For students interested in programming, you can absolutely study C and C++ with BashCore and BashCoreX, thanks to the included gcc and g++ compilers.
Plus, you'll find powerful tools like git, vim, and emacs for development. It's a robust environment for learning and security exploration!
This is about to happen! Join us!
How To Detect And Mitigate Non-Human Identity And Crytographic Vulnerabilities — An ITSPmagazine Webinar With SandboxAQ
Thursday, May 15, 2025 | 1:00 PM 2:00 PM EST
Unmanaged cryptographic assets and non-human identities have left security teams blind to critical risks. These gaps have fueled vulnerabilities, breaches, compliance challenges, and operational drag across enterprise environments.
Join us to see how #AQtiveGuard transforms this landscape.
More than just visibility, AQtive Guard unifies your non-human identities and cryptographic assets into a single inventory to deliver end-to-end visibility, deeper risk analysis, and streamlined compliance in a single pane of glass—with automated discovery, real-time threat detection, and root cause analysis powered by their unique LQM.
Seamlessly integrated into your existing stack, it’s the AI-driven SaaS platform built to secure today’s systems—and tomorrow’s.
By attending, you will get to:
Discover how to gain unified visibility into cryptographic assets and non-human identities —including API keys, certificates and service accounts—in cloud environments
Explore how AQtive Guard empowers security teams with automated discovery, threat detection, and root cause analysis—enabling faster remediation, reduced risk, and stronger compliance without disrupting existing workflows.
Learn how to future-proof your security posture, with a platform designed for AI Security Operations, Post-Quantum Cryptography readiness, and seamless integration into your existing security stack.
PANELISTS
Marc Manzano
General Manager of Cybersecurity, SandboxAQ
MODERATORS
Sean Martin, CISSP Co-Founder, ITSPmagazine
Marco Ciappelli Co-Founder, ITSPmagazine
Can’t attend the live webinar? All registrants get exclusive access with a link to rewatch the recording.
Register To Attend: https://www.crowdcast.io/c/how-to-detect-and-mitigate-non-human-identity-and-crytographic-vulnerabilities-an-itspmagazine-webinar-with-sandboxaq
#cybersecurity, #cryptography, #AIsecurity, #infosec, #webinar, #securitytools, #threatdetection, #cloudsecurity, #sandboxAQ, #ITSPmagazine #tech #technology #quantum
Was working with GitLeaks this morning, when it failed to find over 20 secrets in a git repo.
Here are examples of what it didn't find:
INDEXER_PASSWORD=SecretPassword
INDEXER_PASSWORD=SecretPassword
API_PASSWORD=MyS3cr37P450r.*-
DASHBOARD_PASSWORD=kibanaserver
That is EXTREMELY disappointing! These are pretty obvious secrets!
Dumb question incoming: I've been seeing a lot of discussion about using LLMs for security tasks (summarizing alerts, generating reports, etc).
While the potential seems high, I keep thinking about the adversarial ML risks. Things like model poisoning, prompt injection tailored to security contexts or generating subtly misleading information.
How are professionals building practical safeguards or verification steps when integrating AI into sensitive security workflows?
Is human oversight the only reliable check for now?
PentestGPT, an AI-driven tool released in 2024, uses GPT-4 to guide penetration testers through hacking tasks, suggesting recon steps, exploitation commands, and analyzing results.
