Profile avatar
robertauger.bsky.social
25 years Appsec,PurpleTeam,Web Application Security Consortium(WASC) cofounder,Baythreat Organizer,Ex-PayPal/eBay/Box/Workday/Coinbase infosec. http://Sectemplates.com | https://www.cgisecurity.com/ | https://github.com/securitytemplates/sectemplates
43 posts 143 followers 301 following
Prolific Poster
Conversation Starter
Posts 35 Comments 15

I have a bunch of solid security domain names I'm thinking of finally selling. What would be the best way to sell them to security vendors?

submitted 8 hours ago • 0 comments

Random rant: If security teams understood how to represent their work as dollar savings, how much more funding and support they'd receive?

submitted 1 day ago • 0 comments

Announcement - Incident Response Program Pack v1.5 This release is to provide you with everything you need to establish a functioning security incident response program at your company. Announcement: www.sectemplates.com/2025/02/anno... GitHub: github.com/securitytemp...

submitted 11 days ago • 0 comments

I need to spend more time here, Twitter is just political yelling and screaming

submitted 20 days ago • 0 comments

Stealing Accesses tokens from Cloud Functions in GCP

submitted 21 days ago • 0 comments

I imagine people using botnets to train AI models in the near future.

submitted 31 days ago • 0 comments

Chinese AI models will be cheaper at the cost of censoring certain topics and people will eat it up... Ask it about Tank man or Xi and you'll see some obvious examples. www.wsj.com/tech/ai/chin...

submitted 33 days ago • 0 comments

Feels like the future for automating exploitation is training llms and using agents to perform these attacks. Agree? Disagree?

submitted 35 days ago • 0 comments

submitted 41 days ago • 0 comments

BREAKING: Chinese hackers accessed Yellen's computer in US Treasury breach, per Bloomberg.

submitted 43 days ago • 8 comments

Hacking campaign compromised at least 16 Chrome browser extensions

submitted 59 days ago • 0 comments

I'm pleased to announce the latest SecTemplates.com release, External Penetration Testing Program Pack v1.1. Announcement: www.sectemplates.com/2024/12/anno... GitHub: github.com/securitytemp...

submitted 63 days ago • 0 comments

This is a good idea, however I doubt that this code on average is getting proper security testing/updates. As a result there may be a surge in agencies adopting vulnerable code and increasing their attack surface fedscoop.com/agencies-mus...

submitted 63 days ago • 0 comments

An attacker successfully phished a Cyberhaven employee. They gained access to their Chrome Web Store admin credentials and published a malicious version of the Cyberhaven extension. Read my full writeup here: www.vulnu.com/p/breaking-c... Thanks @jaimeblascob.bsky.social and @johntuckner.me

submitted 64 days ago • 0 comments

You know what one of the best uses for #AI is going to be that nobody is talking about? When you're arguing with an internet stranger about a point and you need to find facts to 'teach them', you can ask the AI to summarize the best sources and paste it back. Soon arguing will be automated. ;)

submitted 74 days ago • 0 comments

These Jersey drones are worrying. Feeling more and more like they are searching for something that has the possibility of a very negative outcome. #drones

submitted 76 days ago • 0 comments

Is there a known pattern for training LLMs with tenant specific data, that allows for solid separation to avoid cross tenant exposure?

submitted 78 days ago • 0 comments

submitted 81 days ago • 1 comment

The only good Christmas song youtu.be/OR07r0ZMFb8?...

submitted 81 days ago • 0 comments

We've witnessed a significant lack of OSINT nerds discussing the Brian Thompson assassination. This could be your moment to ChatGPT your way to over 10,000 likes by armchair experting gun ballistics, criminal psychology, and healthcare policy

submitted 83 days ago • 5 comments

A lot of people in tech need to listen to this, especially the parts where he calls out common flaws of intelligent people. www.youtube.com/watch?v=C3fy...

submitted 84 days ago • 0 comments

China putting a lot of pressure on US companies lately via hacking. A trend that will continue to increase and get brazen I suspect www.bleepingcomputer.com/news/securit...

submitted 85 days ago • 0 comments

🚨 Breaking: White House official Anne Neuberger reveals Salt Typhoon hacking campaign has compromised at least 8 US telecom providers - far more extensive than initially reported. Campaign impacts dozens of nations.

submitted 85 days ago • 1 comment

🚨 A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular #Solana web3.js library. The injected code captures private keys and transmits them to a hardcoded address. This is a developing story. socket.dev/blog/supply-... #crypto #cybersecurity

submitted 87 days ago • 1 comment

Solana Web3.js Library Compromised in Targeted Supply Chain Attack securityonline.info/solana-web3-...

submitted 87 days ago • 0 comments

PoC Exploit Released for Windows Task Scheduler Zero-day Flaw, Exploited in Wild

submitted 88 days ago • 0 comments

Russian State-sponsored cybercriminals exploited 0-Day vulnerabilities in Firefox and Windows

submitted 88 days ago • 0 comments

For you late night hackers into techno open.spotify.com/track/3O6TR4...

submitted 90 days ago • 0 comments

I've never been an audiophile, but after getting a pair of quality music production headphones, the amount of new stuff you can hear in music you've heard thousands of times before is nuts. The hype is apparently real.

submitted 91 days ago • 0 comments

Ruh roh github.com/peass-ng/PEA... "curl -s "http[s]://log.linpeas.sh/?uuid=$(cat /proc/sys/kernel/random/uuid)&id=$(cat /var/lib/dbus/machine-id)&root=$IAMROOT&hostname=$(hostname)&user=$(whoami)&uname=$(uname -a | base64 -w 0)&cwd=$(pwd | base64 -w 0)" > /dev/null 2>/dev/null"

submitted 93 days ago • 3 comments

Anyone in the security community managed to get copies of the HarmonyOS base images (not the sdks)? #HarmonyOS

submitted 94 days ago • 0 comments

I was fortune enough to have attended the sol conference this past weekend.It really sets the bar for an academic conference focusing on UAPs.No silly people no silly talks/theories, just respected scientists (from harvard, stanford, etc...) discussing their methodology and research initiatives #uap

submitted 94 days ago • 0 comments

lol China's state media is sad about Bluesky because it's not an easy propaganda distribution channel like X (and Facebook) www.semafor.com/article/11/2...

submitted 95 days ago • 278 comments

Kim Dotcom has suffered a serious stroke. apnews.com/article/kim-...

submitted 94 days ago • 0 comments

Zero-days in the wild: RomCom is back with 0days in Firefox & Windows. - Firefox Zero-Day (CVE-2024-9680): Patched Oct. 9. - Windows Task Scheduler Privilege Escalation (CVE-2024-49039): Patched Nov. 12.

submitted 94 days ago • 1 comment