Balthasar

@[email protected]
123 Followers
198 Following
60 Posts
Infosec guy breaking into networks and making sure they get more secure (he/him)
Red team lead @ http://srlabs.de
BalthasarMar 17
linuziferMar 17

Fun stuff from my team mates Rene Rehme @renereh1, Nina Piontek and @kantorkel:

"Via a large enterprise's AI assistant, we obtained access to several million Entra identities and all chat logs including attachments — no prompt injection or model tricks required.”

https://srlabs.de/blog/hacking-ai-agent

https://infosec.exchange/@srlabs/116243968443532012

We don't need to hack your AI Agent to hack your AI Agent - SRLabs Research

We strolled through an enterprise AI assistant's backend, helped ourselves to full application takeover and access to every chat log, and had a Microsoft Entra ID dump for dessert — no prompt injection, no model tricks, no AI expertise required.

SRLabs
BalthasarMar 3
LisaMar 3
On April 16th, we have our first event for #CyberDefendHERs in Berlin, an initiative for underrepresented groups in #Cybersecurity. For this event, we offer a full day of exchange, inspiration and presentations on „resilience and response“. Feel free to get your tickets to the event and please please please spread the word: https://cyberdefendhers.com
(Allies to the cause are also welcome)
Cyberdefendhers - Resilience and Response

BalthasarFeb 1
Show threadbuheratorFeb 1
@XC3LL Thanks for posting this, great to see someone has the guts to say the emperor is naked!

My 2c:
- Red Teams should be about the "difficult" things you mention at the end IMO. Spending resources on initial access is mostly pointless (from the client's perspective, finding 0d is always cool ofc) when a new blinky box exploit, leaked code signing cert, etc. is popping up every other week. IME many clients pay for (bad) initial access simulations because organizing assumed breach in-house is hard.
- A way to burst the bubbles you describe is to mandate scenarios based on real-world threat intel. But this works against intial access again, because RT's can't scale their R&D as black hats do (attack surface is clients vs the Internet).
BalthasarFeb 1
Juanma FernandezJan 31

A small rant:

The State of Art in Red Team is whatever you want to believe

https://x-c3ll.github.io/posts/Rant-Red-Team/

The State of Art in Red Team is whatever you want to believe

a rant about Red Teaming.

Doomsday Vault
BalthasarDec 30
Markus ReuterDec 30

Der Kongress des CCC ist und bleibt die skurrilste, unterhaltsamste und selbstorganierteste Großkonferenz, die es gibt.

Sie ist als unkommerzielles, politisches und wirkmächtiges Ereignis ein Leuchtturm dafür, was möglich ist, wenn Menschen sich verbünden und solidarisch etwas schaffen.

Gerade in Zeiten der faschistischen Bedrohung sind solche Zusammenkünfte und Orte unglaublich wichtig, weil sie Mut machen und Kraft spenden.

Danke, #39c3

BalthasarDec 16
The Hacker‘s ChoiceDec 16

THC Release 💥: The world’s largest IP<>Domain database: https://ip.thc.org

All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.

Updated monthly.

Try: curl https://ip.thc.org/1.1.1.1

Raw data: https://ip.thc.org/docs/bulk-data-access

(The fine work of messede 👌)

What does everyone think? Need feedback before release tomorrow :)

BalthasarOct 2
LisaOct 2

Since there are some pretty cool people around here, let me reshare this job offer here: We just published the first job posting for the team, I'm allowed to build at Security Research Labs.
I can honestly say, it's been a month full of awesome people, interesting, impactful work and lots of fun and new learnings. If you wanna explore that together and develop something great, feel free to hit me up. Also, if you have any questions, let me know! If you know someone, that would be a great fit for the team, the company and the topic, feel free to send them over :)

https://srlabs.de/careers#open-positions

Security Research Labs

SRLabs is a cybersecurity consultancy committed to making the world more secure.

SRLabs
BalthasarSep 18, 2025
chompieSep 18, 2025
kernel hackers go serverless
ring0 → cloud 9 ☁️ ??
brb pwning yr gpu nodes ✨
BalthasarAug 7, 2025
tomaggioAug 6, 2025

Liebe Freund*innen,

ich habe gerade die Petition 'Kein Sonderregister für trans* Personen – Nie wieder Listen gegen Minderheiten!' auf WeAct unterschrieben und würde mich sehr freuen, wenn ihr auch mitmacht.

Je mehr Menschen die Petition unterstützen, desto größer ist die Wahrscheinlichkeit, dass sie Erfolg hat. Hier könnt ihr mehr erfahren und unterzeichnen:

https://weact.campact.de/petitions/kein-sonderregister-fur-trans-personen-nie-wieder-listen-gegen-minderheiten?bucket=20250806-wae-hv-kein-sonderregister-fur-trans-personen&share=0cbdd9b3-2ff7-40be-9a0a-a2d1d5e535fb&source=copy_email&utm_campaign=20250806-wae-hv-kein-sonderregister-fur-trans-personen&utm_medium=recommendation&utm_source=copy_email

Vielen Dank!

Kein Sonderregister für trans* Personen – Nie wieder Listen gegen Minderheiten!

Hallo, ich bin Penelope Alva Frank, Transfrau, queerfeministische Aktivistin und Gründerin der queerfeministischen Bewegung Queermany. Ich weiß, wie es ist, jeden Tag Blicke, Sprüche und Angriffe auszuhalten, nur weil ich trans bin. Ich erlebe Queerfeindlichkeit auf der Straße, online und sogar in meinem Aktivismus wie bei, Polizei Gewahrsam 2023 und ich will mir gar nicht vorstellen, was passiert, wenn falsche Polizisten oder Behördenmitarbeiter Zugriff auf mein früheres Geschlecht...

WeAct
BalthasarJun 29, 2025
hrbrmstr 🇺🇦 🇬🇱 🇨🇦Jun 28, 2025

O_O Synology's middleware service was inadvertently exposing a master credential during every setup process, and this credential belonged to Synology's global app registration, giving attackers broad read-only access to organizational data including Teams messages, group information, and Microsoft 365 content.

https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"