Alessandro Brucato
@_brucedh
Followers
296
Following
462
Media
14
Statuses
971
Security lies in the details
Milan, Italy
Joined August 2011
I made this MCP server for incident response in AWS, integrating several services. If you want to give it a try, I’d love to hear your feedback!.
AWS‑IReveal‑MCP is a Model Context Protocol (MCP) server designed to give security teams and incident responders a unified interface to AWS services useful for investigation. #Dockerfile .
0
0
1
Thanks @AnthropicAI for the nice challenge! I learned a lot about jailbreaking to reach level 4 .#claude
Results of our jailbreaking challenge:. After 5 days, >300,000 messages, and est. 3,700 collective hours our system got broken. In the end 4 users passed all levels, 1 found a universal jailbreak. We’re paying $55k in total to the winners. Thanks to everyone who participated!.
0
0
0
RT @jsrailton: BREAKING: #Paragon reportedly terminates spyware contract with #Italy. Right on heels of reported targeting of journalist &….
0
205
0
It was a pleasure to contribute to such a great tool!.
Stratus Red Team now supports an Amazon Bedrock attack technique to simulate LLMjacking, thanks to a contribution from @_brucedh!.
0
0
0
Our talk 'The Dark Economy of Stolen Cloud Accounts in Phishing Attacks' at @fwdcloudsec is out!.
0
0
1
RT @wikileaks: BREAKING: Julian Assange US extradition appeal will be heard at the UK High court on 9-10 July . Detained for over 13 years….
0
229
0
RT @TheHackersNews: 🚨 Researchers have uncovered a new attack called "LLMjacking" that targets large language models (LLMs) hosted on cloud….
0
83
0
New article about attackers targeting LLMs in Cloud!.
🚨 Exploring the new threat landscape - LLMjacking - at #RSACon2024. 🌩️ Sysdig TRT reveals a chilling attack trend targeting cloud-hosted LLM-based #AI systems. Learn more: #RSA.
0
0
5
RT @SANSCloudSec: ☁ In Part Two of SANS Certified Instructor, Ryan Nicholson’s Cloud Attack blog series, he reveals just a few of the new #….
0
3
0
RT @vxunderground: Reminder that Threat Actors (probably) haven't paid for a Red Teaming course or any sort of formal education.
0
106
0
RT @sysdig: Chat with these rockstar #CloudSecurity threat researchers at #BHUSA! 🎩 Bring your burning cloud attack questions to Booth 1350….
0
1
0
RT @chrisdoman: Good article from @TheHackersNews covering research by @_mattmuir at @CadoSecurity and @_brucedh at @sysdig "SCARLETEEL Cr….
0
1
0
RT @AndrewYNg: 1/The call for a 6 month moratorium on making AI progress beyond GPT-4 is a terrible idea. I'm seeing many new applications….
0
2K
0
RT @jason_koebler: Over the weekend, a verified account posing as FTX founder SBF posted dozens of copies of this deepfake video offering F….
0
1K
0
RT @pwntester: Advisory for CVE-2022-42889 #Act4Shell (RCE via Apache Commons Text interpolation). Regardless of the similarities with #log….
0
24
0