dalmoz
@dalmoz_
Followers
4K
Following
15K
Media
1K
Statuses
9K
Product Security @island_io. Tinkerer, Hacker, Public Speaker; @ShabbatCon Co-Founder. Alignment: Lawful-Gray. Ex: Apiiro, Akamai, Verint Opinions are my own.
38.6537378, -80.3789785
Joined July 2012
Weekend tinkering → unexpected habit → unexpected results. Just wrapped this quarter ranked in the Top 10 Israeli hackers on @Hacker0x01 👀 Didn’t plan it, but I’ll take it 😎🧑💻
0
0
2
Somewhat depressing news tbh, making you think of the trch developments and their nonlinearity as well as market demand driving it rather then vision https://t.co/VXzloC0lmh
indiandefencereview.com
A 25-year-old computer just ran a modern AI model, proving that cutting-edge tech doesn't always need cutting-edge hardware. With just a Pentium II and 128 MB of RAM, EXO Labs pulls off a remarkable...
0
0
13
One less tracking instrumentation.. TIL - unload event is being (slowly) deprecated https://t.co/R6VcgMGQ4B
developer.chrome.com
The unload event will be gradually deprecated starting from Chrome 117. Learn what this means and how sites and enterprises can prepare for this
0
0
0
📝 Protip: vuln research isn’t just about breaking stuff it’s about figuring out what the dev thought they built the real bugs are usually in their mental model, not the code many criticals are in fact spec bugs wearing implementation as a disguise
0
0
1
Thats great, but I'd personally prefer burp will update their tech stack, everytime I see that Swing UI i get the shivers
Burp AI is here ✨ We believe AI has the power to transform pentesting - not by replacing human testers, but by augmenting them. Burp AI, a set of powerful features designed to enhance your workflow, reduce noise, and give you deeper insight into vulnerabilities is now
0
0
0
TL;DR: Work with R&D, not against them Make security a habit, not an afterthought Build transparency, kill the blame game Security scales best when it’s part of the flow. 🚀
0
0
0
👥 Openness Beats Blame Blame kills security culture. Transparency wins. Set up a Slack/Discord channel where anyone can drop security concerns—no shame, no BS, just good discussions. Smart engineers will hand you gold.
1
0
0
🛡️ Security as a Habit The goal? Make security second nature. The less friction, the better. ⚡ Try this: Drop one security tip in each stand-up. Micro-trainings > big, boring sessions. Repetition builds muscle memory.
1
0
0
🤝 Partnering, Not Policing Security shouldn't be a roadblock; it should be a cheat code. Working with R&D—not just dropping security requirements—makes security flow naturally into the product.
1
0
0
Some quick reflections on our Product Security journey at @island_io —the last quarter flew by, but security stayed front and center. A few key takeaways (and some do-it-yourself tips): 🧵👇
1
0
0
Congratulations to the legendary Adi Shamir on his Levchin Prize win! Dr. Shamir donated the $10K prize money to students sponsorships.
0
21
96
POV: Democracy by the greatest democracy in the world: Total of 19 honorees - 12 democrat 6 apolitical 1 republican #medaloffreedom #Biden #Democracy #America #USA
https://t.co/Cf5HiTXyh3
0
0
0
POV: playing GTA, waiting for the army to arrive.
Devastating image aftermath flood in the Alfafar in the province of Valencia, Spain 🇪🇸 (30.10.2024)
0
0
1
Research: Global, Passive Detection of Connection Tampering | Proceedings of the ACM SIGCOMM 2023 Conference Can you guess which country is leading the charts? Research paper -
dl.acm.org
0
1
0
The FBI apprehended the cyber criminal that took over the @SECGov Twitter account and manipulated markets with their post. Here’s my thread about the attack at the time where we discuss SIM swap risk, how phone numbers are required for verified accounts which increases risk, etc
@SECGov A vulnerability on Twitter is that many high profile accounts must add a phone number to become “verified” (even if they choose to hide their checkmark). Then, if you don’t go and remove your phone number after the verification process, you’re at risk for SIM swap account
1
39
123
