Reposted by Rocco Gagliardi
I never saw this coming: A Sysinternals tool, procdump, helping to improve the security of MacOS!
www.macworld.com/article/2898...
www.macworld.com/article/2898...
Security expert details how a simple Microsoft tool led to the discovery of a serious macOS flaw
The hole was fixed by Apple in the macOS Sequoia 15.3 update.
www.macworld.com
September 18, 2025 at 9:06 PM
I never saw this coming: A Sysinternals tool, procdump, helping to improve the security of MacOS!
www.macworld.com/article/2898...
www.macworld.com/article/2898...
Reposted by Rocco Gagliardi
🧵
Here is SS 433, the first identified microquasar.
It is about one of the most exotic star systems known, a binary star microquasar consisting of a stellar-mass black hole and its companion, a giant star.
The star is about 30 solar masses, ...
➡️ www.desy.de/news/news_se...
🔭 🧪 #cosmology
Here is SS 433, the first identified microquasar.
It is about one of the most exotic star systems known, a binary star microquasar consisting of a stellar-mass black hole and its companion, a giant star.
The star is about 30 solar masses, ...
➡️ www.desy.de/news/news_se...
🔭 🧪 #cosmology
August 18, 2025 at 7:09 PM
🧵
Here is SS 433, the first identified microquasar.
It is about one of the most exotic star systems known, a binary star microquasar consisting of a stellar-mass black hole and its companion, a giant star.
The star is about 30 solar masses, ...
➡️ www.desy.de/news/news_se...
🔭 🧪 #cosmology
Here is SS 433, the first identified microquasar.
It is about one of the most exotic star systems known, a binary star microquasar consisting of a stellar-mass black hole and its companion, a giant star.
The star is about 30 solar masses, ...
➡️ www.desy.de/news/news_se...
🔭 🧪 #cosmology
Reposted by Rocco Gagliardi
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
https://isc.sans.edu/podcastdetail/9574
https://isc.sans.edu/podcastdetail/9574
August 18, 2025 at 2:00 AM
SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
https://isc.sans.edu/podcastdetail/9574
https://isc.sans.edu/podcastdetail/9574
Reposted by Rocco Gagliardi
A preview of my RustConf keynote this September www.youtube.com/watch?v=TuJw...:
Developer Security Quick Fire Questions with Mark Russinovich and Scott Hanselman
YouTube video by Microsoft Developer
www.youtube.com
July 27, 2025 at 4:16 AM
A preview of my RustConf keynote this September www.youtube.com/watch?v=TuJw...:
Reposted by Rocco Gagliardi
Teammate Leonid discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of orgs that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data like Teams channel messages. 🤓
#synology #disclosure #modzero
modzero.com/en/blog/when...
#synology #disclosure #modzero
modzero.com/en/blog/when...
When Backups Open Backdoors: Accessing Sensitive Cloud Data via
modzero.com
June 29, 2025 at 8:01 AM
Teammate Leonid discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of orgs that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data like Teams channel messages. 🤓
#synology #disclosure #modzero
modzero.com/en/blog/when...
#synology #disclosure #modzero
modzero.com/en/blog/when...
Reposted by Rocco Gagliardi
One of the results of the joined research with @dirkjanm.io is entrascopes.com
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
June 26, 2025 at 9:48 AM
One of the results of the joined research with @dirkjanm.io is entrascopes.com
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Reposted by Rocco Gagliardi
YES 😍 1 year till the next AREA41 conference🥳
The new location is www.thehall.ch and we are excited to grow🤩
18.-19.June 2026
-> a41con.ch
The new location is www.thehall.ch and we are excited to grow🤩
18.-19.June 2026
-> a41con.ch
June 20, 2025 at 3:24 PM
YES 😍 1 year till the next AREA41 conference🥳
The new location is www.thehall.ch and we are excited to grow🤩
18.-19.June 2026
-> a41con.ch
The new location is www.thehall.ch and we are excited to grow🤩
18.-19.June 2026
-> a41con.ch
Reposted by Rocco Gagliardi
C2 Architecture - Pull the Strings, Run the Show
An article about the key components of Command and Control (C2), highlights potential detection vectors, and outlines high-level strategies for designing resilient and stealthy C2 infrastructure by @m8r1us
https://www.scip.ch/en/?labs.20250612
An article about the key components of Command and Control (C2), highlights potential detection vectors, and outlines high-level strategies for designing resilient and stealthy C2 infrastructure by @m8r1us
https://www.scip.ch/en/?labs.20250612
Key Principles for a Command and Control (C2) Infrastructure
C2 operational safety is essential. Use redirectors to hide C2 or use stealthy traffic channels. Non-C2 traffic should be blocked as early as possible. Use encrypted shellcode when designing a loader.
