Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @j_kaluzny
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @j_kaluzny
-
Prikvačeni tweet
The recording of my
@devopsdayswaw presentation is online: https://youtu.be/u7Zii7sIxY4 - Let's get evil -#threatmodelling at scale :) that's the one with a reverse live hacking session -#DevOps people in the audience did very well!Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CSRF was one of my favourites - that one in 2012 was my first bug bounty reward from Google, in 2012, before I even got a job as a pentester :)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nice to see that trivial POST CSRFs will no longer work on Chrome (80) due to treating cookies as same site=lax by default https://www.chromestatus.com/feature/5088147346030592 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
[PL] Wywiad z
@wojdwo Jak powinien wyglądać test penetracyjny? Na co zwrócić uwagę podczas zawierania kontraktu? Ile średnio trwa i kosztuje taka usługa? Jak często zdarza się nie znajdować błędów? Co to jest#OWASP? Co to jest modelowanie zagrożeń?https://www.youtube.com/watch?v=YgTsvyVm9jA …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Bypassing a Touch ID check on iOS?
Here is how @_r3ggi did it: https://www.securing.pl/en/bypassing-your-apps-biometric-checks-on-ios/index.html …#iOSDev#ITSecurity#iOSProgrammingpic.twitter.com/DkQdtoQ2Qu
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Also I'd like to see a DSCP, or Defensive Security Certified Professional. The exam is you have 24h to set up a defensive infra (with limits, like in the real word!) and then not get pwned within another 24, or get pwned and do IR.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nice. Number of IT/ITSec conferences at which I was offered to use a vulnerable Logitech clicker in the last 12 months: 4 out of 6. It always makes a good opening for a threat modelling talk :)https://twitter.com/mame82/status/1217350358965608454 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
"SIM swap" attacks have been in the news for years. They’ve enabled serious financial crimes and even a hack of the Twitter CEO's account. We spent 6 months researching how vulnerable wireless accounts are to these attacks. Our draft study is out today. https://www.issms2fasecure.com/
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Govs delegate identity management to banks, banks delegate it to telecoms, telecoms cut costs wherever it takes. In the end, our identity and money is secured by a 6 digit SMS OTP and a support technician who will swap a SIM provided you give them a 5-star rating after the call.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Excited / slightly nervous that my talk has been accepted for
@BSidesMelbourne in March! "Plundering GCP - Escalating Privileges, Moving Laterally, and Stealing Secrets in Google Cloud". A 101 of post-exploitation fun, which will be based on a LENGTHY tutorial I am writing now.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Consider: millions of years ago our antecedents gave a massive sacrifice of their left hemisphere. We lost a tremendous amount of short term memory and replaced it with Broca’s, Wernicke & the phonological loop. But why? So we can—talk. Thus chimpanzees can do this—we can’t:pic.twitter.com/CDznxg37p1
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Totally blown away by this. BTW - universities and other educational institution has really easy and cheap access with A type licenses to
#AzureAD which greatly improves their security posture.#justSayinghttps://twitter.com/svblxyz/status/1206948966442708992 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
And the slides are here: https://www.securing.biz/en/lets-get-evil-threat-modeling-at-scale/index.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Do you want to make friends on the Internet? Take a credit card form and change the method from POST to GET, then submit your card details... Endless hours of fun for the team in charge of debugging that one during their next PCI Audit!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
Offensive phishing technique #37: set your phishing domain's A record after you send the phish. Some gateways (like Gmail) will let it right through assuming it's a broken link. Ensure you have the lowest possible dns ttl. Especially useful for newly registered/low rep domains
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tomorrow at
@devopsdayswaw I'll give a talk on#threatmodelling. There will be a reverse-live-hacking session. Reverse means this time I will not be the one hacking, it will be the audience hacking some systems (or themselves) :)pic.twitter.com/nLRl6PjgZB
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Zapraszam na konferencję What The H@ck, na której opowiem jak przeprowadzać sesje modelowania zagrożeń, gdy system zmienia się 3 razy dziennie. https://wthconf.pl/ pic.twitter.com/Sc3t8D4uFM
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
To jailbreak iphone == „furgnąć z ciupy na mobilnioku”?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jakub Kaluzny proslijedio/la je Tweet
NTLM reflection is back to haunt windows. Read about Ghost Potato here (this time with a fixed link):https://shenaniganslabs.io/2019/11/12/Ghost-Potato.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The recording of my
@infosharepl presentation 'security education via security features' is up :)https://youtu.be/4gwECtkzQxEHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.