minus-square0xCBE@infosec.pubtoNixOS@infosec.pub•What do you do when Nix isn't worth the time?linkfedilinkEnglisharrow-up2·1 year agoYou build a derivation yourself… which I never do. I am on mac so I brew install and orchestrate brew from home manager. I find it works good as a compromise. linkfedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoA framework to securely use LLMs in companies - Part 1: Overview of Risksplus-squareboringappsec.substack.comexternal-linkmessage-square0fedilinkarrow-up18arrow-down10
arrow-up18arrow-down1external-linkA framework to securely use LLMs in companies - Part 1: Overview of Risksplus-squareboringappsec.substack.com0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoBad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attackplus-squareorca.securityexternal-linkmessage-square0fedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkBad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attackplus-squareorca.security0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoImpact of remote-code execution vulnerability in LangChainplus-squarentietz.comexternal-linkmessage-square0fedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkImpact of remote-code execution vulnerability in LangChainplus-squarentietz.com0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoPoisonGPT: How we hid a lobotomized LLM on Hugging Face to spread fake newsplus-squareblog.mithrilsecurity.ioexternal-linkmessage-square1fedilinkarrow-up110arrow-down11
arrow-up19arrow-down1external-linkPoisonGPT: How we hid a lobotomized LLM on Hugging Face to spread fake newsplus-squareblog.mithrilsecurity.io0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square1fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoALFA: Automated Audit Log Forensic Analysis for Google Workspaceplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkALFA: Automated Audit Log Forensic Analysis for Google Workspaceplus-squaregithub.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoPrompt Injection Attacks and Mitigationsplus-squarerez0.blogexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkPrompt Injection Attacks and Mitigationsplus-squarerez0.blog0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoBuilding Chainguard's container image registryplus-squarewww.chainguard.devexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkBuilding Chainguard's container image registryplus-squarewww.chainguard.dev0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoKubernetes Security Basics Series Part I - Deployment and Container Orchestrationplus-squareksoc.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkKubernetes Security Basics Series Part I - Deployment and Container Orchestrationplus-squareksoc.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoKubernetes Grey Zone: Risks in Managed Cluster Middlewareplus-squarewww.wiz.ioexternal-linkmessage-square0fedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkKubernetes Grey Zone: Risks in Managed Cluster Middlewareplus-squarewww.wiz.io0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoMy AWS Pentest Methodologyplus-squaremedium.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMy AWS Pentest Methodologyplus-squaremedium.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to Red Team@infosec.pubEnglish · 1 year agoJWT authentication bypass via X-HTTP-Method-Override headerplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkJWT authentication bypass via X-HTTP-Method-Override headerplus-squaregithub.com0xCBE@infosec.pub to Red Team@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to Security News@infosec.pubEnglish · 1 year agoMicrosoft says early June disruptions to Outlook, cloud platform, were cyberattacksplus-squareapnews.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMicrosoft says early June disruptions to Outlook, cloud platform, were cyberattacksplus-squareapnews.com0xCBE@infosec.pub to Security News@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoGCP Pentesting Guideplus-squareslashparity.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkGCP Pentesting Guideplus-squareslashparity.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to Blue Team@infosec.pubEnglish · 1 year agoEnterprise Purple Teaming: an Exploratory Qualitative Studyplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkEnterprise Purple Teaming: an Exploratory Qualitative Studyplus-squaregithub.com0xCBE@infosec.pub to Blue Team@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to Security News@infosec.pubEnglish · 1 year agoCL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerabilitywww.cisa.govexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerabilitywww.cisa.gov0xCBE@infosec.pub to Security News@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoExploring Firecracker MicroVMs for Multi-Tenant Dagger CI/CD Pipelinesplus-squarewww.felipecruz.esexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkExploring Firecracker MicroVMs for Multi-Tenant Dagger CI/CD Pipelinesplus-squarewww.felipecruz.es0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoSecuring the EC2 Instance Metadata Serviceplus-squaresecuritylabs.datadoghq.comexternal-linkmessage-square0fedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkSecuring the EC2 Instance Metadata Serviceplus-squaresecuritylabs.datadoghq.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoHow To Defend Your AI Modelsplus-squarewww.forbes.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkHow To Defend Your AI Modelsplus-squarewww.forbes.com0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agoToyota admits to yet another cloud leakplus-squarewww.theregister.comexternal-linkmessage-square0fedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkToyota admits to yet another cloud leakplus-squarewww.theregister.com0xCBE@infosec.pubM to Cloud Security@infosec.pubEnglish · 1 year agomessage-square0fedilink
0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agoAI Risk Databaseplus-squareairisk.ioexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkAI Risk Databaseplus-squareairisk.io0xCBE@infosec.pub to AI Infosec@infosec.pubEnglish · 1 year agomessage-square0fedilink
minus-square0xCBE@infosec.pubOPMtoCloud Security@infosec.pub•welcomelinkfedilinkEnglisharrow-up1·1 year agoahah thank you, we shall all yell together then linkfedilink
minus-square0xCBE@infosec.pubtoBlue Team@infosec.pub•Introduce yourself!linkfedilinkEnglisharrow-up1·1 year ago👋 infra sec blue team lead for a large tech company linkfedilink
You build a derivation yourself… which I never do. I am on mac so I brew install and orchestrate brew from home manager. I find it works good as a compromise.