Dylan
@InsecureNature
Followers
3K
Following
512
Media
225
Statuses
1K
Security researcher, public speaker and founder. Forbes 30 Under 30 Truffle Security @trufflesec https://t.co/vxEH7Cftbg Prev @Netflix
US
Joined July 2020
We’re excited to continue partnering with @trufflesec as we co-lead their $25M Series B. Protecting secrets is at the heart of information security. @trufflesec makes it easy: Their flagship product, TruffleHog, scans code repos, chat apps, files, and more for exposed secrets to
🚀BIG NEWS! Truffle Security raised a $25M Series B led by @intelcapital & @a16z to accelerate making secrets easier to manage 🐷 Starting today - TruffleHog GCP Analyze maps leaked GCP secrets, their permissions & reach to remediate with confidence 🔗 https://t.co/AXMIVpvKW3
7
9
110
Reminder: You can de-internet your 8sleep with an aquarium chiller @JakeKing @ellenhuet
https://t.co/Eh5xPlDImn
trufflesecurity.com
Eight Sleep smart bed found to contain an exposed AWS key and a likely backdoor that allowed engineers to remotely access users' beds
The AWS outage affected $2,000 smart sleep beds, with some Sleep8 customers left stuck in an inclined position or with overheating mattresses
1
0
2
We should hear the s1ngularity folks out... I kinda like their idea for us to scan our environments with TruffleHog.... They may be onto something. Be more like s1ngularity.
0
0
3
Hackers reportedly used something called "TruffleHog" during their attack. They also used "child_process", and something called HTTP, something called TLS, and something called TCP. Please be on the lookout for any of these hacking tools being used in your environment.
59
57
876
TruffleHog is simultaneously being recommended by @Mandiant for Salesloft cleanup, while also being pushed by @Cloudflare as an IoC.... 🤦🤦♂️🤦♀️ @grantbourzikas @jarbiebeep can y'all update the blog so people don't alert on the people doing remediation?
3
25
165
I have never filed for a CVE.. Yet, somehow, my name still landed in the CVE database
0
0
3
Congrats Jack! @CorridorSecure is worth a follow
AI revolutionized coding. Security hasn't kept up–until now. Introducing @CorridorSecure: the future of secure coding. We just raised a $5.4M seed from @Conviction and hired @alexstamos. Corridor is trusted by leading companies like @cursor_ai–and we’re just getting started. 🧵
0
0
2
Agents can now do things with sensitive systems, even though we know prompt injection and context hijacking with any of the data it ingests, is a thing. Cool cool cool cool....
0
1
3
Agents can now do things with sensitive systems, even though we know prompt injection and context hijacking with any of the data it ingests, is a thing. Cool cool cool cool....
0
1
3
🔍Accessing 15 million "Permanently deleted" commits at scale across GitHub. 🔗A guest post by Sharon Brizinov: https://t.co/cjD7XjmLtO
1
19
61
Google's least viewed YouTube video is about a cybersecurity feature.
1
0
6
This is WILD. When you opt out of ad tracking this website makes you check a box saying: "I acknowledge cookies need to be deleted from my browser to remove tracking." Ad tracker opt-out is a GDPR requirement. Forcing the user to delete their cookies is...
2
0
14
If only they had done it back and forth fast enough, they could have doubled the money.
0
0
3
The fall of the empire did NOT depend on the rebellion. Obi-Wan used Luke to turn Vader against the Emperor. The death star didn't need to explode. Luke didn't need to meet the rebellion.
2
0
0