The Open Security Summit is organising monthly Mini-Summits
Next: 14th - 18th March 2022
open-security-summit.org/

Network security is often outsourced (e.g. cloud providers)

Endpoint security is their own island

Application security is not well understood

Organizations that learn how to bridge or unify these different practices will be more successful and efficient at defending themselves.

One relatively easy way to get started is to require existing departments to test each change they make. It forces them to learn how to verify things are working as intended.

RT @twcitalia
📅 Sabato 15:00
📍Hackmeeting | Ponticelli, Bologna
🎯 hackmeeting.org/hackit21/arriv

Questo sabato saremo ad HackMeeting per far conoscere TWC Italia e discutere di lavoro tecnologico e di come questo si lega ai temi della tecno-politica.

Per maggiori info: hackmeeting.org/hackit21/talks

RT @carolafrediani
Su Regione Lazio, quanto uscito da fonti ufficiali/ufficiose è:
- son criminali/son terroristi
- è ransomware/non c'è riscatto
- attacco via fornitori IT/fornitori IT estranei
- entrati con phishing/no phish
- no backup/c'è(recuperato)
Appello a istituzioni: dateci + info,+chiare

Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: server-side request forgery, remote file inclusion, local file inclusion, and more (CVE-2021-28918)
sick.codes/universal-netmask-n

RT @BlueLabsOnline
🪓Logger & 🧠Total Recall have been released! 🐻Grizzly releases tomorrow evening. Enjoy Defenders!
blueteamlabs.online

Blue Team Labs
Online

A gamified platform for defenders to practice their skills in security investigations and challenges covering; Incident Response, Digital Forensics, Security Operations, Reverse Engineering, and Threat Hunting.

blueteamlabs.online/

RT @FDezeure
7th EU ATT&CK Workshop on 1-2 June. attack-community.org/event/. Updates from @MITREattack, launching @CycatP, exciting news from @sigma_hq and best practices presented by peers. Participation free but registration required. @circl_lu @CERTEU @MITREengenuity

RT @unmaskparasites
WordPress "Smilodon" malware (decoded) that steals payment details and user credentials. Exfil domains redorn[.]space and predator[.]host. Found in the _vp_ai_ping_11669596 option in WP database
Thanks @_jamsec

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.