#pentestgpt #ai #penetrationtesting #cybersecurity #gpt #ethicalhacking #chatgpt #infosec #securitytools #openai #securityresearch #hackingassistant
https://www.darknet.org.uk/2025/04/pentestgpt-ai-powered-penetration-testing-assistant/
Patch Tuesday, April 2025 Edition – Source: krebsonsecurity.com https://ciso2ciso.com/patch-tuesday-april-2025-edition-source-krebsonsecurity-com/ #WindowsRemoteDesktopServices #rssfeedpostgeneratorecho #CommonLogFileSystem #CyberSecurityNews #KrebsonSecurity #KrebsOnSecurity #CVE-2025-26671 #CVE-2025-27480 #CVE-2025-27482 #CVE-2025-29824 #LatestWarnings #TheComingStorm #SecurityTools #SatnamNarang #ChrisGoettl #TimetoPatch #Microsoft #Windows #Ivanti #CLFS
Patch Tuesday, April 2025 Edition https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/ #WindowsRemoteDesktopServices #CommonLogFileSystem #LatestWarnings #TheComingStorm #SecurityTools #CVE202526671 #CVE202527480 #CVE202527482 #CVE202529824 #SatnamNarang #TimetoPatch #ChrisGoettl #microsoft #windows #Ivanti #CLFS
Patch Tuesday, April 2025 Edition
https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/
#WindowsRemoteDesktopServices #CommonLogFileSystem #LatestWarnings #TheComingStorm #CVE-2025-26671 #CVE-2025-27480 #CVE-2025-27482 #CVE-2025-29824 #SecurityTools #SatnamNarang #TimetoPatch #ChrisGoettl #microsoft #windows #Ivanti #CLFS
Patch Tuesday, April 2025 Edition - Microsoft today released updates to plug at least 121 security holes in its Window... https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/ #windowsremotedesktopservices #commonlogfilesystem #latestwarnings #thecomingstorm #cve-2025-26671 #cve-2025-27480 #cve-2025-27482 #cve-2025-29824 #securitytools #satnamnarang #timetopatch #chrisgoettl #microsoft #windows #ivanti #clfs
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday – Source: krebsonsecurity.com https://ciso2ciso.com/microsoft-6-zero-days-in-march-2025-patch-tuesday-source-krebsonsecurity-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #KrebsonSecurity #KrebsOnSecurity #CVE-2025-24983 #CVE-2025-24984 #CVE-2025-24985 #CVE-2025-24991 #CVE-2025-24993 #CVE-2025-26633 #FilipJurčacko #SecurityTools #AdamBarnett #TimetoPatch #Rapid7 #eset
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/ #SecurityTools #FilipJurčacko #CVE202524983 #CVE202524984 #CVE202524985 #CVE202524991 #CVE202524993 #CVE202526633 #TimetoPatch #AdamBarnett #Rapid7 #ESET
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday - Microsoft today issued more than 50 security updates for its various Windows opera... https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/ #cve-2025-24983 #cve-2025-24984 #cve-2025-24985 #cve-2025-24991 #cve-2025-24993 #cve-2025-26633 #securitytools #filipjurčacko #timetopatch #adambarnett #rapid7 #eset
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/
#CVE-2025-24983 #CVE-2025-24984 #CVE-2025-24985 #CVE-2025-24991 #CVE-2025-24993 #CVE-2025-26633 #SecurityTools #FilipJurčacko #TimetoPatch #AdamBarnett #Rapid7 #ESET
Ronin 2.1.1 and other patch versions have been released!
https://ronin-rb.dev/blog/2025/02/15/ronin-2-1-1-and-more-released.html
#SecureCoding: Risiken einschätzen mit dem #ExploitPredictionScoringSystem | Developer https://www.heise.de/hintergrund/Secure-Coding-Risiken-einschaetzen-mit-dem-Exploit-Prediction-Scoring-System-10252792.html #ITSecurity #Cybersecurity #VulnerabilityManagement #ExploitPrediction #EPSS #CVSS #SSVC #CWE #RiskManagement #ThreatIntelligence #MachineLearning #DataDrivenSecurity #PatchManagement #SecurityBestPractices #ZeroDay #VulnerabilityAssessment #SecurityTools #InfoSec
Security Scanner for Web Applications
Privacy-First Security Analysis 
Built by Developers, for Developers
Try it now: https://webscan.dev
Garak – An Open Source LLM Vulnerability Scanner for AI Red-Teaming https://gbhackers.com/garak/ #CyberSecurityNews #SecurityTools #Vulnerability
Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner https://gbhackers.com/araneida-scanner/ #CyberSecurityNews #SecurityTools #cybersecurity #Tools
A bunch of (100+) useful open source (mainly) security tools and products:
Crickets from Chirp Systems in Smart Lock Key Leak https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/ #U.S.Cybersecurity&InfrastructureSecurityAgency #ALittleSunshine #LatestWarnings #SecurityTools #ChirpSystems #RealPageInc. #August.com #ProPublica #MattBrown
(KØMVH) 
