Five Takeaways from Ohio Secretary of State’s VDP Success Story
Recently, Ohio Secretary of State Chief Information Security Officer Jillian Burner, and HackerOne Co-founder and Head of Professional Services, Michiel...
Read more →Category: Mix
Manage Your Attack Surface With Continuous Security Testing
Creating Continuous Attack Resistance In order to stay ahead of cybercriminals, businesses need to preemptively find flaws in their digital...
Read more →
Burp Suite roadmap update: July 2023 | Blog
Matt Atkinson | 17 July 2023 at 14:26 UTC Check out our roadmap for Burp Suite and find out what...
Read more →
ZAP 2.13 Review ⚡️
예상보다 훨씬 빠른 시기에 ZAP 2.13이 릴리즈되었습니다. 보통 매년 가을, 겨울중에 릴리즈가 있었는데, 이번에는 여름에 릴리즈가 생겼네요. 변화된 부분이 크진...
Read more →
The Future of Generative AI and Security [2 Predictions]
Offensive AI Will Outpace Defensive AI In the short term, and possibly indefinitely, we will see offensive or malicious AI...
Read more →![[tl;dr sec] #190 - Securely Build on AI, CISA Pen Test repo, Joining Google's Red Team](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-190-Securely-Build-on-AI-CISA-Pen.jpg "[tl;dr sec] #190 - Securely Build on AI, CISA Pen Test repo, Joining Google's Red Team 10")
[tl;dr sec] #190 – Securely Build on AI, CISA Pen Test repo, Joining Google’s Red Team
I hope you’ve been doing well! 🏋️ Our Gym If you’ve been wanting to improve your fitness but haven’t been...
Read more →
Challenges Implementing AWS Multi-Account Strategy
Implementing an AWS multi-account strategy is a popular approach that helps organizations to manage their cloud resources efficiently. In my...
Read more →
Bug Bytes #207 -IIS, LLMs and iOS
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by...
Read more →
ShareFile Pre-Auth RCE (CVE-2023-24489) – Assetnote
Summary An unauthenticated attacker can upload arbitrary files leading to remote code execution. A cryptographic flaw, coupled with a path...
Read more →
SSL Version을 체크하는 여러가지 방법들
여러가지 명령을 통해 ssl version 체크하는 방법들 간략하게 메모해둡니다. 개인적으로 주로 testssl.sh를 자주 사용했었는데, 쓰다보니 종종 다른 도구와 크로스 체크가...
Read more →![[tl;dr sec] #189 - CISA on Defending CI/CD, Backdooring NPM via S3, AI + Reverse Engineering](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-189-CISA-on-Defending-CICD-Backdooring-NPM.jpg "[tl;dr sec] #189 - CISA on Defending CI/CD, Backdooring NPM via S3, AI + Reverse Engineering 21")
[tl;dr sec] #189 – CISA on Defending CI/CD, Backdooring NPM via S3, AI + Reverse Engineering
I hope you’ve been doing well! 🎇 4th of July I spent my 4th of July, ironically, with a group...
Read more →
Takeaways from a Conversation Between Hackers and Program Managers
In our web event “Getting Vulnerable”, we brought together program managers Jill Moné-Corallo from GitHub, Garrett McNamara from ServiceNow, and...
Read more →