Pawb.Social Reports @transparency

0 posts0 participants0 posts today

0x40kWhoa, the IT security world was on FIRE this week! 🤯 Open source supply chain attacks, malware sneaking into the Play Store, ransomware bypassing EDR... and is AI just pouring gasoline on the phishing flames?! Seriously intense! 😳 Cloud security's getting a raw deal and let's be real, backups are only as good as their security.It's wild how rapidly the threat landscape's evolving, isn't it? Gotta stay sharp, folks! Automated vulnerability scans? They're definitely nice, but manual penetration tests are still essential. And AI? Awesome tech, but also seriously risky. Disinformation and manipulation are spiraling out of control. We've gotta stay vigilant!So, what are *your* biggest IT security pain points right now? Spill the beans!<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://infosec.exchange/tags/offensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensiveSecurity</a>

pentest-tools.comIf you didn't care, you wouldn't...👀 spend hours with your eyes glued to the screen 🧠 pour over write-ups, articles, and threads ⚡️ dedicate so much of your energy and life to the good fight.Working in <a href="https://infosec.exchange/tags/offensivesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensivesecurity</a> is more than a job. It's a way to make the world better. PS: Check out the free tools and resources (including a hacking playground) on our website to give your curiosity a workout. 💪 <a href="https://pentest-tools.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pentest-tools.com/</a><a href="https://infosec.exchange/tags/penetrationtesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#penetrationtesting</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Amélie KoranYou know, a few months ago I said I was <a href="https://infosec.exchange/tags/hiring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hiring</a>, I am now. So, if you're interested in <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>, <a href="https://infosec.exchange/tags/LLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LLM</a>, <a href="https://infosec.exchange/tags/Omnichannel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Omnichannel</a> and get <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a> at a <a href="https://infosec.exchange/tags/global" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#global</a> scale, apply now.   <a href="https://walmart.wd5.myworkdayjobs.com/WalmartExternal/job/Reston-VA/Staff--Incident-Response-Engineer---AI-Red-Team_R-1895939-1" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://walmart.wd5.myworkdayjobs.com/WalmartExternal/job/Reston-VA/Staff--Incident-Response-Engineer---AI-Red-Team_R-1895939-1</a>

Bishop FoxJoin our session to get real-world perspective into the necessity of <a href="https://infosec.exchange/tags/RedTeaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeaming</a>; Trevin Edgeworth (Bishop Fox Red Team Practice Director) will delve into how this key <a href="https://infosec.exchange/tags/offensivesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensivesecurity</a> practice can help unveil <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> gaps, optimize resource allocation, and deliver scenario-based <a href="https://infosec.exchange/tags/testing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#testing</a>. Register for this event happening October 24th! <a href="https://bfx.social/3Q44Cpa" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bfx.social/3Q44Cpa</a>

Bishop FoxCheck out this <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> resource guide we compiled to help people build up their ethical <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> skills! <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/offensivesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensivesecurity</a> <a href="https://bfx.social/3LUFleu" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bfx.social/3LUFleu</a>

Bishop FoxAnnouncing “The Offensive Security Blueprint for Financial Services.” Derived from the 2023 <a href="https://infosec.exchange/tags/PonemonInstitute" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PonemonInstitute</a> report, this industry cut provides a temperature check of the state of <a href="https://infosec.exchange/tags/offensivesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensivesecurity</a> in <a href="https://infosec.exchange/tags/FinServ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FinServ</a>. Get your copy and begin refining your <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> strategy today! <a href="https://bfx.social/48lV3sU" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bfx.social/48lV3sU</a>

averagesecurityguyIt's been about a week since this happened so I'm probably cool-headed enough to talk about it. First a little background info.A sales person from Offensive Security (<a href="https://www.offsec.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.offsec.com/</a>) has been trying to reach out to me for days. First by work email, which I ignored, then through my personal LinkedIn account, which I also ignored.Then, last week, my son texts me and says, "some guy called me looking for you." I told him I was your son and he said he would try to email. I know that absolutely no one in my professional circle has my son's personal cell number, so I asked him to send me the number that called him.I call the number back and it's the sales guy from Offensive Security. I immediately asked him how he got my son's number and found out it was part of a ZoomInfo (<a href="https://www.zoominfo.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zoominfo.com/</a>) record for me. I told him to immediately delete any record he has with my son's information.I then let him know in no uncertain terms that his company was using some shady data gathering practices if they had my son's cell number and because of that I will personally never do business with OffSec again. I also made it clear that he should never reach out to me again.Even though I hold the <a href="https://infosec.exchange/tags/OSCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCP</a> and <a href="https://infosec.exchange/tags/OSCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSCE</a> certifications and even though they were a career changer for me and for my colleagues, I will no longer do business with their company.<a href="https://infosec.exchange/tags/OffSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffSec</a> <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a>

mauvehed 🐿️ (KØMVH)RedTeamVillage is back at it for DEF CON 31 with a new electronic badge! We've been working on something extra special this year for DEF CON...we will be pre-selling a select amount of our 2023 badges, so order yours now!<a href="https://redteamvillage.square.site/product/dc31badge/2" rel="nofollow noopener noreferrer" target="_blank">https://redteamvillage.square.site/product/dc31badge/2</a><a href="https://defcon.social/tags/DEFCON" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DEFCON</a> <a href="https://defcon.social/tags/DEFCON31" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DEFCON31</a> <a href="https://defcon.social/tags/RedTeamVillage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeamVillage</a> <a href="https://defcon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://defcon.social/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a> <a href="https://defcon.social/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a>

