Pinned toot

Got a small tip for those doing . When using -- to comment, add a space and another -. MySQL-like engines need whitespace and a character following the -- to know its a comment, and most forms trim whitespace from input values. See:

Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus

It's that time again!  Yes, another Tabletop D&D episode is upon us!  This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters.  Let's just say this particular episode is not for the faint of heart, and w

Anyone out there have experience with deploying the NIST CSF in a commercial environment? I'd like to bounce some thoughts off of someone.

Jack Rhysider from “Darknet Diaries joins us on the latest "Smashing Security" podcast to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how ‘beauty camera’ apps are redirecting users to phishing websites and stealing their selfies.

Full "Smashing Security" show and links to it in your favourite podcast app:

Code of Conduct

Purple Squad Security Code of Conduct
Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and members of the Purple Squad Security community pledge to making
participation in our channels and other parts of our community a harassment-free experience
for everyone, regardless of age, body size, disability, ethnicity, sex characteristics,
gender identity and expression, level of ex

It's amazing how your work history is hard to shed. I haven't done professional development for a few years now, yet I still get pinged by recruiters. Old jobs feel like the mob sometimes. Once you're in, you can never get out.

Purple Squad Security - Episode 49 – The Red Team Life with Curtis Brazzell

Curtis Brazzell from Pondurance joins me to talk about red teaming and managing red teams.

I'm tired. Maybe teaching, working full time, running a podcast, trying to start up a side hustle, studying for some more certs and having two kids is a bit much.

Teacher's log - stardate 96665.15: It has been roughly 21 rotations since starting my latest mission, sharing knowledge amongst the inexperienced of this planet, but I find it rewarding. Exhausting, but rewarding. Will continue for foreseeable future.

Important→ Someone hacked the official site of #PHP PEAR and replaced package manager (go-pear.phar) with a "tainted version"

If you have downloaded/updated #pearPHP package manager from its official site in past 6 months, consider yourself compromised.

The more I read about SIEMs and "next-gen" SIEMs, the more I think a solid ELK stack will do me just fine. To be fair, I used to work for a SIEM vendor years ago, but I think a modern ELK stack with alerts for incidents I care about specifically may do me just fine.

Pst! Do you need CPEs for your CISSP, CISM, CISA, or CEH? Why not check out some free courses on or even better, go listen to some security podcasts like Defensive Security (@jerry), Smashing Security (@gcluley) or even Purple Squad Security (me)! We're all entertaining and informative in our own rights, and you can get 1 CPE per hour. ;-) YMMV, but I'm a fan.

So is supposed to be installed on a smartphone before you can use it on desktop? Unofficially, the desktop version is perfectly capable of creating new accounts. All you need is a number to receive an SMS or voice mail. Here is how.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.