Outpost246d ago

Application Security that adapts to your priorities: Outpost24 CyberFlex.

CyberFlex is a flexible, credit-based program combining continuous asset discovery, expert guidance, and penetration testing, so you can ensure complete coverage and test what you need, when you need it.

๐Ÿ›ก๏ธ See it in action. Book your demo now: https://outpost24.com/products/cyberflex/

#PTaaS #ASM #ApplicationSecurity #CyberFlex #AttackSurface

ZevonixJun 17
Old accounts are just backdoors with nostalgia. https://zurl.co/fsyxr #AttackSurface #BusinessContinuity
Analyst207Jun 17

Validation Turns Security Visibility into Action

Despite pouring resources into security tools for better visibility, many teams still struggle to turn insights into action, leaving them overwhelmed by endless findings with unclear priorities. It's time to bridge the gap between detection and response to truly fortify digital defenses.

https://osintsights.com/validation-turns-security-visibility-into-action?utm_source=mastodon&utm_medium=social

#SecurityVisibility #VulnerabilityManagement #ThreatIntelligence #AttackSurface #CybersecurityOutcomes

Validation Turns Security Visibility into Action

Transform security visibility into action with validation, prioritizing threats effectively and strengthening your defense - learn how to take control now.

OSINTSights
OffSequenceJun 4
Annual pentests arenโ€™t enough: a bankโ€™s vendor mortgage portal left staff data exposed via unauthenticated API for 345 days. No CVE, but impact is HIGH. Continuous testing and asset monitoring are essential. https://radar.offseq.com/threat/what-345-days-of-untested-exposure-looks-like-at-a-b465a773 #OffSeq #InfoSec #Banking #AttackSurface
halil denizMay 29

Shodan Dork Cheat Sheet

In this cheat sheet, I cover useful Shodan search queries, filtering techniques, and practical reconnaissance workflows for cybersecurity assessments
https://denizhalil.com/2023/12/19/shodan-dork-cheat-sheet/

#CyberSecurity #Shodan #OSINT #Reconnaissance #AttackSurface #ThreatIntelligence #Pentesting #RedTeam #InfoSec #EthicalHacking #SecurityResearch #DenizHalil

Analyst207May 21

Identity Exposures Form Highways for Cyber Attacks

A single compromised identity can become a superhighway for cyber attacks, giving hackers access to nearly every critical workload a business relies on - as seen in a recent incident where a cached AWS access key on one Windows machine put 98% of the company's cloud environment at risk. Identity has become the ultimate attack path, carryingโ€ฆ

https://osintsights.com/identity-exposures-form-highways-for-cyber-attacks?utm_source=mastodon&utm_medium=social

#CloudSecurity #IdentityManagement #CredentialExposure #Aws #AttackSurface

Identity Exposures Form Highways for Cyber Attacks

Learn how identity exposures create highways for cyber attacks and take action to protect your business by securing permissions and credentials now effectively.

OSINTSights
Show threadVMMay 14

A #yama #sysctl to restrict /disable the #splice #syscall and reduce the #attacksurface of the #Linux #kernel

https://forums.gentoo.org/viewtopic.php?t=1177670

#infosec

A sysctl to disable splice vmsplice and tee syscalls - Gentoo Forums

halil denizMay 2

Advanced Subdomain Discovery with Amass and Cheat Sheet

In this cheat sheet, I cover essential Amass commands, enumeration techniques, and practical workflows for effective recon.
https://denizhalil.com/2026/05/02/owasp-amass-subdomain-enumeration-cheat-sheet/

#CyberSecurity #OWASP #Amass #SubdomainEnumeration #Recon #OSINT #AttackSurface #BugBounty

BSidesLuxembourgApr 17

๐Ÿ” Inside the Tech: New Talk Added to BSides Luxembourg

๐ŸŒ๐Ÿ“ก ๐—ง๐—›๐—˜ ๐—™๐—ข๐—ฅ๐—š๐—ข๐—ง๐—ง๐—˜๐—ก ๐—™๐—œ๐—ก๐—š๐—˜๐—ฅ๐—ฃ๐—ฅ๐—œ๐—ก๐—ง: ๐——๐—ก๐—ฆ ๐—•๐—”๐—ฆ๐—˜๐—— ๐—ข๐—ฆ๐—œ๐—ก๐—ง ๐—ง๐—˜๐—–๐—›๐—ก๐—œ๐—ค๐—จ๐—˜๐—ฆ ๐—™๐—ข๐—ฅ ๐—ฃ๐—ฅ๐—ข๐——๐—จ๐—–๐—ง & ๐—ฆ๐—˜๐—ฅ๐—ฉ๐—œ๐—–๐—˜ ๐——๐—œ๐—ฆ๐—–๐—ข๐—ฉ๐—˜๐—ฅ๐—ฌ โ€“ Rishi ( @rxerium )

โšก Reveal hidden infrastructure in a Talk (40 min) using DNS TXT records to map technologies, dependencies, and external services at scale.

DNS is often treated as infrastructure plumbing, but TXT records quietly expose far more than most defenders realize. This session introduces a DNS-based OSINT methodology that leverages large-scale TXT record analysis to uncover embedded service dependencies such as cloud platforms, SaaS integrations, and identity providers.

By programmatically scanning DNS zones and integrating the technique into tools like Nuclei and OWASP Amass, this approach enables security teams to build detailed maps of organizational technology stacks and attack surfaces. A real-world case study from the Salesloft breach demonstrates how these signals translate into actionable intelligence for both offensive and defensive use cases.

Rishi ( @rxerium ) is a London-based security researcher focused on vulnerability research, threat intelligence, and OSINT-driven attack surface discovery. He contributes to open-source security tooling, supports the UK OSINT community, and focuses on building scalable reconnaissance and detection methodologies.

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https://2026.bsides.lu/tickets/

๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

๐Ÿ“ฒ View full schedule & build your agenda: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #OSINT #DNS #AttackSurface #ThreatIntelligence #CyberSecurity

halil denizApr 7

Subdomain Takeover Vulnerabilities and Prevention

In this article, I cover:
* How subdomain takeover vulnerabilities occur
* Real-world exploitation scenarios
Reconnaissance and detection techniques
* Practical prevention and DNS hygiene strategies

https://denizhalil.com/2026/02/16/subdomain-takeover-vulnerabilities-prevention/

#CyberSecurity #SubdomainTakeover #DNS #AttackSurface #BugBounty #RedTeam #BlueTeam #InfoSec #CloudSecurity #WebSecurity #EthicalHacking