hi3ronym0s
@hi3ronym0s.bsky.social
aspiring cybersecurity professional. unweaving the rainbow that is IT one bit at a time.
Reposted by hi3ronym0s
We are familiar with eMClient and axios, so let me introduce Trufflehog, the new kid on the block.
Trufflehog made headlines during the recent "Shai-Hulud" campaign, in which threat actors used it to search for passwords and sensitive information. [1] According to the Trufflehog GitHub page:
Trufflehog made headlines during the recent "Shai-Hulud" campaign, in which threat actors used it to search for passwords and sensitive information. [1] According to the Trufflehog GitHub page:
December 11, 2025 at 6:08 AM
We are familiar with eMClient and axios, so let me introduce Trufflehog, the new kid on the block.
Trufflehog made headlines during the recent "Shai-Hulud" campaign, in which threat actors used it to search for passwords and sensitive information. [1] According to the Trufflehog GitHub page:
Trufflehog made headlines during the recent "Shai-Hulud" campaign, in which threat actors used it to search for passwords and sensitive information. [1] According to the Trufflehog GitHub page:
Reposted by hi3ronym0s
Glad to see they have a firm understanding of how data breaches work.
The NHS Barts Health Hospital wants to legally ban the publication, use, or sharing of data stolen by the Clop gang by anyone.
www.bankinfosecurity.com/uk-hospital-...
www.bankinfosecurity.com/uk-hospital-...
UK Hospital Asks Court to Stymie Ransomware Data Leak
A National Health Service hospital is seeking assistance from the U.K. High Court to stymie a potential data leak tied to a ransomware hack. The hospital, NHS
www.bankinfosecurity.com
December 9, 2025 at 12:39 PM
Glad to see they have a firm understanding of how data breaches work.
Reposted by hi3ronym0s
wer das übrigens kaum glauben kann...(links unten).
December 4, 2025 at 9:47 AM
wer das übrigens kaum glauben kann...(links unten).
Reposted by hi3ronym0s
Dieser Text ist eine Pflichtlektüre für alle Parlamentarier:innen Europas. Um diesen geräuschlose Einnistung von Palantir-Software in den Verwaltungsinfrastrukturen zu verstehen, die gerade passiert... Und um diese zu stoppen.
monde-diplomatique.de/artikel/!611...
monde-diplomatique.de/artikel/!611...
United States of Palantir
In den USA vollzieht sich ein grundlegender Umbau des Staates. Die Hauptrolle spielen dabei Tech-Unternehmen wie Palantir und Anduril, an deren Software wichtige hoheitliche Aufgaben delegiert werden....
monde-diplomatique.de
November 28, 2025 at 9:21 AM
Dieser Text ist eine Pflichtlektüre für alle Parlamentarier:innen Europas. Um diesen geräuschlose Einnistung von Palantir-Software in den Verwaltungsinfrastrukturen zu verstehen, die gerade passiert... Und um diese zu stoppen.
monde-diplomatique.de/artikel/!611...
monde-diplomatique.de/artikel/!611...
Reposted by hi3ronym0s
#ChatControl is OFF the table for now. 💪
But Peter Hummelgaard wants to bring it back.
😡 He now even claims your activism was paid for by Big Tech! 😡
Fight for #encryption & #privacy 🔒️
Source: netzpolitik.org/2025/absurd-...
#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security
But Peter Hummelgaard wants to bring it back.
😡 He now even claims your activism was paid for by Big Tech! 😡
Fight for #encryption & #privacy 🔒️
Source: netzpolitik.org/2025/absurd-...
#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security
October 28, 2025 at 9:17 AM
#ChatControl is OFF the table for now. 💪
But Peter Hummelgaard wants to bring it back.
😡 He now even claims your activism was paid for by Big Tech! 😡
Fight for #encryption & #privacy 🔒️
Source: netzpolitik.org/2025/absurd-...
#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security
But Peter Hummelgaard wants to bring it back.
😡 He now even claims your activism was paid for by Big Tech! 😡
Fight for #encryption & #privacy 🔒️
Source: netzpolitik.org/2025/absurd-...
#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security
Reposted by hi3ronym0s
I told @joshua.stealingheather.com, developer of @iceblock.app, that he was running a vulnerable version of Apache on his server. He ignored my vulnerability report and blocked me, and his service is still vulnerable today micahflee.com/iceblock-han...
ICEBlock handled my vulnerability report in the worst possible way
Last week, I wrote about how Joshua Aaron's ICEBlock app, which allows people to anonymously report ICE sightings within a 5-mile radius, is – unfortunately, and despite apparent good intentions – act...
micahflee.com
September 8, 2025 at 11:20 AM
I told @joshua.stealingheather.com, developer of @iceblock.app, that he was running a vulnerable version of Apache on his server. He ignored my vulnerability report and blocked me, and his service is still vulnerable today micahflee.com/iceblock-han...
Reposted by hi3ronym0s
1/ In a recent incident response case, threat actors escalated from a compromised Ivanti appliance to full Domain Admin privileges in under eight minutes (..!).
July 11, 2025 at 7:22 AM
1/ In a recent incident response case, threat actors escalated from a compromised Ivanti appliance to full Domain Admin privileges in under eight minutes (..!).
Reposted by hi3ronym0s
Im neuen Sonderheft schlüpfen Sie probehalber in die Rolle eines Hackers, lernen die Werkzeuge und Arbeitsweise kennen und sammeln erste Erfahrungen. #Hacking
Sonderheft c’t Hacking: Selbst einsteigen, von Profis lernen
Im neuen Sonderheft schlüpfen Sie probehalber in die Rolle eines Hackers, lernen die Werkzeuge und Arbeitsweise kennen und sammeln erste Erfahrungen.
www.heise.de
May 1, 2025 at 11:03 AM
Im neuen Sonderheft schlüpfen Sie probehalber in die Rolle eines Hackers, lernen die Werkzeuge und Arbeitsweise kennen und sammeln erste Erfahrungen. #Hacking
Reposted by hi3ronym0s
Ha! Endlich wird mit dem Mythos "Schweizer Standort" aufgeräumt... Das Technikfachmagazin c't sieht diesen kritisch (es geht um Threema) und nennt es sogar indirekt als Malus. Wieso? Die Schweizer Überwachungsgesetze sind das Problem. Und werden es noch viel mehr mit der Revision VÜPF.
April 17, 2025 at 7:50 AM
Ha! Endlich wird mit dem Mythos "Schweizer Standort" aufgeräumt... Das Technikfachmagazin c't sieht diesen kritisch (es geht um Threema) und nennt es sogar indirekt als Malus. Wieso? Die Schweizer Überwachungsgesetze sind das Problem. Und werden es noch viel mehr mit der Revision VÜPF.
Reposted by hi3ronym0s
Reposted by hi3ronym0s
Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
www.schneier.com
April 4, 2025 at 11:02 AM
Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
war ja nur ne legacy umgebung. warum stand die dann noch im netz? #fail
Oracle hat betroffene Kunden über einen Cyberangriff und den Diebstahl von "alten Anmeldedaten" informiert.
Jetzt also doch: Oracle bestätigt Datenabfluss
Der amerikanische Tech-Konzern hatte einen Cyberangriff zuvor vehement abgestritten. Jetzt gibt er zu, dass Daten aus einer "Legacy-Umgebung" gestohlen wurden.
www.inside-it.ch
April 3, 2025 at 8:44 AM
war ja nur ne legacy umgebung. warum stand die dann noch im netz? #fail