Amitai Cohen

@[email protected]
145 Followers
211 Following
94 Posts
✦ researching threats @wiz 🐞 maintaining vulns @cloudvulndb πŸŽ™οΈ casting pods @ http://cryingoutcloud.io/
Websitehttps://cloudcurio.us
Bloghttps://amitaico.substack.com
GitHubhttps://github.com/korniko98
Twitterhttps://twitter.com/AmitaiCo
Amitai CohenMar 19, 2025
Show threadDan GoodinMar 17, 2025
The plot in this tj-actions supply-chain attack thickens. Another widely used Github Actions, reviewdog/action-setup, was also tampered with, using similar but not identical methodology. From @wiz
Amitai CohenJul 6, 2024
Dominic WhiteJul 5, 2024

β€œLearning creates more competence but first, it amplifies our feelings of incompetence.”

https://seths.blog/2024/07/the-paradox-of-lessons/

The paradox of lessons

The people most likely to sign up for coaching or additional learning are the folks who are already good at their craft. β€œI’m terrible at this,” can lead to, β€œand I don&#821…

Seth's Blog
Amitai CohenJun 6, 2024
Wiz Jun 6, 2024

🎧 Listen to #IBM's 'Chief Llama Officer' πŸ¦™, @jerry about his journey from crashing computers at 10 to leading cloud security, and hear his journey & insights on #AI, acquisitions, and more.

Tune in to our new episode:

🎧 Spotify: https://open.spotify.com/episode/2DwPFc7pfb5cOWpnffmDu7?si=n-kVjFtkQdGlx2I3osKGdQ

🍏 Apple Podcasts: https://podcasts.apple.com/il/podcast/crying-out-cloud/id1675289400?i=1000658039999

πŸ“Ί YouTube: https://www.youtube.com/watch?v=Zvi71YLSnfc

CROC Talks: Chief Llama Officer and IBM CISO - Jerry Bell

Spotify
Amitai CohenApr 2, 2024
danielleaminovApr 2, 2024
I've been looking into how the xz backdoor works and drew this sketch to make it easier to understand.
I'll update it as new information comes to light ✨
Amitai CohenDec 21, 2023
Sharon GoldbergDec 16, 2023

Final projects for my infosec course at BU are in - students are asked to create a podcast about a security incident that was in the news in the past year. These are too good not to share, so posting a few here! 🧡

PS - If you're looking for new grads for your infosec roles, DM me. I have tens of qualified candidates :)

Amitai CohenSep 1, 2023
Jeffrey YasskinAug 31, 2023
Them: Please review this documentation.
Me: Question?
Them: Answer. <No change to the documentation>
Me: Please put that in the documentation.
Amitai CohenAug 27, 2023
@GossiTheDog hi Kevin, what's the best way to reach you? any chance you could DM me?
Amitai CohenAug 5, 2023
Possible CVEsAug 5, 2023
Enterprise class starships allow physically proximate subspace rifts to cause a denial of service if broadcasting a resonant-frequency audio signal. This can be mitigated by an uplifting musical ensemble performance which collapses the quantum probability field.
Amitai CohenJul 28, 2023
Alex StamosJul 27, 2023

Senator Wyden seems to be the only member of Congress really paying attention to one of the most important enterprise cloud hacks in history.

https://www.wyden.senate.gov/imo/media/doc/wyden_letter_to_cisa_doj_ftc_re_2023_microsoft_breach.pdf

Show threadAmitai CohenJul 21, 2023
@GossiTheDog might interest you