⏰ Evilginx Mastery - Summer 30% OFF SALE There is no better season to learn how to phish! I am running a month-long 30% OFF sale for the Evilginx Mastery, so if you haven't had a chance to check it out yet - now is the time 🥳 Enjoy the summer! Link: academy.breakdev.org/evilginx-maste…

POV: It's 2003, you're in your bedroom, you just limewire'd some totally cool new music, you're working on your xanga profile, and disrespecting people registering on myspace

Is this true #BugBounty and #cybersecurity Influencers? Spoiler Alert: It is 🫨

2007: Reporter Michelle Madigan (Associate Producer of Dateline NBC) went undercover at DEF CON (DEF CON) with a hidden camera to try get attendees to confess to crimes, was outed by Jeff Moss, and bolted from the venue chased by a pack of 150 people. There's video. 👇

#defcon32 update: some simple considerations that will make #dc32 smoother for everyone: - do not adhere stickers to the facility. for real. DFIU. - LVCC will not be doing bag checks - carry cash. registration and merch are cash-only, as always. - carry a credit or debit

The RedTeamVillage is hosting a hands-on web hacking workshop! Learn the WebSploit Labs environment and hack some web apps! DEF CON

As a Brit who has lived in Las Vegas for the last 18 months, I humbly submit this thread of recommendations and advice for anyone coming to black hat and def con. Feel free to ask questions and add any other recommendations!

We'll have some of the top researchers, hackers, tinkerers, and preppers all in one place at the beginning of a recession and WWIII. Can't wait to do the apocalypse with you all DEF CON

Day 2 of the Adversary Simulation and Capability Development class is in full swing 👌

Probably not a good idea

Chinese Backdoor Alert! Security enhancements on Mifare Classic cards used in hotels/business contain a supply chain backdoor making reading & exploitation trivial. Great paper by Philippe Teuwen Quarkslab eprint.iacr.org/2024/1275.pdf Watch your Chinese supply chains carefully folks!

The past year has been amazing. From marriage, to Pwn2Own to a Pwnie Award, I'm so grateful. I'm using the money I've won from hacking competitions, bounties, & RB for two ppl to travel & attend Hexacon, the premier offensive security con in Paris, France. forms.gle/zt9RaR7EEvTxWG…

"When I was a child, I spoke as a child, I understood as a child, I thought as a child; but when I became a man, I put away childish things."

NSA is launching a podcast! Premiering next Thursday, September 5, we're telling new stories and pulling back the curtain on what we do. Go subscribe to No Such Podcast wherever you get your podcasts, and learn more about our first season here: nsa.gov/Press-Room/Pre…

This wasn't the craziest vulnerability I've submitted but it was a heck of a lot of fun to do and even more fun to write about. Thank you Synack Red Team/Synack for the opportunity to share this. Sorry you had to redact the crackhead pirate response so much

How secure are your AI solutions? Synack Red Team member William Wallace (PHYR3WALL 🇺🇲) discusses his discovery of a notable problem in a chatbot deployed on a platform associated with a large healthcare insurance company → hubs.ly/Q02NPX540

Sorry, but you shouldn't trust anything that says "undetectable". It's nonsense and misleading. This got snatched by Elastic 8.5, which is a whopping 7 versions old. Even Defender triggered on the process injection and I've not updated that since 2023.

Hackers the movie was released 29 years ago today! September 15th 1995. Hack the planet!