www.scip.ch
June 12, 2025 at 5:41 AM
C2 Architecture - Pull the Strings, Run the Show
An article about the key components of Command and Control (C2), highlights potential detection vectors, and outlines high-level strategies for designing resilient and stealthy C2 infrastructure by @m8r1us
https://www.scip.ch/en/?labs.20250612
An article about the key components of Command and Control (C2), highlights potential detection vectors, and outlines high-level strategies for designing resilient and stealthy C2 infrastructure by @m8r1us
https://www.scip.ch/en/?labs.20250612
Reposted by Rocco Gagliardi
🚨 BREAKING NEWS 🚨
184M login credentials leaked from an unsecured 47GB database, likely compiled via #infostealer #malware.
Exposed accounts span Facebook, Google, banks, and .gov domains from 29 countries. Database now offline, but full impact unknown.
#ransomNews #CyberSecurity #Infosec
184M login credentials leaked from an unsecured 47GB database, likely compiled via #infostealer #malware.
Exposed accounts span Facebook, Google, banks, and .gov domains from 29 countries. Database now offline, but full impact unknown.
#ransomNews #CyberSecurity #Infosec
May 22, 2025 at 6:25 PM
🚨 BREAKING NEWS 🚨
184M login credentials leaked from an unsecured 47GB database, likely compiled via #infostealer #malware.
Exposed accounts span Facebook, Google, banks, and .gov domains from 29 countries. Database now offline, but full impact unknown.
#ransomNews #CyberSecurity #Infosec
184M login credentials leaked from an unsecured 47GB database, likely compiled via #infostealer #malware.
Exposed accounts span Facebook, Google, banks, and .gov domains from 29 countries. Database now offline, but full impact unknown.
#ransomNews #CyberSecurity #Infosec
Reposted by Rocco Gagliardi
Only 2.4% of all CVEs have a CVSSv4 score and half of those is from one company
Another failed standard?
www.linkedin.com/feed/update/...
Another failed standard?
www.linkedin.com/feed/update/...
May 22, 2025 at 11:22 AM
Only 2.4% of all CVEs have a CVSSv4 score and half of those is from one company
Another failed standard?
www.linkedin.com/feed/update/...
Another failed standard?
www.linkedin.com/feed/update/...
Hanno fatto #Eternauta.
#Netflix ha messo le mani anche lì. L’ha preso, pettinato, truccato, normalizzato. Ha svuotato quel freddo bianco di Buenos Aires, ha levato la paranoia, ha stirato le pieghe delle pagine rovinate dalla pioggia e dal tempo.
#Netflix ha messo le mani anche lì. L’ha preso, pettinato, truccato, normalizzato. Ha svuotato quel freddo bianco di Buenos Aires, ha levato la paranoia, ha stirato le pieghe delle pagine rovinate dalla pioggia e dal tempo.
April 30, 2025 at 3:11 PM
Hanno fatto #Eternauta.
#Netflix ha messo le mani anche lì. L’ha preso, pettinato, truccato, normalizzato. Ha svuotato quel freddo bianco di Buenos Aires, ha levato la paranoia, ha stirato le pieghe delle pagine rovinate dalla pioggia e dal tempo.
#Netflix ha messo le mani anche lì. L’ha preso, pettinato, truccato, normalizzato. Ha svuotato quel freddo bianco di Buenos Aires, ha levato la paranoia, ha stirato le pieghe delle pagine rovinate dalla pioggia e dal tempo.
