I wonder if these full-face masks could fool common facial recognition systems? 🤔

https://www.linkedin.com/feed/update/urn:li:activity:7270576541816745985

I have been off social media almost completely for more than a year and am only now just poking my head out of the shell. World events brought me back because misery loves company.

If this is your first time meeting me, find out more here: https://scott.mortimer.name

Good article about MITRE ranking XSS as the Top Threat of 2024.

#websecurity #appsec

https://scotthelme.co.uk/xss-ranked-1-top-threat-of-2024-by-mitre-and-cisa/

~Open Source Security Tool of the Day~

#osstotd

BadZure

BadZure orchestrates the setup of Azure Active Directory tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

https://github.com/mvelazc0/BadZure

There's a new opensource and federated service dedicated to Table-top Roleplaying. Check it out:

https://ttrpg.network

Free Tools for Cloud Environments | CISA

Free Tools for Cloud Environments provides network defenders and incident response/analysts open-source tools, methods, and guidance for identifying, mitigating, and detecting cyber threats, known vulnerabilities, and anomalies while operating a cloud or hybrid environment.

https://www.cisa.gov/resources-tools/resources/free-tools-cloud-environments

OpenAI prepping ChatGPT-5

I always knew that there was an AI Chatbot hiding in the Mountains of Madness.

https://www.nytimes.com/2023/05/30/technology/shoggoth-meme-ai.html

Don't forget to check out his Awesome adblock list

https://coryd.dev/posts/2023/i-block-ads/

Very interesting advisory showing the TTPs of a real-world espionage campaign.

https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF

~Open Source Security Tool of the Day~

#osstotd

Sniffnet

Application to comfortably monitor your network traffic
Multithreaded, cross-platform, reliable

https://github.com/GyulyVGC/sniffnet

Just realized that yesterday was the anniversary of me joining infosec.exchange.

My how time flies ⌛​🪰🪰

Cloud + AI = Skynet

Enjoy your day 😃

https://www.vice.com/en/article/qjvb4x/palantir-demos-ai-to-fight-wars-but-says-it-will-be-totally-ethical-dont-worry-about-it

How to Yubikey: a configuration cheatsheet

https://debugging.works/blog/yubikey-cheatsheet/