I blog about random things security, everything is broken, nothing scales, shared memory models are flawed.

I made a huge scan for the unintentionally exposed .git repositories - found hundreds of thousands sites.

For those unfamiliar with modern advertising tech, iFrame Busters are HTML files hosted on publisher sites which allow ad creatives to extend outside of their standard boundaries. These expandable creatives are typically easy to identify on a site — usually…

Small HTML DoS exploit kit aimed at mobile browsers that allows rapid deployment and testing - TheSecondSun/Safari-Crash

In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.

Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life when having phisical access to a locked mobile device

Being cloud native won’t save you from external threats if you as a user are not aware of basic security...

Volexity has conducted the following research in collaboration with RiskIQ. We will discuss the same incident from different perspectives. RiskIQ's...

While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.

Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers

While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.

In episode of 5 O11ycast, Rachel and Charity speak with Anton Chuvakin, Research VP at Gartner for Technical Professionals, about the ways modern companies make, or don't make, decisions around security.

2 votes and 1 comment so far on Reddit

Advancing Transparency and Accountability in the Cybersecurity Industry