Manuel D'Orso @cirku17@infosec.exchange
- Keybase
- cirku17
Ⓐ INTJ • Infosec analyst • Metaveillance practitioner • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
RT @cyberkendra@twitter.activitypub.actor
PhPmyAdmin SQL injection in user accounts page.
https://www.phpmyadmin.net/security/PMASA-2020-1/
phpMyAdmin 4.x versions prior to 4.9.4 are affected, at least as old as 4.0.0. phpMyAdmin 5.x version 5.0.0 is affected.
WordPress: authentication bypass per i plugin “Infinite WP Client” e “WP Time Capsule”
https://www.cert-pa.it/notizie/wordpress-authentication-bypass-per-i-plugin-infinite-wp-client-e-wp-time-capsule/ via @CertPa@twitter.com
Manuel D'Orso
boosted
Firefox 72.0.1 and FF ESR 68.4.1 available, fixing a critical security vulnerability exploited in targeted attacks:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
– Mozilla: "We are aware of targeted attacks in the wild abusing this flaw."
– This updates the recently released Firefox 72.0 and FF ESR 68.4.0.
– There will be a Tor Browser update (9.0.4) and likely a Tails OS update soon.
#firefox #mozilla #vulnerability #torbrowser #tails #infosec #security #cybersecurity
Quick Look: How to Harness Dev and Their Native Tools to Accelerate DevSecOpshttps://youtu.be/glsbp6MQ8vM
Using ATT&CK for CTI Training | MITRE ATT&CK™
https://attack.mitre.org/resources/training/cti/
Manuel D'Orso
boosted
Company held hostage by ransomware shuts down, tells 300 employees to find new jobs.
A ransomware attack should never be enough to kill off your company.
36C3 - Server Infrastructure for Global Rebellion https://youtu.be/I_O3zj3p52A
awesome-mobile-security: An effort to build a single place for all useful android and iOS security related stuff.
https://github.com/vaib25vicky/awesome-mobile-security
Google Play Lifts Ban on Ethereum Browser Extension MetaMask https://cointelegraph.com/news/google-play-lifts-ban-on-ethereum-browser-extension-metamask via @Cointelegraph@twitter.com
RT @matte_lodi
To celebrate this new decade, I have just released a new open source tool that could help security researchers on daily #threatintelligence operations: #IntelOwl
Check out the blog post for further info: https://www.certego.net/en/news/new-year-new-tool-intel-owl/
@Certego_IRT@twitter.com @JAMESWT_MHT@twitter.com @reecdeep@twitter.com
Security for the 2020s: The Skills and Talent problem by Mario Platt https://link.medium.com/3Mo5FOUzR2
OSCD: Threat Detection Sprint #1 by Daniil Yugoslavskiy https://link.medium.com/RhHf0xOfP2
DEF CON 27 Monero Village - Dr Jeremy Gillula - Encrypting the Web Isnt Enough https://youtu.be/4KbaRVi1Vms #defcon27
Manuel D'Orso
boosted
Seems that Mozilla and Mullvad are teaming up to provide Wireguard VPN service soon.
Firefox Private Network: VPN to Protect Your Entire Device
Use the VPN from Firefox for full-device protection for all apps. With servers in 30+ countries, you can connect to anywhere, from anywhere.
How to Be a Savvy ATT&CK Consumer by Katie Nickels https://link.medium.com/hoS9becTo2
Google Fires Another Worker for Exercising her Rights and Protecting Coworkers from Illegal Company Retaliation by Kathryn Spiers https://link.medium.com/ifcA4uzHu2
Opinion | Reject the corporate surveillance behind Amazon Ring and Google Nest https://www.nbcnews.com/think/opinion/google-nest-or-amazon-ring-just-reject-these-corporations-surveillance-ncna1102741 di @NBCNewsTHINK
DEF CON 27 Blue Team Village - claushoumann - Security Strategy for Small Medium Businesshttps://youtu.be/IebyD9q-G0E #defcon27
Manuel D'Orso
boosted
Open Reference Architecture for Security and Privacy
https://security-and-privacy-reference-architecture.readthedocs.io/en/latest/
The Githubification of InfoSec by John Lambert https://link.medium.com/eT0PehE0f2
- Keybase
- cirku17
Ⓐ INTJ • Infosec analyst • Metaveillance practitioner • Crypto-anarchism enthusiast • Fellow at Cyber Saiyan
Italy
Joined May 2019
