I liked ranting so much, I made it my job.
Pentester. I mostly break Web stuff but sometimes hardware too. OSINT from time to time.
Terrible music connoisseur.
@faker_ on Twitter.
#infosec #pentester #OSINT
| Blog | https://infosec.rm-it.de/ |
| Location | Munich, Germany |
RE: https://social.heise.de/@heisec/116278847114165195
German police was physically sent out to warn businesses about a vulnerability in Windchill and ZeroPLM in the middle of the night.
Apparently they just showed up and wanted to warn them, and if nobody was there they tried calling.
Imagine being an admin and getting a call by the BKA at 4am just to tell you some internal system needs patching.
wtf indeed
Phenomenal reporting from ProPublica. Big takeaways:
https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government
A federal program created to protect the government against cyber threats authorized a sprawling Microsoft cloud product, despite the company’s inability to fully explain how it protects sensitive data.
From the company that sells you DDoS protection but also is somehow the preferred hoster of DDoS crews: They now sell you bot / AI crawling protection, and have released a feature to quickly crawl an entire website!
Great stuff, Cloudflare.
https://developers.cloudflare.com/changelog/post/2026-03-10-br-crawl-endpoint/
A sales person contacted me and asked if I'd be interested in their AI pentests with super low daily rates.
Should I reply and ask if he is interested in replacing Sales in their company with AI?
How tone deaf can you be to approach a pentester and ask "can I replace you with our AI?"
🤦Oh, it’s the Snowden revelations all over again.
They are claiming that AI-powered mass surveillance is a good thing but mass **domestic** surveillance isn’t
watchTowr
Taggart
Frédéric Jacobs