Anthony Coggins's Avatar

Anthony Coggins

@cogcyber.com.bsky.social

Infosec Leader, Yogi, Father, Husband, Nerd

37 Followers  |  101 Following  |  26 Posts  |  Joined: 28.08.2023  |  1.9118

Latest posts by cogcyber.com on Bluesky

Post image

Alert: SharePoint CVE-2025-53770 incidents! In collaboration with Eye Security & watchTowr we are notifying compromised parties. See: research.eye.security/sharepoint-u...

~9300 Sharepoint IPs seen exposed daily (population, no vulnerability assessment): dashboard.shadowserver.org/statistics/i...

20.07.2025 11:52 β€” πŸ‘ 13    πŸ” 8    πŸ’¬ 1    πŸ“Œ 2
Post image 13.07.2025 23:29 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

It’s that time again, apparently.

28.06.2025 16:52 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

🚨🚨The White House is pissed off about this ad so you know what to do, share it everywhere! ICE is disappearing people just because of the color of their skin! No Warrant! No Due Process! This is not who we are as Americans! #MAGAKidnappers want an all white America, fuck that‼️

18.06.2025 20:08 β€” πŸ‘ 26841    πŸ” 18716    πŸ’¬ 839    πŸ“Œ 1160
CISO / Cybersecurity Leader Job Description There is a plethora of sample job descriptions for security leaders that are often strictly correct but can also be uninspiring or too detailed to capture the actual essenceΒ of the role. I developed t...

A different taken on the CISO / Cybersecurity Leader Job Description.

www.philvenables.com/post/ciso---...

31.05.2025 14:44 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

if u see this
post your getaway vehicle

04.05.2025 21:03 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

For the last few days we are also scanning & reporting out exposed Ingress NGINX Controller for Kubernetes (Admission Controller feature). These may possibly be also vulnerable to CVE-2025-1974 & other recently disclosed vulnerabilities.

We see around 4000 IPs exposed.

27.03.2025 13:22 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
Video thumbnail

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it.

@lhn.bsky.social has a guide for you:
www.wired.com/story/the-wi...

13.03.2025 14:06 β€” πŸ‘ 661    πŸ” 343    πŸ’¬ 16    πŸ“Œ 16
App Management Policies are now in the Entra ID FREE Tier!! So what are app management policies? How can they be used to secure your tenant?

App Management Policies are now in the Entra ID FREE Tier!! So what are app management policies? How can they be used to secure your tenant?

This doesn't happen everyday folks!!

Entra ID application management policies no longer require a Workload ID Premium license! πŸ‘πŸŽπŸΎπŸ₯³πŸŽŠ

This change happened back in October last year and I somehow missed it.

Here's a complete walkthrough πŸ§΅πŸ‘‡

✳️ Bookmark this.

04.03.2025 09:15 β€” πŸ‘ 47    πŸ” 12    πŸ’¬ 3    πŸ“Œ 1

Add me to the list!

28.02.2025 23:46 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

We're cooked

28.02.2025 23:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
28.02.2025 23:35 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

What does Crowdstrike do when their government contacts are threatened if they make an attrib this government doesn't like?

28.02.2025 22:16 β€” πŸ‘ 50    πŸ” 17    πŸ’¬ 5    πŸ“Œ 0
Post image

This is a fun one :)

Let's say you have a Conditional Access policy requiring MFA for All resources, and then you exclude one resource

Did you know that also automatically adds additional exlusions for some low privileged scopes depending on client app?

learn.microsoft.com/...

20.02.2025 18:51 β€” πŸ‘ 40    πŸ” 5    πŸ’¬ 3    πŸ“Œ 0
15.02.2025 20:32 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Y'all know this is how Horizon Zero Dawn started right?

06.02.2025 01:28 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I'm getting tired of vendors trying to build security products that do everything. Seriously, pick something and do that. The rest is a distraction for you and friction for me.

04.02.2025 16:51 β€” πŸ‘ 44    πŸ” 7    πŸ’¬ 8    πŸ“Œ 4
Preview
Meta is leaving its users to wade through hate and disinformation Meta’s decision to eliminate fact-checking could unleash a flood of disinformation, experts warn.

Meta is leaving its users to wade through hate and disinformation

07.01.2025 23:20 β€” πŸ‘ 184    πŸ” 27    πŸ’¬ 16    πŸ“Œ 12
Preview
CrowdStrike Services Releases Free Incident Response Tracker This blog post provides an overview of the newly released CrowdStrike Incident Response Tracker and how it is leveraged by our experts on the front lines.

How do you track DFIR timelines and findings? There doesn't seem to be a one size fits all solution in the industry.

Most commonly used are still spreadsheets, where Crowdstrike actually released a pretty nice IR Tracker template a while ago: www.crowdstrike.com/en-us/blog/c...

03.01.2025 19:41 β€” πŸ‘ 6    πŸ” 5    πŸ’¬ 3    πŸ“Œ 0

I hate how much I love this

04.01.2025 13:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

You also can't open up an EML or ICS file with it still....

30.12.2024 20:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Ascension: Health data of 5.6 million stolen in ransomware attack ​Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.

​Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.

20.12.2024 07:05 β€” πŸ‘ 47    πŸ” 26    πŸ’¬ 1    πŸ“Œ 3
Post image

Cybersecurity... Amirite?

18.12.2024 22:27 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Clop ransomware claims responsibility for Cleo data theft attacks The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data.

As many people suspected, CL0P is taking credit for the CLEO 0-Day attack. That’s not…good.

Via @lawrenceabrams.bsky.social & @bleepingcomputer.com

15.12.2024 20:35 β€” πŸ‘ 18    πŸ” 10    πŸ’¬ 1    πŸ“Œ 1
Preview
Defeating Adversary-in-the-Middle phishing attacks | Microsoft Community Hub Welcome to the second in our series of articles on dealing with advanced identity-related attacks.  As we’ve crossed the threshold of more than 40% of...

Second in series on advanced identity attacks and mitigations - Adversary in the middle phishing: techcommunity.microsoft.com/blog/identit...

07.12.2024 15:09 β€” πŸ‘ 12    πŸ” 5    πŸ’¬ 0    πŸ“Œ 1

How to make pentesters cry...

Run PingCastle/PurpleKnight, Locksmith, and ScriptSentry in your environment and fix all the critical issues before your next pentest.

I promise you...they will be weep

06.12.2024 15:16 β€” πŸ‘ 13    πŸ” 1    πŸ’¬ 3    πŸ“Œ 0
Post image

Fresh powder fun!

05.12.2024 14:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
a cartoon of two spidermans standing in front of a nypd van ALT: a cartoon of two spidermans standing in front of a nypd van
05.12.2024 14:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

All the cool kids have their own domain

04.12.2024 01:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@cogcyber.com is following 20 prominent accounts