Reposted by Rocco Gagliardi
La settimana phastidiosa - 26 aprile 2025
⚡️Impiombati dall'Età dell'oro
⚡️Ride bene chi cede ultimo
⚡️Make Aggiotaggio Great Again
⚡️Illiquidi di traverso
⚡️Golden Power e risparmi alla patria
⚡️Siam pronti al dissesto, Invitalia chiamò
🍿E molto altro
phastidio.net/2025/04/26/l...
⚡️Impiombati dall'Età dell'oro
⚡️Ride bene chi cede ultimo
⚡️Make Aggiotaggio Great Again
⚡️Illiquidi di traverso
⚡️Golden Power e risparmi alla patria
⚡️Siam pronti al dissesto, Invitalia chiamò
🍿E molto altro
phastidio.net/2025/04/26/l...
La settimana phastidiosa - 26 aprile 2025
Il cammino verso la “rinascita” della manifattura americana implica una transizione che farà male soprattutto ai consumator...
phastidio.net
April 26, 2025 at 8:28 AM
La settimana phastidiosa - 26 aprile 2025
⚡️Impiombati dall'Età dell'oro
⚡️Ride bene chi cede ultimo
⚡️Make Aggiotaggio Great Again
⚡️Illiquidi di traverso
⚡️Golden Power e risparmi alla patria
⚡️Siam pronti al dissesto, Invitalia chiamò
🍿E molto altro
phastidio.net/2025/04/26/l...
⚡️Impiombati dall'Età dell'oro
⚡️Ride bene chi cede ultimo
⚡️Make Aggiotaggio Great Again
⚡️Illiquidi di traverso
⚡️Golden Power e risparmi alla patria
⚡️Siam pronti al dissesto, Invitalia chiamò
🍿E molto altro
phastidio.net/2025/04/26/l...
Puoi anche non occuparti dell’economia, lei si occuperà comunque di te. Un Di Maio al quadrato che, anche se sai non può essere serio, sposta montagne di soldi che manco Zio Paperone.
April 10, 2025 at 9:55 AM
Puoi anche non occuparti dell’economia, lei si occuperà comunque di te. Un Di Maio al quadrato che, anche se sai non può essere serio, sposta montagne di soldi che manco Zio Paperone.
Reposted by Rocco Gagliardi
Ransomfeed main page now features double #ransomware statistics for the months of the year and the previous year.
You can choose what to see: Italy 🇮🇹 or World 🌏
Stay in touch www.ransomfeed.it
You can choose what to see: Italy 🇮🇹 or World 🌏
Stay in touch www.ransomfeed.it
March 3, 2025 at 8:34 AM
Ransomfeed main page now features double #ransomware statistics for the months of the year and the previous year.
You can choose what to see: Italy 🇮🇹 or World 🌏
Stay in touch www.ransomfeed.it
You can choose what to see: Italy 🇮🇹 or World 🌏
Stay in touch www.ransomfeed.it
Die Zertifizierungsprozesse bremsen die Behebung von Schwachstellen. Die Investition muss im Voraus in korrekte Prozesse zur sicheren Softwareentwicklung getätigt werden. Aber auch das bleibt bis heute oft eine Illusion. www.medinside.ch/lebensgefahr...
Lebensgefahr durch Sicherheitslücken in Medizingeräten
Manipulierte Infusionspumpen und unterdrückte Warnmeldungen können tödlich enden – doch Hersteller reagieren auf technische Schwachstellen oft gar nicht oder abweisend.
www.medinside.ch
February 19, 2025 at 7:56 AM
Die Zertifizierungsprozesse bremsen die Behebung von Schwachstellen. Die Investition muss im Voraus in korrekte Prozesse zur sicheren Softwareentwicklung getätigt werden. Aber auch das bleibt bis heute oft eine Illusion. www.medinside.ch/lebensgefahr...
MAESTRO - Agentic AI Threat Modeling Framework cloudsecurityalliance.org/blog/2025/02...
Agentic AI Threat Modeling Framework: MAESTRO | CSA
MAESTRO (Multi-Agent Environment, Security, Threat, Risk, & Outcome) is a novel threat modeling framework for Agentic AI. Assess risks across the AI lifecycle.
cloudsecurityalliance.org
February 12, 2025 at 8:33 AM
MAESTRO - Agentic AI Threat Modeling Framework cloudsecurityalliance.org/blog/2025/02...