VMDS
@Muffinbox33
Security professional during the day, learning the hard job of dad rest of the time. Manager AppSec @gitlab
You might like
The $1.5B Bybit hack marks a new era in cryptocurrency security. Attackers have moved beyond technical exploits to sophisticated operational attacks. Read our initial analysis of this historic breach and its industry-wide implications: blog.trailofbits.com/2025/02/21/the…
I don't usually ask for help on X, but the situation I'm dealing with is seriously f*cked up... Details below ⤵️
❓Have you ever wanted to get in the mind of a hacker? Well, here's your chance during our Ask a Hacker AMA next week on September 8th. ✏️ Sign up and drop your questions here. bit.ly/3qNOChj
We hope you enjoyed #INS23 ! As usual, thanks to the amazing work of @Ministraitor, all the talks are now available on our YouTube channel: youtube.com/@scrtinsomniha… See you next year ! #INSO23
#job: want to work on security with me at @taurus_hq? from code reviews to key ceremonies to compliance to physical security, a lot to do, solid team and tech and company (just announced a series B) must be Swiss resident, speaking French or German is a plus but not mandatory
How I found that heap corruption in Git? It was a little bit of luck and good guts feeling about the code to be honest. 🙃 about.gitlab.com/blog/2023/01/2…
about.gitlab.com
Git security audit: Inside the hunt for - and discovery of - CVEs
Get a behind-the-scenes look at how I helped discover the vulnerability that became CVE-2022-41903.
"L'éditeur ne disposait pas d’un plan de reprise des activités digne de ce nom [...]. Les sauvegardes étaient en outre selon eux conservées chez le même hébergeur que les données elles-mêmes." Avertissement aux PMEs du coin qui se jettent dans le cloud... letemps.ch/suisse/un-mois…
letemps.ch
Un mois après une cyberattaque, voici pourquoi Winbiz ne sort pas de la tourmente - Le Temps
La société qui possède le logiciel de comptabilité et de facturation n’aurait pas suffisamment assuré ses arrières pour se relever après une attaque. Alors que le fonctionnement n’est toujours pas...
Bonjour @BanqueCler ! Est-ce qu'il est possible d'accéder à son compte Zak, depuis son app sur son iPhone et sur son iPad?
How did I miss that! This repository is amazing to emulate several attackers🤩 "A PoC that packages payloads into output containers to evade Mark-of-the-Web flag. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX" - @mariuszbit github.com/mgeeky/PackMyP…
We have finally published Tproxy (objectifsecurite.gitlab.io/tproxy/) our generic TCP interception proxy (think Burp for TCP): TLS handling, wireshark dissection, intercept and modify by hand or with scripts in GUI or CLI. There is a complete doc with demos (objectifsecurite.gitlab.io/tproxy/Demos/)
This great article prompted me to continue my search for an updated universal ruby gadget! After a lot of digging I managed to chain two together to create a new RCE gadget that works on Ruby 2.0-3.2: devcraft.io/2022/04/04/uni…
New post - Ruby Deserialization - "Gadget" on Rails. In this blog post, we discuss finding a new RCE gadget in latest Rails (7) framework extending the work of @elttam @wcbowling. Ft. @iamnoooob @rootxharsh httpvoid.com/?p=Ruby-deseri…
Wow. C’est vraiment écrit ça? Screenshot, juste au cas où ça disparaît.
How to use @gitlab's security features to detect #log4j vulnerabilities 💥 Amazing blog post collaboration from our Developer Evangelism team across all teams. @olearycrew @john_cogs 🤗 about.gitlab.com/blog/2021/12/1… #Log4Shell #security
about.gitlab.com
How to use GitLab security features to detect log4j vulnerabilities
Detailed guidance to help customers detect vulnerabilities.
Bonjour @Swisscom, j'aimerais savoir quand Swisscom va mettre en règle les installations fibres en P2P et non en P2MP? Cela explique pourquoi les autres fournisseurs (@SaltMobile_Care dans mon cas) ont été incapable de me fournir un accès il y a 1 an... bvger.ch/bvger/fr/home/…
As of today, bounties for new reports submitted to the @gitlab #bugbounty program have been raised across the board. Most notably, $15,000 maximum for high severity vulnerabilities and $35,000 maximum for critical! 💸 There's also swag up for grabs :) about.gitlab.com/blog/2021/11/0…
Bonjour @Swisscom , j'aimerais avoir le 10Gb chez moi et votre routeur n'a pas de port 10Gb. J'ai un port SFP+ en 10Gb sur mon routeur (Ubiquiti), puis-je y brancher la fibre directement dessus? Quel module SFP+ est-il nécessaire pour que ca fonctionne? Merci! 👍
Reminder for myself: stop accumulating 200+ browser tabs, so I don’t have to spend a ridiculous amount of time on a Saturday night to sort them.
United States Trends
- 1. Auburn 37.4K posts
- 2. Bama 27.9K posts
- 3. Duke 29.6K posts
- 4. #SurvivorSeries 173K posts
- 5. Miami 116K posts
- 6. Stockton 14.3K posts
- 7. Virginia 48K posts
- 8. Cam Coleman 1,681 posts
- 9. Austin Theory 4,233 posts
- 10. #RollTide 5,714 posts
- 11. Ole Miss 33.8K posts
- 12. Iron Bowl 15.1K posts
- 13. ACC Championship 7,200 posts
- 14. Lane Kiffin 42.6K posts
- 15. Ty Simpson 3,653 posts
- 16. Cooper Flagg 4,860 posts
- 17. Ryan Williams 1,689 posts
- 18. Notre Dame 23.8K posts
- 19. Seth 21.1K posts
- 20. Stanford 8,493 posts
Something went wrong.
Something went wrong.