Should I stop paying for an error tracking service, or just start shipping buggier code 🤔

The job description of a Security Engineer is just going "what the fuck" and then doing something about it

Credential phishing, live 2fa code interception, *and* pushing malware 😱 #hugops to any security teams cleaning up after this one

I need to either debug some Outlook email rendering bugs, or stop using magic links and implement SAML. What a choice 😣

The next Future of Security Operations meetup is happening on Monday at the Monzo 🏦 offices 🗣️ I'm not speaking this time, but if you're around, come say hi! tines.com/events/firesid…

🕵️ How to detect phishing sites impersonating your brand, using open source! 🐟 The key to successfully combating phishing is detecting it early, and thanks to CT logs you can get started detecting phishing sites in near-real-time, completely for free: phish.report/blog/phishing-…

How can you find phishing sites with urlscan.io? Here's four ways to find phishing sites and then pivot to other examples of the same kit: phish.report/blog/urlscanio…

❓You've found a phishing kit for sale which has been plaguing your team for weeks. Would you pay them for a copy of it? How much?

From identifying phishing sites to detecting C2 panels, people have used IOK to do it all. IOK (Indicator Of Kit) is a detection language for web pages: write rules based on the page content, response headers and more. And it's open source: github.com/phish-report/I…

A perfect example 👇 Here's a phishing site located on the path /account urlscan.io/result/f8c7816… And there's still the phishing kit at /account.zip urlscan.io/result/3f19297… 🎁

Combatting brand impersonation is more than just reporting abuse to hosting providers. Here's the top 4 vulnerabilities we find in phishing kits that you can use to disrupt an attack 👇

See the full blogpost for more details: phish.report/blog/top-phish…

We've seen a huge increase in the use of LiteSpeed's "Bot Verification" page over the past few months 📈 Using reCAPTCHA isn't a new tactic, but using LiteSpeed makes detection significantly harder