[tl;dr sec] #270 – APT Attack Simulation, AWS Phishing, 7 Security Flywheels
I hope you’ve been doing well! This is a story, all about how… Recently some friends and I saw a Fresh Prince of Bel Air…
I hope you’ve been doing well! This is a story, all about how… Recently some friends and I saw a Fresh Prince of Bel Air…
Habits are so good. They even compound! But, they can be hard to start and maintain. I’ve successfully started new ones and then stacked on…
Threat modeling (with) LLMs, tj-actions woes, reading a threat actor’s Telegram C2 I hope you’ve been doing well! Working on Your Personality One family ritual…
A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes ingress controller. When exploited together,…
The Intigriti team have recently observed an abuse scenario, trending across the industry, where malicious actors are posing as legitimate white-hat hackers, deceiving targeted companies…
Modern organizations are becoming increasingly reliant on agentic AI, and for good reason: AI agents can dramatically improve efficiency and automate mission-critical functions like customer…
Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools…
If you are a mature organization, you might manage an external IP block of 65,000 IP addresses (equivalent to a /16 network). In contrast, very…
We can’t stop learning fundamentals just because tech can do them February 28, 2025 Not learning to code just because there are AI coding agents…
Large-scale operations and the extensive attack surface of the retail industry render it particularly susceptible to cybercrime, on a global scale. Websites, mobile apps, and…
Amelia Coen | 13 March 2025 at 08:49 UTC Security is a team sport. Whether you’re a pentester, bug bounty hunter, student, or just love…
Katie Warren | 12 March 2025 at 13:30 UTC Why now? Artificial intelligence is rapidly transforming industries, and security testing is no exception. At PortSwigger,…