Dino

AI Red-Teaming Design: Threat Models and Tools | Center for Security and Emerging Technology Red-teaming is a popular evaluation methodology for AI systems, but it is still severely lacking in theoretical grounding and technical best practices. This blog introduces the concept of threat model...

cset.georgetown.edu/article/ai-r... - Great article on Ai Red teaming #Cybersecurity #AI #AIsecurity

State of Exploitation - A look Into The 1H-2025 Vulnerability Exploitation & Threat Activity | Blog | VulnCheck A Look into the Last 6-months of Vulnerability Exploitation… January-June 2025

www.vulncheck.com/blog/state-o... some great threat intel from Vulncheck

The Everyday American Who Hustled for North Korea The Journal. · Episode

open.spotify.com/episode/1fEa... - North Korean's inflitrating US companies for cash is pretty big news right now and also pretty fascinating. This story is about one of the folks who manage a north Korean laptop farm and its pretty interesting.

#Cybersecurity #Laptopfarm

www.hackthelogs.com/mainpage.html Another great resource for Detection Engineers and anyone working with SIEM's

#Cybersecurity

Cross-Site Scripting (XSS) Cheat Sheet - 2025 Edition | Web Security Academy Interactive cross-site scripting (XSS) cheat sheet for 2025, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.

Really cool one for anyone in Appsec or red team awesome XSS cheat sheet from PortSwigger.

portswigger.net/web-security...

#Cybersecurity #Cheatsheet #Appsec

hopefully they do better than the City of Columbus did during their ransomware incident last year.

Top CVE Trends & Expert Vulnerability Insights Stay ahead with the latest insights on trending vulnerabilities. Discover today's top 10 CVEs on social media. Get free and expert commentary from Intruder

cvemon.intruder.io - Great tool for any folks in Vulnerability Management. Helpful to see whats going on in CVE's.

#VulnManagement #cybersecurity

AI Red Teamer Job Role Path | HTB Academy The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt...

academy.hackthebox.com/path/preview... - Killer resource for anyone in Cybersecurity looking to level up their skills on AI security!

#AIsecurity #cybersecurity #redTeam

Правовой уголок офицера 🪖 // Скандал в Военно-космической академии: курсант задержан за взлом защищенной информации Курсант Военно-космической академии имени А.Ф. Можайского  разработал программу, способную взламывать защит...

New Darwin Awards 2025 nominee:

A Russian space academy cadet created a tool to access classified data on the Russian MOD network and was selling it for only $100 on Russia's biggest classified ads portal

He was arrested by the FSB last week

t.me/voenpravoru/...

How to Get Started with Secure Code Review Since starting my secure code review challenges in December 2023 (https://github.com/dub-flow/secure-code-review-challenges), many people…

medium.com/@dub-flow/ho... Great into for secure code review along with some resources to help folks get better at it #cybersecurity #code

orange-cyberdefense.github.io/ocd-mindmaps... such a cool Active Directory min map for offensive security

#Activdirectory #cybersecurity #redteam

AI Red Teamer Job Role Path | HTB Academy The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt...

academy.hackthebox.com/path/preview... - This is virtually free @hackthebox.bsky.social silly cube payment system makes me feel like im a kid at Chuck-E-Cheese again BUT the content is excellent and great for anyone starting from the ground up in AI red teaming #AI #infosec #Cybersecurity

Why the AI world is suddenly obsessed with a 160-year-old economics paradox The primer on Jevons paradox that you didn't know you needed.

www.npr.org/sections/pla... - This is a pretty good read on #AI. Simply put the comparison is to coal back in England in the 1800s as efficiency increased the common thought was consumption would decrease. But instead there was a rebound effect. Some are pondering if this will be the same for AI/LLM

Adversarial Misuse of Generative AI | Google Cloud Blog We share our findings on government-backed and information operations threat actor use of the Gemini web application.

cloud.google.com/blog/topics/... - great read from Google on Adversarial misuse of Gen AI and what they have been seeing from threat actors lately.

Too many cool take aways to fit them all in

#infosec #cybersecurity #AIsecurity

Ransomware.live 👀 Ransomware.live tracks ransomware groups and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on the groups' infrastructure, victims, and payment demands. It also includes a live map that shows the latest ransomware attacks.

www.ransomware.live/vulns This is such a cool site if you are in CTI and not using it I think it can easily make it into your weekly checks. Beyond the great wealth of Ransomware data they just added some of @bushidotoken.net's CVE,TOOLS and TTP's matrix.

#CTI #threatintel #cybersecurity

DeepSeek R1 Exposed: Security Flaws in China’s AI Model Discover the security flaws in DeepSeek R1, a Chinese AI model with advanced reasoning capabilities. KELA's analysis reveals vulnerabilities, outdated safeguards, and privacy risks, emphasizing the ne...

www.kelacyber.com/blog/deepsee... - Great read on DeepSeek security flaws. personal experience it is a little bit easier to jailbreak than others which can pose some risk. Though I do feel there is a bit of overblown hype around some aspects.

#cybersecurit #AI #llm

buckets.grayhatwarfare.com - This is a pretty neat search engine for open/public/misconfigured buckets both S3 and any other S3 similar cloud product (Digital Ocean, Azure Blob, Google Drive etc.)

#cybersecurity #CloudSecurity #security #infosec

GitHub - lkarlslund/nifo: Nuke It From Orbit - remove AV/EDR with physical access Nuke It From Orbit - remove AV/EDR with physical access - lkarlslund/nifo

github.com/lkarlslund/n... - Nuke it from orbit is a pretty neat concept of removing AV/EDR when you have physical access to a machine might be fun to play around with but also use with care 😁

Humble Tech Book Bundle: Hacking 2024 by No Starch Level up your hacking and skills with this tech bundle from No Starch. Learn to protect yourself and others! Pay what you want & support charity!

www.humblebundle.com/books/hackin... - Killer bundle of books for $20 from humble bundle evading EDR and windows security internals such a good deal for anyone in Cybersecurity.

#cybersecuriry #infosec #Hacking

Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs Using this maturity model, security teams can make structured, measurable, and iteritive improvements to their detection engineering teams..

www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.

#infosec #cybersecurity #cyber #Detection

juniverse.securitybreak.io - Some pretty useful Jupyter Notebooks for infosec IOC extractor, threat intel summarization and more.

#infosec #cybersecurity #python #LLM

mr. burns from the simpsons is making a funny face and says `` excellent '' . ALT: mr. burns from the simpsons is making a funny face and says `` excellent '' .

excellent ill play around with it

AMSI Bypass Methods Microsoft has developed AMSI (Antimalware Scan Interface) as a method to defend against common malware execution and protect the end user. By default windows defender interacts with the AMSI API to…

pentestlaboratories.com/2021/05/17/a... - awesome write up on various AMSI bypass methods

#cybersecurity #redteaming #infosec

GitHub - WithSecureLabs/cloud-security-vm: Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments - WithSecureLabs/cloud-security-vm

github.com/WithSecureLa... - Pretty neat new Cloud security Virtual machine with allot of great pre installed tools.

#cloudsecurity #cybersecurity #redteaming #security

GitHub - pasquini-dario/project_mantis Contribute to pasquini-dario/project_mantis development by creating an account on GitHub.

github.com/pasquini-dar...

Pretty awesome concept for defense against offensive AI agents. Conceptually it is a honey pot that leads the AI agent to indirect prompt injection. Very cool for anyone interested in #AIsecurity

#llmsecurity #cybersecurity