9a883rhax0r

What Is Microsegmentation? Explore microsegmentation and its role in limiting lateral movement within networks. Learn how it strengthens security and protects critical assets.

www.paloaltonetworks.com/cyberpedia/w...

#infosec #cybersecurity

Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware. TL;DR - Our investigation of a single color picker exposed a coordinated campaign of 18 malicious extensions that infected millions

blog.koi.security/google-and-m...

#infosec #cybersecurity #hacking

Smaller organizations nearing cybersecurity breaking point Strained budgets, overstretched teams, and a rise in sophisticated threats is leading to plummeting security confidence among SMEs as cybercriminals increasingly target them in supply chain attacks.

www.csoonline.com/article/4003...

#cybersecurity
#infosec

Yes

Thinking of diving into AI? Here’s a nutshell guide!

Mix stats, code, modeling, & domain skills- and choose your path: Data Analyst, ML Engineer, AI Specialist, AI Engineer or Data Scientist.

Your skill stack = your future title.

#AI #Careers #DataScience #ML #TechJobs

Penetration Testing Firms: 10 Red Flags Every Business Should Know Learn how to spot shady penetration testing companies. These 10 red flags will help you avoid scams, fake teams, and overpriced automated scan services.

artificesecurity.com/penetration-...

#cybersecurity #pentesting #hacking #infosec

The CPTS Cheatsheet: Your Ultimate Guide to Penetration Testing

Are you preparing for the Hack The Box Certified Penetration Testing Specialist (CPTS) exam? This CPTS Cheatsheet acts like a GPS for your next pentest, covering essential techniques and tools to help you succeed. 📚 Download the…

CISA loses nearly all top officials as purge continues Most of the leaders of the agency’s operating divisions and regional offices have left or will leave this month amid the Trump administration’s aggressive government-downsizing campaign.

Everything will be fine #not
www.cybersecuritydive.com/news/cisa-se...

#infosec #cybersecurity #hacking #CyberSec

Very useful website for incident response.
www.incidentresponse.com/mini-sites/p...
#cybersecurity #hacking #blueteam

US agency extends support at last minute for cyber vulnerability database U.S. officials have said at the last minute that they're extending support for a critical database of cyber weaknesses whose funding was due to run out on Wednesday.

www.reuters.com/world/us/us-...
#cybersecurity #infosec

YouTube video by John Hammond cybersecurity just got f***ed

www.youtube.com/watch?v=itbs...
#cybersecurity #infosec

BREAKING.

From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.

Another Steam Game Has Seemingly Skirted Rules To Add Malware To Your PC Be careful out there, gamers.

Steam has removed the demo of an upcoming game named "Sniper: Phantom's Resolution" for installing malware on user devices.

www.thegamer.com/steam-gets-s...

GitHub - The-Art-of-Hacking/h4cker: This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics... This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar...

Awesome ethical hacking resources by Omar Santos.
#cybersecurity #hacking #pentest

github.com/The-Art-of-H...

GitHub - edoardottt/awesome-hacker-search-engines: A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - edoardottt/awesome-hacker-search-engines

github.com/edoardottt/a...

#cybersecurity #hacking #infosec

Write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation

github.com/0xor0ne/awes...

#infosec #cybersecurity

PRO TIP: if you aren’t in IT and you accidentally cause a widespread Ransomware infection, it’s likely a minimum 5 day paid vacation for you while IT tries to restore systems

Also, it will all somehow be your Cyber team’s fault

So, get out there and download some sketchy shit

But then you get an invalid coffee coupon worth 10 dollars. So that seems like a better choice to me.

A screenshot of the GitHub blog post with text that reads: "Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. Attackers who are in possession of a single valid signature that was created with the key used to validate SAML responses or assertions of the targeted organization can use it to construct SAML assertions themselves and are in turn able to log in as any user. In other words, it could be used for an account takeover attack. Users of ruby-saml should update to version 1.18.0. References to libraries making use of ruby-saml (such as omniauth-saml) need also be updated to a version that reference a fixed version of ruby-saml."

GitHub's security team has discovered a combo of two bugs in the Ruby-SAML library that can be used to bypass authentication in apps that use the library.

github.blog/security/sig...

Good conversation. To pay or not to pay. I think about that a lot. (if it is ever necessary). But I still remain on the side of not paying. We prefer to invest a little more on security and bcdr.

Hacker And The Fed 74 episodes. Former FBI Special Agent, Chris Tarbell, and ex-Anonymous/LulzSec blackhat hacker turned network penetration tester, Hector Monsegur (aka Sabu), once faced off as adversaries in cyberspac...

www.podchaser.com/podcasts/hac... Great podcast! #cybersecurity #hacking

CompTIA Linux+ Exam Prep (XK0-005 revision) [IN PROGRESS] - YouTube NOTE: This series is IN PROGRESS (I'll update the description when it's complete, but feel free to follow along with us as we prepare for the Linux+ exam!) T...

Want to learn Linux?
Check out Shawn Powers awesome Linux+ course.
#linux #cybersecurity
youtube.com/playlist?lis...

#infosec #cybersecurity #cyber #hacking

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials Hackers use polymorphic browser extensions to mimic real add-ons, steal credentials, and hijack accounts. Affects Chrome, Edge, Brave, and more.

thehackernews.com/2025/03/rese... #cybersecurity #infosec #hacking #offsec

Awesome shodan query.
"authentication disabled" "RFB 003.008"

after that:
sudo apt-get install tigervnc-viewer
enjoy!!

So many targets, so little time.

GitHub - jakejarvis/awesome-shodan-queries: 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻 - jakejarvis/awesome-shodan-queries

shodan queries that you can use with shodan-eye (check an earlier post of mine)
But warning: Your day will be over before you know it if you start playing with this. #cybersecurity #hacking #ethicalhacker
github.com/jakejarvis/a...

GitHub - BullsEye0/shodan-eye: Shodan Eye This tool collects all the information about all devices directly connected to the internet using the specified keywords that you enter. Author: Jolanda de Ko... Shodan Eye This tool collects all the information about all devices directly connected to the internet using the specified keywords that you enter. Author: Jolanda de Koff - BullsEye0/shodan-eye

Use your shodan API and see how this great little tool works. #shodan #cybersecurity #hacking

github.com/BullsEye0/sh...

GitHub - DarkWebInformer/DarkWatchCTI: A collection of Cyber Threat Intelligence information gathered from the depths of the clearnet, deep web and dark web. A collection of Cyber Threat Intelligence information gathered from the depths of the clearnet, deep web and dark web. - DarkWebInformer/DarkWatchCTI

💡New Markets (new_markets.md) has been added to DarkWatchCTI

github.com/DarkWebInfor...

I'm in the process of adding these to the platform under Onions, as well as the Status Page.

That scene in that Netflix documentary with those 2 poles and that laser hahahahaha rofl.

GreyNoise Visualizer At GreyNoise, we collect and analyze untargeted, widespread, and opportunistic scan and attack activity that reaches every server directly connected to the Internet.

viz.greynoise.io
Nice tool for the defensive side!
#blueteam #soc #cybersecurity #infosec