Profile avatar
seancassidy.me
Head of Security at Asana
60 posts 482 followers 183 following
Prolific Poster
Conversation Starter
Posts 33 Comments 16

“ThErE Is nO EvIdEnCe oF AnY ThReAt aCtOr aCtIvItY” said the clowns at @lastpass.bsky.social in their many, many updates trying to downplay the severity of this breach. If you’re using LastPass in 2025, you’re being grossly negligent.

submitted 1 day ago • 8 comments

This example of writing from DeepSeek's r1 model is incredible. It actually persuaded me that the chat interface is more than just a rough first draft of a UI. Also, "the demon stirs"? I could read this all day. substack.com/@jasmine/not...

submitted 40 days ago • 0 comments

TIL that C function definitions have an implicit semicolon after them, which enables you to put a function declaration in the for loop control block. lcamtuf.substack.com/p/getting-si...

submitted 57 days ago • 0 comments

Find yourself fixing the family printer today?🎄 We get hit with tech requests & our folks don’t realize they are most at risk bc they reuse their password everywhere! Thanks @techcrunch.com @zackwhittaker.bsky.social for chatting about how to help our fam at home 💻 techcrunch.com/2024/12/25/h...

submitted 73 days ago • 2 comments

Reporters, this is a story worth covering. It might not be as glamorous as high-profile hacks, and it might not attract as many clicks, but it’s important. The quiet adoption of HTTPS has improved online security for billions of people, and it deserves attention. medium.com/@boblord/the...

submitted 79 days ago • 0 comments

i saw a drone show last night and it was so good i never want to see fireworks ever again. 10/10 no notes

submitted 83 days ago • 0 comments

For anyone interested in detection and prevention methods against Salt Typhoon intrusions targeting communication providers, here is a comprehensive guide: media.defense.gov/2024/Dec/03/...

submitted 95 days ago • 2 comments

A few days ago I almost got bit by a .shop fake website impersonating a website I wanted to use. krebsonsecurity.com/2024/12/why-...

submitted 95 days ago • 1 comment

why do onions tell you to wash them before use. who is eating the onion skins

submitted 100 days ago • 1 comment

LLMs are going to take a lot of security industry jobs. We're already starting to see it, and in 2025, and especially 2026, it'll be all we're talking about.

submitted 102 days ago • 1 comment

If you're using Telegram? Don't. At the moment, Signal (signal.org) is the most secure fully mature messaging app that's out there. It's what CULT OF THE DEAD COW uses for our intra-herd conversations, as well as being pretty much the Gold Standard in the information security community right now.

submitted 107 days ago • 3 comments

CISO starter pack? Yes please. go.bsky.app/D3emUbj

submitted 103 days ago • 0 comments

i will never forget the time, i, a newly minted freshman in college, was in the supermarket and asked if a guy was on line (for checkout). and he said, "you mean, like, on the internet? oh here in rochester we actually say in line rather than on line."

submitted 103 days ago • 1 comment

What are your go-to recent research articles on how LLMs are _actually_ being leveraged by threat actors (or could be). No hypemen and p-doomers please. Deep fakes and “phishing could get better” out os scope. I’m aware of the Google fuzzing stuff and the OpenAI attrib do a couple months ago.

submitted 107 days ago • 6 comments

me: my privacy is important! don’t share my personal information! also me: enters every free online giveaway i see

submitted 105 days ago • 1 comment

2024: Wiz acquires Dazz 2025: Bloop acquires Blop

submitted 107 days ago • 0 comments

we gotta cancel bash yossarian.net/til/post/som...

submitted 108 days ago • 0 comments

I heard someone describe themselves as an AI skeptic recently. What even is an AI Skeptic? Someone who hasn't used any LLMs?

submitted 109 days ago • 2 comments

i will never forgive slack for not making Ctrl-k hyperlinking and instead making it Ctrl-Shift-U

submitted 110 days ago • 0 comments

phishing training is not an effective security control www.computer.org/csdl/proceed...

submitted 110 days ago • 1 comment

bug bounty brag posts are just the hustle culture of infosec.

submitted 111 days ago • 0 comments

I love that infosec bluesky is growing so much. I miss the old infosec twitter.

submitted 111 days ago • 34 comments

💡 Tip: You can set your website as your username on Bluesky! This is one form of self-verification, and we especially encourage official organizations and brands to do this! Examples include @npr.org @react.dev @duolingobrasil.com.br. Here's our guide for how to do this:

submitted 113 days ago • 1520 comments

holy shit it's finally happening aws.amazon.com/blogs/aws/ce...

submitted 113 days ago • 1 comment

starter pack for CISOs on Bluesky: go.bsky.app/D3emUbj

submitted 113 days ago • 1 comment

Today’s security soapbox item: The materiality of a security incident is a legal determination. CISOs you should not be making this call. You do not want to make this call. Loop in your lawyer. Also make sure your company (if public) has a process for determining materiality and reporting.

submitted 115 days ago • 2 comments

it feels like more people have joined bluesky this past week than in the past six months

submitted 118 days ago • 0 comments

i can’t believe that the Addam’s family first showed up as a New Yorker cartoon

submitted 118 days ago • 0 comments

neat

submitted 172 days ago • 0 comments

aim had a buffer overflow in it as part of its protocol! wild stuff www.nplusonemag.com/issue-19/ess...

submitted 453 days ago • 0 comments

this has such big "Blaze your glory" energy

submitted 457 days ago • 0 comments

has anyone checked in on michael lewis

submitted 492 days ago • 0 comments

i have never been more often sick than in 2023. it has not stopped since late january

submitted 507 days ago • 0 comments