Backman
@backmanfyi.bsky.social
418 - I’m not a teapot
But I do like cyber security, tech, science and tea
But I do like cyber security, tech, science and tea
I swear so many security professionals are spending too much time thinking about how to manage encryption keys rather than accounts
May 7, 2025 at 12:26 PM
I swear so many security professionals are spending too much time thinking about how to manage encryption keys rather than accounts
output encoding > Input validation
April 8, 2025 at 2:09 PM
output encoding > Input validation
I mean.... creating legit corporate emails that does not look like phishing emails are kind of tricky...
April 8, 2025 at 1:16 PM
I mean.... creating legit corporate emails that does not look like phishing emails are kind of tricky...
Nordnet confirms banking customers were able to trade stocks in other customers accounts to swedish Dagens Industri
www.di.se/live/nordnet...
www.di.se/live/nordnet...
Nordnet: Det gick att handla i andras depåer
Nordnet bekräftar att det var möjligt för nätbankens kunder att handla i andra personers depåer under tisdagens it-haveri. Det har dock inte varit möjligt att ta ut overifierade pengar, enligt nätmäkl...
www.di.se
February 12, 2025 at 11:31 AM
Nordnet confirms banking customers were able to trade stocks in other customers accounts to swedish Dagens Industri
www.di.se/live/nordnet...
www.di.se/live/nordnet...
Reposted by Backman
What if you built a billion-story building?
Watch the latest What If? video collaboration with MinuteEarth!
youtu.be/Z_xJ40QXu7Q
Watch the latest What If? video collaboration with MinuteEarth!
youtu.be/Z_xJ40QXu7Q
What if you built a billion-story building?
YouTube video by xkcd's What If?
youtu.be
February 11, 2025 at 8:55 PM
What if you built a billion-story building?
Watch the latest What If? video collaboration with MinuteEarth!
youtu.be/Z_xJ40QXu7Q
Watch the latest What If? video collaboration with MinuteEarth!
youtu.be/Z_xJ40QXu7Q
Reposted by Backman
The Pianist is such an amazingly good movie and should be in any school curiculum.
February 8, 2025 at 9:28 PM
The Pianist is such an amazingly good movie and should be in any school curiculum.
Reposted by Backman
Britain's security officials have ordered Apple to create a 'back door' to access any user's cloud data worldwide.
#uk #Apple #data #BigTech #dataprivacy
#uk #Apple #data #BigTech #dataprivacy
UK demands Apple create backdoor to user data
Britain's security officials have ordered that Apple create a so-called 'back door' allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud.
cnews.link
February 7, 2025 at 1:21 PM
Britain's security officials have ordered Apple to create a 'back door' to access any user's cloud data worldwide.
#uk #Apple #data #BigTech #dataprivacy
#uk #Apple #data #BigTech #dataprivacy
There's a big market out there for security vendors that just write what they do on their landing page.
February 5, 2025 at 11:34 AM
There's a big market out there for security vendors that just write what they do on their landing page.
I swear to god.. I've been working in cyber security for quite some time now.. STILL, every time I read the web page of a new security vendor I have to spend at least half an hour just to try and understand what the fuck they are doing..
February 5, 2025 at 11:08 AM
I swear to god.. I've been working in cyber security for quite some time now.. STILL, every time I read the web page of a new security vendor I have to spend at least half an hour just to try and understand what the fuck they are doing..
Reposted by Backman
Oh crap, Reddit are onto us. Quick, everyone look busy.
February 1, 2025 at 8:55 PM
Oh crap, Reddit are onto us. Quick, everyone look busy.
yes.. this seems perfectly normal
February 2, 2025 at 12:52 AM
yes.. this seems perfectly normal
Reposted by Backman
Remember to spread a little joy, even if it will be fleeting
January 30, 2025 at 11:48 PM
Remember to spread a little joy, even if it will be fleeting
Reposted by Backman
Programming languages: "We are just a way to operate computers in a way that makes sense to humans."
Programming languages [takes a big joint hit]: "What if there were 5 kinds of nothingness?"
Programming languages [takes a big joint hit]: "What if there were 5 kinds of nothingness?"
January 31, 2025 at 8:51 AM
Programming languages: "We are just a way to operate computers in a way that makes sense to humans."
