pentest-automation-framework

pentest-automation-framework Built this to speed up structure...

authorized-pentest

authorized-pentest A runbook-style Claude Code skill for runn...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. I’m speaking at the Personal AI Summit in Los Angeles, California, USA, on Thursday, March 5, 2026. I’m speaking at Tech...

IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response

Threat actors predominately exploited public-facing applications for initial access this quarter, with this tactic appearing in over 60 percent of Cisco Talos Incident Response Talos IR engagements - a notable increase from less than 10 percent last quarter. This spike is largely attributable to ...

EUVD-2017-10670

Malware in sbrugna...

From Firewalls to Frontiers: AI Red-Teaming Is a Domain-Specific Evolution of Cyber Red-Teaming

A red team simulates adversary attacks to help defenders find effective strategies to defend their systems in a real-world operational setting. As more enterprise systems adopt AI, red-teaming will need to evolve to address the unique vulnerabilities and risks posed by AI systems. We take the...

Send to Which Account? Evaluation of an LLM-Based Scambaiting System

Scammers are increasingly harnessing generative AIGenAI technologies to produce convincing phishing content at scale, amplifying financial fraud and undermining public trust. While conventional defenses, such as detection algorithms, user training, and reactive takedown efforts remain important,...

CVE-2024-9649

The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7.4. This is due to missing or incorrect nonce validation on the wpulikedeletehistoryapi function. This makes it possible for...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the Rossfest Symposium in Cambridge, UK, on March 25, 2025. I'm speaking at the University of Toronto's Rotman School of Management in Toronto, Canada, on April 3, 2025. The list is maintained on this page...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at SOSS Fusion 2024 in Atlanta, Georgia, USA. The event will be held on October 22 and 23, 2024, and my talk is at 9:15 AM ET on October 22, 2024. The list is maintained on this page...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is at 8:45 AM ET on the 24th. I’m briefly speaking at the EPIC Champion of Freedom Awards in Washington, D...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking--along with John Bruce, the CEO and Co-founder of Inrupt--at the 18th Annual CDOIQ Symposium in Cambridge, Massachusetts, USA. The symposium runs from July 16 through 18, 2024, and my session is on Tuesday, July 16 at...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im giving a webinar via Zoom on Wednesday, May 22, at 11:00 AM ET. The topic is "Should the USG Establish a Publicly Funded AI Option?" The list is maintained on this page...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking at the AI Summit New York on December 6, 2023. The list is maintained on this page...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM CET. I’ll be discussing my new book A Hacker’s Mind: How the Powerful Bend Society’s Rules at...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET. I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM...

Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022

While our ongoing support to Ukraine and response to the Log4j vulnerabilities were two of our most comprehensive and impactful efforts in 2022, we also dealt with a multitude of other threats as the security community faced an expanding set of adversaries and malware. In January, we identified...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on "The Coming AI Hackers" and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page...

Why is Robust API Security Crucial in eCommerce?

API attacks are on the rise. One of their major targets is eCommerce firms like yours. APIs are a vital part of how eCommerce businesses are accelerating their growth in the digital world. ECommerce platforms use APIs at all customer touchpoints, from displaying products to handling shipping. Owi...

December 6, 2022, update for Project 2016 (KB5002193)

December 6, 2022, update for Project 2016 KB5002193 This article describes update 5002193 for Microsoft Project 2016 that was released on December 6, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't app...