12 years ago my life was saved by Hurricane Sandy when I was supposed to be in a building performing incident response that got blown up. There are not many public stories of physically targeted incidents directly related to cybersecurity but they exist. This is the story

I’ve 40 times less followers on Bluesky but I don’t give a f*ck 🤷‍♂️ Why? - the moderation team is efficient - 3rd-party clients are welcome - there’s no ads - the mood is much better Unless you really want to show your support for Elon, give it a try!

EV charger, despite being recently included in exploitation competitions as a target, are still an underrated and underestimated target at scale. They store (and expose to the street, literally) your sensitive info like WiFi password, among other things. Pop 5-6 brands and —

Alright, time to give a try it. I'm also there, bsky.app/profile/ration…

We've just released our 2024-Q3 edition of ThinkstScapes: thinkst.com/ts For this issue, we went through ~5000 info-sec research talks, papers, presentations & blogs. The website includes PDF & ePub links (and a brief audio summary). As always: completely free...

Interesting talk worth watching about DAST at scale. MS basically went full circle between old solutions like parsing code to modifying built env to generate OpenAPI specs to feed DAST tools, to use AI to consume code & produce that. None works as expected at scale. What works?--

The entire 3rd-edition of Ross Anderson's "Security Engineering" is available free as PDFs now! cl.cam.ac.uk/archive/rja14/…

If you're following me here, I'm also posting Halvar Flake.bsky.social bsky.app/profile/halvar… -- and on mastodon, too.

You can also find me there: bsky.app/profile/splout…

Paged Out! Issue #5 is out now! pagedout.institute/?page=issues.p… Happy reading! Please RT and tell your friends! :)

I decided to resume creating some content. You can all find me on bluesky: bsky.app/profile/empije…

We're joining a promising platform to reach more interested OSINTers and learn from each other. Our association is now also on Bluesky. You can find us at bsky.app/profile/osints… We will be more than happy if many of you will also join the conversation!

Threema 2.0 for desktop (beta), which was audited by Cure53 earlier this year, recently passed a bug bounty challenge and is now open source: threema.ch/bp/threema-des…

A rather pretty form of military parade.

Turns out WhatsApp does NOT have end-to-end encrypted backup enabled by default. Your backups are stored cleartext on cloud, which means the E2EE in chats are essentially a joke, if you backup. That's FB just being an ass and sneaky IMO.

10 years on twitter, it has been good for a while, but now I post on Bluesky bsky.app/profile/ration… #MyXAnniversary

We won't be using this account actively anymore. You can stay connected with us through: Our Website: osintswitzerland.ch LinkedIn: linkedin.com/company/osint-… Discord: discord.gg/FTTNyGe9ta Bluesky: bsky.app/profile/osints… We’d love to see you there! Thanks for your support!

I talk to a lot of people who just use the "For you" timeline on X, and get baited into a permanent state of simmering rage by what they see there. The amount of time you should be spending on "For you" is ZERO - interact with X through curated lists and "Following" only.

🦋🔵Did you know that we are now also on Blue Sky? Follow us for updates on cutting-edge supercomputing, science breakthroughs, and tech-driving innovation: bsky.app/profile/cscsch…

LLM-based vuln hunting just leveled up with xvulnhuntr - a fork of vulnhuntr with support for: C#, Java, Go. Read Nicolò Fornari's blog post and go grab the project on GitHub. blog.compass-security.com/2025/07/xvulnh…