Programming languages [takes a big joint hit]: "What if there were 5 kinds of nothingness?"
Programming languages [takes a big joint hit]: "What if there were 5 kinds of nothingness?"
In general I've had a really bad experience trying to use AI to improve vulnerability findings in code but this white paper by Corgea is a bit different.
Building a graph using the AST and using it together with LLMs to understand the context of a vulnerability sounds like a promising approach
Building a graph using the AST and using it together with LLMs to understand the context of a vulnerability sounds like a promising approach
Whitepaper: BLAST, the AI-powered SAST scanner - Corgea - Home
Corgea is an AI-powered security platform that automatically finds, triages, and fixes insecure code. Sign up today for free to try Corgea.
corgea.com
January 30, 2025 at 7:32 PM
In general I've had a really bad experience trying to use AI to improve vulnerability findings in code but this white paper by Corgea is a bit different.
Building a graph using the AST and using it together with LLMs to understand the context of a vulnerability sounds like a promising approach
Building a graph using the AST and using it together with LLMs to understand the context of a vulnerability sounds like a promising approach
Reposted by Backman
Attackers posted the stolen data on a popular data leak forum that malicious attackers utilize to exchange stolen data.
H&M investigating hacker claims of 4M shoppers' data breach
H&M's UAE branch had its customer details stolen, attacker say
cnews.link
January 29, 2025 at 1:59 PM
Attackers posted the stolen data on a popular data leak forum that malicious attackers utilize to exchange stolen data.
Reposted by Backman
The entire tech industry right now
January 25, 2025 at 4:30 PM
The entire tech industry right now
Relume saw the Excel World Champoinshisp and made it their marketing strategy
www.youtube.com/watch?v=g1wg...
www.youtube.com/watch?v=g1wg...
RDL 2 - FINAL: Joseph Berry vs Dan Mall | E-Bike Minimal Big Type | Web Design Esports on Figma
YouTube video by Relume
www.youtube.com
January 24, 2025 at 9:53 AM
Relume saw the Excel World Champoinshisp and made it their marketing strategy
www.youtube.com/watch?v=g1wg...
www.youtube.com/watch?v=g1wg...
Reposted by Backman
As predicted…Prepare for another logistical headache privacy folk: www.euronews.com/next/2025/01...
Trump rollback jeopardises EU-US data transfers: privacy activist says
First-day executive orders signed by the new US president could make it impossible for thousands of EU businesses and public bodies to use US cloud providers such as Google, Microsoft and Amazon witho...
www.euronews.com
January 23, 2025 at 5:23 PM
As predicted…Prepare for another logistical headache privacy folk: www.euronews.com/next/2025/01...
Reposted by Backman
Hi, everybody! Jon here. Unfortunately, since ChatGPT is down at the moment, I'm unable to generate my usual Bluesky posts. As soon as it's up and running again, I'll be able to resume the sorts of posting you've come to expect from me over the years. Thanks all.
January 23, 2025 at 2:44 PM
Hi, everybody! Jon here. Unfortunately, since ChatGPT is down at the moment, I'm unable to generate my usual Bluesky posts. As soon as it's up and running again, I'll be able to resume the sorts of posting you've come to expect from me over the years. Thanks all.
The latest CURL blog update hits the nail on the head. The CVE/CVSS system is broken and misleading.
We are currently assessing the severity of vulnerabilities libraries, executables, applications, services, appliances and SaaS services as if they are all the same thing.
They are not.
We are currently assessing the severity of vulnerabilities libraries, executables, applications, services, appliances and SaaS services as if they are all the same thing.
They are not.
CVSS is dead to us
CVSS is short for Common Vulnerability Scoring System and is according to Wikipedia a technical standard for assessing the severity of vulnerabilities in computing systems. Typically you use an online...
daniel.haxx.se
January 23, 2025 at 12:37 PM
The latest CURL blog update hits the nail on the head. The CVE/CVSS system is broken and misleading.
We are currently assessing the severity of vulnerabilities libraries, executables, applications, services, appliances and SaaS services as if they are all the same thing.
They are not.
We are currently assessing the severity of vulnerabilities libraries, executables, applications, services, appliances and SaaS services as if they are all the same thing.
They are not.