![[tl;dr sec] #212 - AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps](https://cybernoz.com/wp-content/uploads/2024/01/tldr-sec-212-AWS-Security-Services-Best-Practices-EDR.png "[tl;dr sec] #212 - AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps 1")
[tl;dr sec] #212 – AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps
I hope you’ve been doing well! 👋 New Year, Who Dis? I hope you had a great holiday break and...
Read more →Category: Mix
xss attack vector at “style” context for less.js – mert tasci
detailless & sass suddenly came to my mind when researching about of css injection attacks. you know, both are css...
Read more →
The Stony Path of Android 🤖 Bug Bounty – Bypassing Certificate Pinning
Dear readers, Long story short, doing bug bounties for mobile devices is hard. With this article I want to show...
Read more →
High Risk Vulnerabilities within the DoD – Exploiting Coldfusion, Dotnet Nuke, Oracle, and more | by Alyssa Herrera
The Department of Defense Launched a bug bounty program on November 21st, 2016 on Hackerone. This allowed researchers to report...
Read more →
BugBountyHunter Chats — Getting to know 0xblackbird, YouGina, JTCSec and HolyBugx | by Sean (zseano)
18 min read · Jul 12, 2021 BugBountyHunter.com opened early November 2020 and the amount of growth we have seen...
Read more →
Addressing the Rising Threat of API Leaks
In the realm of cybersecurity, the metaphor of “Leaky Buckets” has become an increasingly prevalent concern, particularly in the context...
Read more →
7 Things to Expect from AI in 2024+, Xi Going Stalin, SSH’s Terrapin…
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a...
Read more →
Cory Doctorow is Not Even Wrong About the So-called “AI Bubble”
I’ve had to make rule for my events: The first person to mention AI owes everyone else a drink. It’s...
Read more →
My (infosec) resolutions for 2024
The last few years I’ve been struggling to find time and energy to actively contribute to the information security community....
Read more →
Continuous Testing & Monitoring – Blog Detectify
In order for AppSec and ProdSec teams to stay on top of their growing attack surface, they must understand what...
Read more →
Improvements to the attack surface overview
We’ve made several improvements to the attack surface data visible from the overview, such as new IPs and both covered...
Read more →
EASM in 2023 – Blog Detectify
It’s nearing the end of 2023, and we’ve recently published a report, “State of EASM 2023”, offering insights into the...
Read more →