h 👀 Más info en twitch.tv/codelytv 🤔 Gracias a @InfoJobs
1:06
22
689
176
Nico@nicoSWD
30 Jan 2021
xn--promfarma-8x3d.com/ seems legit 👌
Load more