RT @twcitalia
📅 Sabato 15:00
📍Hackmeeting | Ponticelli, Bologna
🎯 hackmeeting.org/hackit21/arriv

Questo sabato saremo ad HackMeeting per far conoscere TWC Italia e discutere di lavoro tecnologico e di come questo si lega ai temi della tecno-politica.

Per maggiori info: hackmeeting.org/hackit21/talks

RT @carolafrediani
Su Regione Lazio, quanto uscito da fonti ufficiali/ufficiose è:
- son criminali/son terroristi
- è ransomware/non c'è riscatto
- attacco via fornitori IT/fornitori IT estranei
- entrati con phishing/no phish
- no backup/c'è(recuperato)
Appello a istituzioni: dateci + info,+chiare

Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: server-side request forgery, remote file inclusion, local file inclusion, and more (CVE-2021-28918)

RT @BlueLabsOnline
🪓Logger & 🧠Total Recall have been released! 🐻Grizzly releases tomorrow evening. Enjoy Defenders!

Blue Team Labs

A gamified platform for defenders to practice their skills in security investigations and challenges covering; Incident Response, Digital Forensics, Security Operations, Reverse Engineering, and Threat Hunting.


RT @FDezeure
7th EU ATT&CK Workshop on 1-2 June. attack-community.org/event/. Updates from @MITREattack, launching @CycatP, exciting news from @sigma_hq and best practices presented by peers. Participation free but registration required. @circl_lu @CERTEU @MITREengenuity

RT @unmaskparasites
WordPress "Smilodon" malware (decoded) that steals payment details and user credentials. Exfil domains redorn[.]space and predator[.]host. Found in the _vp_ai_ping_11669596 option in WP database
Thanks @_jamsec

Why hot new social app Clubhouse spells nothing but trouble


"Clubhouse makes unencrypted recordings of the conversations.... Agora, the company that supplies back-end infrastructure to the Clubhouse app, is based in Shanghai. This means...'a user’s unique Clubhouse ID number and chatroom ID are transmitted in plaintext, and Agora would likely have access to users’ raw audio, potentially providing access to the Chinese government.'"

There is a Postman API conference and it is free to attend on Thursday and Friday


Quiet a lot of API security talks

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.