Manuel D'Orso @cirku17@infosec.exchange
- Keybase
- cirku17
Ⓐ INTJ • DevSecOps • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
Redis Security Map (RSM) - Anti-hacking for Redis
Manuel D'Orso
boosted
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP. - kahun/awesome-sysadmin
Technology and Enterprise Leaders Combine Efforts to Improve Open Source Security https://www.linuxfoundation.org/press-release/2020/08/technology-and-enterprise-leaders-combine-efforts-to-improve-open-source-security/
RT @ORARiccardo
Sembra quasi una beffa. Avevo chiesto info sul riconoscimento facciale a Torino per il progetto AxTo—in quel caso non c'era nulla. Oggi esce questo (c'è paywall). Metadati, tag e sul cartaceo dicono anche colore dei capelli, genere e comportamenti anomali https://www.lastampa.it/topnews/edizioni-locali/torino/2020/08/04/news/torino-360-occhi-elettronici-sulla-citta-via-libera-al-progetto-argo-ecco-le-prime-zone-sorvegliate-1.39159220
Testing out @GitKraken Boards for Vulnerability Management.
Looks good enough with labels, a bit of automation and calendar/timeline view.
https://app.gitkraken.com/glo/board/Xyl7DqNfyAAS19sc
#ambassador
#DevSecOps methodology concept : Writing security requirements in Gherkin
https://write.as/cirku17/security-as-code-add-security-requirements-for-devsecops-in-gherkin-lrvv
OWASP DevSecOps Guideline
https://github.com/OWASP/DevSecOpsGuideline (new project)
Opening Spaces for Digital Rights Activism: Multilateral Trade Negotiations https://www.citizen.org/article/51451-2/
RT @defcon
We don't know who needs to hear this right now, but #defconsafemode is free to attend. You don't have to register. It starts in one week. You should join us.
Manuel D'Orso
boosted
The Internet’s Untapped Potential
Proposing a new ethos for digital stewardship and a responsible data society.
https://medium.com/oasis-protocol-project/the-internets-untapped-potential-4d16b5107a50
RT @ExploitDB
[webapps] Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting http://dlvr.it/Rccftw
Watch Your Containers: Doki Infecting Docker Servers in the Cloud https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/
How Serverless Computing Can Reduce Your Attack Surface
Twilio: Someone broke into our unsecured AWS S3 silo, added 'non-malicious' code to our JavaScript SDK https://www.theregister.com/2020/07/21/twilio_sdk_code_injection/ via @TheRegister
Guy Who Reverse-Engineered TikTok Reveals The Scary Things He Learned, Advises People To Stay Away From It | Bored Panda
Manuel D'Orso
boosted
Chinese bank requires foreign firm to install app with covert #backdoor.
A large, multinational technology company got a nasty surprise recently as it was expanding its operations to China. The software a local bank required the company to install so it could pay local taxes contained an advanced backdoor.
#infosec #cybersecurity
https://arstechnica.com/information-technology/2020/06/chinese-bank-requires-foreign-firm-to-install-app-with-covert-backdoor/
Manuel D'Orso
boosted
DNS over TLS blocked in Iran https://ooni.org/post/2020-iran-dot/
June 2020 Open Source Security Vulnerabilities Snapshot | WhiteSource
Open Source IDS Tools: Comparing Suricata, Snort, Bro (Zeek), Linux
https://cybersecurity.att.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview
- Keybase
- cirku17
Ⓐ INTJ • DevSecOps • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
