Katy Anton 

@[email protected]
786 Followers
1.3K Following
107 Posts
I talk about security / OWASP Bristol Chapter Leader / @owaspControls / . 
Personal thoughts on #AppSec, #SoftwareSecurity, #CloudSecurityhttps://www.owasp.org/www-chapter-bristol-uk
Twitter at: @katyanton
Views my own, not Granny's
OWASP Bristolhttps://owasp.org/www-chapter-bristol-uk/
Katy Anton Aug 9, 2023
Great to see #OWASP Booth 2416D at #BlackHat - and catch up with both current and previous Board members @bilcorry @infosecvandana @vanderaj.
Katy Anton Aug 8, 2023
Registered for BHat 😀 - ready for it
Katy Anton Dec 27, 2022
Hacker claims to be selling Twitter data of 400 million users
https://www.bleepingcomputer.com/news/security/hacker-claims-to-be-selling-twitter-data-of-400-million-users/
Hacker claims to be selling Twitter data of 400 million users

A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale.

BleepingComputer
Katy Anton Dec 17, 2022
Interesting - the Twitter account encouraging people to join rival social network Mastodon has been suspended, the latest in a string of accounts suspended this week.
https://www.cnet.com/news/social-media/twitter-suspends-account-encouraging-others-to-join-mastodon/
Twitter Suspends Account Encouraging Others to Join Mastodon

Links to Mastodon were also being blocked on the platform.

CNET
Katy Anton Dec 16, 2022
Interesting article on the use of ChatGPT for bug bounty and pentesting
https://anugrahsr.in/chatgpt-for-hacking/
Unleashing the Power of ChatGPT for Bug Bounty and Penetration Testing

Bug bounty and pentesting are crucial components of the cyber security landscape. These activities involve identifying and exploiting vulnerabilities in networks and systems in order to help improve their security. In recent years, a new tool has emerged that has the potential to greatly enhance the capabilities of bug bounty

Anugrah SR | #HackLearnDaily
Katy Anton Dec 1, 2022
72% of organizations remain vulnerable to Log4Shell 👇
https://www.techtarget.com/searchsecurity/news/252527814/Tenable-72-of-organizations-remain-vulnerable-to-Log4Shell
Tenable: 72% of organizations remain vulnerable to Log4Shell

New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year.

TechTarget
Katy Anton Dec 1, 2022

Not grea👇
Anker has a way to bypass encryption and access these "secure" cameras through cloud.

https://www.theverge.com/2022/11/30/23486753/anker-eufy-security-camera-cloud-private-encryption-authentication-storage

Anker’s Eufy lied to us about the security of its security cameras

Anker promised its Eufy home security cameras would offer incredible privacy including end-to-end encryption, but security researchers have discovered those promises have huge holes.

The Verge
Katy Anton Nov 30, 2022
Great article from @gaz on Hijacking service workers via DOM Clobbering
https://portswigger.net/research/hijacking-service-workers-via-dom-clobbering
Hijacking service workers via DOM Clobbering

In this post, we'll briefly review how service worker hijacking works, then introduce a variant that can be triggered via DOM clobbering thanks to a quirk in document.getElementById(). Understanding s

PortSwigger Research
Katy Anton Nov 19, 2022
What Musk thinks of vot 🤦