Rishi :verifiedpurple:Many a times <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> folks ask about <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> or <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> & the what's one of the most important thing in it.Lemme tell you, the skills, attack-lifecycle, MITRE, evasion techniques are ever-evolving, and frankly can be learned & taught. Though I may want some baseline to fit you in the team, but it's not a deal breaker if you are eager to learn. To me it boils down to is how you perceive <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>, how can you explain complex concepts in simpler terms away from the buzz words with some daily life analogies. How you write reports, communicate, deliver briefings etc.If you miss this narrative coming out of an amazing gig (got the flags, hacked the sh** out of the application, environment, whatever) and couldn't articulate in the report - your stakeholder is like "sorry we didn't understand”. And worse if they didn't understand the <a href="https://infosec.exchange/tags/impact" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#impact</a> the <a href="https://infosec.exchange/tags/exploitation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploitation</a> may have; they ain’t fixing it, my friend & event getting a write-off on it aka. <a href="https://infosec.exchange/tags/risk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#risk</a>-acceptance Work with your <a href="https://infosec.exchange/tags/clients" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#clients</a>, <a href="https://infosec.exchange/tags/stakeholders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#stakeholders</a>, <a href="https://infosec.exchange/tags/businesses" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#businesses</a> as <a href="https://infosec.exchange/tags/partners" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#partners</a>, as extended teams. Sometimes, we have to educate them to have a secure ecosystem. Please understand - If they lose, we lose in making world a safer place. My boss once mentioned to me "Rishi, no matter how well you do, it's often the <a href="https://infosec.exchange/tags/perception" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#perception</a> of your clients that will define the outcome”. So, while we have the facts, skills etc. but if your stakeholder didn't understand or didn't have a good experience, they won't be paying attention to you. Period.So next time your do your <a href="https://infosec.exchange/tags/SANS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SANS</a>, <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a>, <a href="https://infosec.exchange/tags/CREST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CREST</a>, <a href="https://infosec.exchange/tags/PentesterAcademy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PentesterAcademy</a>, remember to understand and try to explain the concept to you non-tech friend, partner, sibling and if they get it - you are in the right space to grow.Why should you listen to me? Fair point. I have been in this space for nearly 2 decades, and have gone through 1000s of such reports, talked to 100s of clients - tech folks, CXO, board, public forums .. and have sat on both sides of table; suffered enough burns to engrain this in my approach. While you have skills in the binary world, have <a href="https://infosec.exchange/tags/empathy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#empathy</a> in the real world and sometimes it may take some effort educating them. Tags: <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bugbounty</a> <a href="https://infosec.exchange/tags/wickedwildworld" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wickedwildworld</a> <a href="https://infosec.exchange/tags/audit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#audit</a> %toot_12%

Tom Eston :verified:Hello! 👋 I believe an <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#introduction</a> is in order…I’ve been in <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> for over 17 years 😀Most of my career has been in offensive security. I started out as a pentester and did a lot of <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> stuff (before <a href="https://infosec.exchange/tags/redteaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteaming</a> was red teaming), <a href="https://infosec.exchange/tags/physicalsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#physicalsecurity</a>, <a href="https://infosec.exchange/tags/networksecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networksecurity</a>, and was even a developer for a short period of time 😬. Got the <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> bug until I moved into management/leadership roles. But <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> is still my “technical” passion. I’m currently the AVP of Consulting at Bishop Fox where I lead several teams of super talented and amazing hackers! 🦊While I was getting into pentesting, I did a bunch of research on the security and privacy of social networks right around the time social was in its infancy (circa 2008). Got to speak about that at a bunch of conferences back in the day which allowed me to meet some amazing people (including many of the OG <a href="https://infosec.exchange/tags/sectwits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sectwits</a>). That was around the time I also got into <a href="https://infosec.exchange/tags/podcasting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podcasting</a> and started the Social Media Security Podcast which later became <a href="https://infosec.exchange/@sharedsecurity" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@sharedsecurity</a>. I’ve been podcasting for over 13 years now!I admit I was more of a lurker on the birdapp but mostly because I found real engagement difficult plus I wasn’t a fan of the toxicity (especially more recently). So far Mastodon feels very different and almost like the original birdapp before algorithms and the mess we see today.Anyway, I’ll be tooting about <a href="https://infosec.exchange/tags/offensivesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#offensivesecurity</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/leadership" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leadership</a> <a href="https://infosec.exchange/tags/careers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#careers</a> <a href="https://infosec.exchange/tags/podcasting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podcasting</a> and probably <a href="https://infosec.exchange/tags/cats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cats</a>. I happen to have 5 of them! 😺

ZackJust found this <a href="https://ioc.exchange/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenBSD</a> based project:<a href="https://www.secbsd.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.secbsd.org/</a>Still in alpha testing !Contributors needed...<a href="https://ioc.exchange/tags/BSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BSD</a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://ioc.exchange/tags/floss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#floss</a> <a href="https://ioc.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://ioc.exchange/tags/cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersécurité</a> <a href="https://ioc.exchange/tags/testdintrusion" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#testdintrusion</a> <a href="https://ioc.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://ioc.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://ioc.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://ioc.exchange/tags/FullDiskEncryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FullDiskEncryption</a> <a href="https://ioc.exchange/tags/BugHunters" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BugHunters</a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://ioc.exchange/tags/SecurityResearchers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityResearchers</a> <a href="https://ioc.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OffensiveSecurity</a> <a href="https://ioc.exchange/tags/DefensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DefensiveSecurity</a>

Recent searches

Search options

Administered by:

Server stats:

#offensivesecurity