Michele Spagnuolo
@miki.it
💼: Staff Information Security Engineer at Google. 🛠️: Rosetta Flash, BitIodine. 💛: web security, ⟠, ₿, finance. Data is the most dangerous form of opinion.
Excited to present Security Signals with @ddworken.bsky.social and @webappsec.dev, my primary project at Google for the past five years. Thanks, @madwebwork.bsky.social!
Paper: research.google/pubs/securit...
Slides: speakerdeck.com/mikispag/sec...
Paper: research.google/pubs/securit...
Slides: speakerdeck.com/mikispag/sec...
Security Signals: Making Web Security Posture Measurable At Scale
research.google
March 1, 2025 at 7:51 AM
Excited to present Security Signals with @ddworken.bsky.social and @webappsec.dev, my primary project at Google for the past five years. Thanks, @madwebwork.bsky.social!
Paper: research.google/pubs/securit...
Slides: speakerdeck.com/mikispag/sec...
Paper: research.google/pubs/securit...
Slides: speakerdeck.com/mikispag/sec...
Reposted by Michele Spagnuolo
One of the best tools I've seen to convert between various encodings.
Thanks @miki.it for suggesting it.
gchq.github.io/CyberChef/
Thanks @miki.it for suggesting it.
gchq.github.io/CyberChef/
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
gchq.github.io
December 14, 2024 at 9:06 AM
One of the best tools I've seen to convert between various encodings.
Thanks @miki.it for suggesting it.
gchq.github.io/CyberChef/
Thanks @miki.it for suggesting it.
gchq.github.io/CyberChef/
Security Signals: Making Web Security Posture Measurable At Scale
research.google
November 17, 2024 at 1:02 PM
Reposted by Michele Spagnuolo
I'm in the process of creating a *web security* starter pack and need your help finding more webbies here. Please share and recommend folks passionate about web security in comments below so we can get this community started here 🙂
go.bsky.app/Uf8dZhz
go.bsky.app/Uf8dZhz
November 17, 2024 at 10:12 AM
I'm in the process of creating a *web security* starter pack and need your help finding more webbies here. Please share and recommend folks passionate about web security in comments below so we can get this community started here 🙂
go.bsky.app/Uf8dZhz
go.bsky.app/Uf8dZhz
Reposted by Michele Spagnuolo
1/ X's algorithm was changed in mid-July 2024 to systematically boost Republican-leaning accounts and Elon Musk's own account following his endorsement of Donald Trump, according to a newly released computational study of engagement from the Queensland University of Technology.⬇️
November 16, 2024 at 10:40 AM
1/ X's algorithm was changed in mid-July 2024 to systematically boost Republican-leaning accounts and Elon Musk's own account following his endorsement of Donald Trump, according to a newly released computational study of engagement from the Queensland University of Technology.⬇️
Reposted by Michele Spagnuolo
XSS vulnerabilities keeping you up at night? 😱 Google's new "Commitment to Secure by Design" whitepaper has answers! Safe Coding and web platform improvements are key. Read more (page 7):
static.googleusercontent.com/media/public...
static.googleusercontent.com/media/public...
static.googleusercontent.com
November 16, 2024 at 9:31 PM
XSS vulnerabilities keeping you up at night? 😱 Google's new "Commitment to Secure by Design" whitepaper has answers! Safe Coding and web platform improvements are key. Read more (page 7):
static.googleusercontent.com/media/public...
static.googleusercontent.com/media/public...
Reposted by Michele Spagnuolo
Excited to share our latest blog post on memory safety! We’re tackling spatial safety in our massing C++ codebase by hardening live++ by default. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities: security.googleblog.com/2024/11/retr...
Retrofitting Spatial Safety to hundreds of millions of lines of C++
Posted by Alex Rebert and Max Shavrick, Security Foundations, and Kinuko Yasada, Core Developer Attackers regularly exploit spatial mem...
security.googleblog.com
November 15, 2024 at 7:02 PM
Excited to share our latest blog post on memory safety! We’re tackling spatial safety in our massing C++ codebase by hardening live++ by default. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities: security.googleblog.com/2024/11/retr...