Tom Lambert
@sirlamberttom.bsky.social
Ngl, not expert in OT specifics, but interesting to explore how to deal with this environment. OT-heavy companies need to include this scope to overall risk management, while considering its relationship with IT
www.sans.org/blog/buildin...
www.sans.org/blog/buildin...
Building a Better OT Ransomware Response Plan: A Simple Framework for ICS Environments | SANS Institute
A blog summarizing SANS's latest white paper on developing OT Ransomware playbooks
www.sans.org
April 21, 2025 at 1:02 PM
Ngl, not expert in OT specifics, but interesting to explore how to deal with this environment. OT-heavy companies need to include this scope to overall risk management, while considering its relationship with IT
www.sans.org/blog/buildin...
www.sans.org/blog/buildin...
NCSC updates its guide to API security: dev process, authentication/authorization, data in transit, input validation, DoS, monitoring and exposure management
Always a good thing to review alignment with best practices
www.ncsc.gov.uk/collection/s...
Always a good thing to review alignment with best practices
www.ncsc.gov.uk/collection/s...
Securing HTTP-based APIs
How to ensure that application programming interfaces are designed and built securely.
www.ncsc.gov.uk
April 3, 2025 at 7:30 PM
NCSC updates its guide to API security: dev process, authentication/authorization, data in transit, input validation, DoS, monitoring and exposure management
Always a good thing to review alignment with best practices
www.ncsc.gov.uk/collection/s...
Always a good thing to review alignment with best practices
www.ncsc.gov.uk/collection/s...
SOC improvement path should focus on automation and metrics, fine. But isn't it "just" what SOCs are currently doing, but at a larger scale ? We are far from totally redesigning from scratch. Just, like, classic continuous improvement ?
medium.com/anton-on-sec...
medium.com/anton-on-sec...
The Return of the Baby ASO: Why SOCs Still Suck?
“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a…
medium.com
March 28, 2025 at 6:42 AM
SOC improvement path should focus on automation and metrics, fine. But isn't it "just" what SOCs are currently doing, but at a larger scale ? We are far from totally redesigning from scratch. Just, like, classic continuous improvement ?
medium.com/anton-on-sec...
medium.com/anton-on-sec...
The worst thing about wordpress vulns is that the owners are even further from security concerns than other types. Can't expect single person business selling wood jewerly on their spare time to have a full fledged vuln management process
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
The 4 WordPress flaws hackers targeted the most in Q1 2025
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites.
www.bleepingcomputer.com
March 27, 2025 at 6:22 PM
The worst thing about wordpress vulns is that the owners are even further from security concerns than other types. Can't expect single person business selling wood jewerly on their spare time to have a full fledged vuln management process
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Reminder to infosec professionals: if HIBP creator isn't immune to basic phishing attack, no one is.
Oh, and be extra careful of emails from HIBP in near future.
www.malwarebytes.com/blog/news/20...
Oh, and be extra careful of emails from HIBP in near future.
www.malwarebytes.com/blog/news/20...
Security expert Troy Hunt hit by phishing attack
Tory Hunt, security expert and Have I Been Pwned owner, disclosed a phishing attack against him in a commendable display of transparency.
www.malwarebytes.com
March 27, 2025 at 6:36 AM
Reminder to infosec professionals: if HIBP creator isn't immune to basic phishing attack, no one is.
Oh, and be extra careful of emails from HIBP in near future.
www.malwarebytes.com/blog/news/20...
Oh, and be extra careful of emails from HIBP in near future.
www.malwarebytes.com/blog/news/20...
10 critical network pentest findings IT teams overlook. As MSSP team produce their threat intel annual report based on their in-house results, such analysis on large set of pentest could be very valuable to feed config/vuln management
thehackernews.com/2025/03/10-c...
thehackernews.com/2025/03/10-c...
10 Critical Network Pentest Findings IT Teams Overlook
vPenTest’s 10,000+ pentests reveal exploitable network gaps from misconfigurations and weak passwords, driving continuous security improvement.
thehackernews.com
March 26, 2025 at 6:15 AM
10 critical network pentest findings IT teams overlook. As MSSP team produce their threat intel annual report based on their in-house results, such analysis on large set of pentest could be very valuable to feed config/vuln management
thehackernews.com/2025/03/10-c...
thehackernews.com/2025/03/10-c...
Multiple vulns in ingress nginx controller for kubernetes that could result in RCE. 43% of cloud environments could be vulnerable. Patched versions are available. GL to your best buddy in IT
thehackernews.com/2025/03/crit...
thehackernews.com/2025/03/crit...
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code execution.
thehackernews.com
March 25, 2025 at 6:51 AM
Multiple vulns in ingress nginx controller for kubernetes that could result in RCE. 43% of cloud environments could be vulnerable. Patched versions are available. GL to your best buddy in IT
thehackernews.com/2025/03/crit...
thehackernews.com/2025/03/crit...
Still crazy to me these file conversion features aren't natively available on Windows
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
FBI warnings are true—fake file converters do push malware
The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks.
www.bleepingcomputer.com
March 24, 2025 at 7:20 AM
Still crazy to me these file conversion features aren't natively available on Windows
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Sounds obvious now, but coding AI are becoming new attack vectors. Supply chain risks are evolving (again), app sec has bright days ahead
thehackernews.com/2025/03/new-...
thehackernews.com/2025/03/new-...
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Hackers can exploit AI code editors like GitHub Copilot to inject malicious code using hidden rule file manipulations, posing a major supply chain thr
thehackernews.com
March 19, 2025 at 7:06 AM
Sounds obvious now, but coding AI are becoming new attack vectors. Supply chain risks are evolving (again), app sec has bright days ahead
thehackernews.com/2025/03/new-...
thehackernews.com/2025/03/new-...
Congratulation ! Your python package tampering evolved in open source ML model tampering !
www.reversinglabs.com/blog/rl-iden...
www.reversinglabs.com/blog/rl-iden...
Malicious ML models discovered on Hugging Face platform
Developers working on machine learning take note: RL threat researchers have identified nullifAI, a novel attack technique used on Hugging Face.
www.reversinglabs.com
February 7, 2025 at 3:52 PM
Congratulation ! Your python package tampering evolved in open source ML model tampering !
www.reversinglabs.com/blog/rl-iden...
www.reversinglabs.com/blog/rl-iden...
Du bug bounty pour la blue team ? J'ignorais
www.elastic.co/security-lab...
www.elastic.co/security-lab...
Announcing the Elastic Bounty Program for Behavior Rule Protections — Elastic Security Labs
Elastic is launching an expansion of its security bounty program, inviting researchers to test its SIEM and EDR rules for evasion and bypass techniques, starting with Windows endpoints. This initiativ...
www.elastic.co
January 30, 2025 at 8:44 AM
Du bug bounty pour la blue team ? J'ignorais
www.elastic.co/security-lab...
www.elastic.co/security-lab...