becojo's Avatar

becojo

@becojo.com.bsky.social

securing the computers | gifs https://becojo.tumblr.com

42 Followers  |  112 Following  |  5 Posts  |  Joined: 21.10.2024  |  1.7394

Latest posts by becojo.com on Bluesky

Preview
becojo forcefield

oof this looks rough. see the original gif on tumblr
becojo.tumblr.com/post/7903614...

29.07.2025 00:27 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

πŸ‘€ bsky.app/profile/bsky...

29.07.2025 00:24 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Identifying birds using the Merlin Bird ID is real life PokΓ©mon.

22.06.2025 22:58 β€” πŸ‘ 53    πŸ” 7    πŸ’¬ 4    πŸ“Œ 0
NorthSec 2025: Containers

My writeup for @northsec.io CTF 2025's "Containers" reverse track:

merkletr.ee/ctf/2025/nse...

18.05.2025 21:23 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

If there's one thing I've learned about covering cybersecurity over the past decade or so, is that the cybersecurity community (the fixers and breakers) and the cybersecurity industry (profits above all else) are two very, very different things.

30.04.2025 12:16 β€” πŸ‘ 194    πŸ” 51    πŸ’¬ 8    πŸ“Œ 5
Preview
Model Context Protocol has prompt injection security problems As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built ...

Model Context Protocol has prompt injection security problems
simonwillison.net/2025/Apr/9/m...

09.04.2025 13:01 β€” πŸ‘ 120    πŸ” 23    πŸ’¬ 10    πŸ“Œ 3

πŸ‘‹ Hello Bsky! MontrΓ©Hack is a bilingual, monthly cybersecurity workshop in Montreal where challenge designers present their CTF challenges and participants solve them.

10.03.2025 22:18 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Fellow cybersecurity folks: Make sure to follow @northsec.bsky.social if you came to bluesky from Twitter! Great conference in Montreal and probably the biggest on-site CTF in the world.

31.01.2025 00:08 β€” πŸ‘ 4    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Preview
Cyberhaven says it was hacked to publish a malicious update to its Chrome extension | TechCrunch The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

New, w/ @lorenzofb.bsky.social: Data-loss prevention startup Cyberhaven was hacked to publish a malicious update to its Chrome extension, affecting potentially thousands of users. A security researcher says other big Chrome extensions were hacked in the same campaign.

techcrunch.com/2024/12/27/c...

27.12.2024 18:55 β€” πŸ‘ 11    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Preview
Design Space for Code Search Query A review of the design space for code search tools.

Design Space for Code Search Query ast-grep.github.io/blog/code-se...

26.12.2024 13:43 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

merci Γ  vous et votre Γ©quipe pour ce podcast πŸ₯² bon succΓ¨s dans vos projets futurs!

21.12.2024 16:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Dying to win: Canadian provinces are expanding legal gambling despite one death every nine days Investigation into gambling-related suicide data shows tracking of deaths lags while governments ignore risks to chase industry profits

Dying to win: Canadian provinces are expanding legal gambling despite β€˜one death every nine days.’

Michener-funded investigation into gambling-related suicide data shows tracking of deaths lags, while governments ignore risks to chase industry profits.

ricochet.media/justice/dyin...

#cdnpoli

17.12.2024 20:48 β€” πŸ‘ 66    πŸ” 42    πŸ’¬ 2    πŸ“Œ 9
Preview
Bridging the Gap: Elevating Red Team Assessments with Application Security Testing | Google Cloud Blog Red team and targeted external assessments should incorporate application security expertise to better simulate modern adversaries.

I wrote a thing with my colleague Ilyass El Hadi (0xc0ffee_) & Charles Prevost, about how we've been leveraging offensive webapp testing during Red Teams. 4 use cases of external breaches using webapps inside, enjoy! #appsec

cloud.google.com/blog/topics/...

06.12.2024 20:12 β€” πŸ‘ 17    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Preview
2-Factor Authentication Support Β· Issue #1071 Β· bluesky-social/social-app Is your feature request related to a problem? Please describe. 2Factor authentication is generally a very handy feature for security purposes as passwords and logins sometimes fail. 2Factor Authent...

Please vote for better 2FA support on bsky!

github.com/bluesky-soci...

01.12.2024 10:22 β€” πŸ‘ 92    πŸ” 37    πŸ’¬ 6    πŸ“Œ 10
Preview
Flatt Security XSS Challenge Execute alert(origin) on each challenge origins.

Been having a ton of fun solving these, only 2/3 done and i'm quite humbled so far
challenge-xss.quiz.flatt.training

21.11.2024 17:58 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
TIL: Some surprising code execution sources in bash

add that to the reasons to stop using bash in production pipelines yossarian.net/til/post/som... #security #cicd #appsec

21.11.2024 17:16 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
PyPI now supports digital attestations - The Python Package Index Blog Announcing support for PEP 740 on the Python Package Index

PyPI replaces PGP signatures with digital attestation system

blog.pypi.org/posts/2024-1...

14.11.2024 14:44 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

@becojo.com is following 19 prominent accounts