Johannes Ullrich
@johullrich
Followers
14K
Following
3K
Media
367
Statuses
9K
Joined December 2008
The challenge is live—are you ready to uncover the truth? 🔍 Play now: https://t.co/sF4KRaVIql
#HolidayHackChallenge #Cybersecurity #LearnByDoingDoing
1
1
5
❄️ It’s the most wonderful time of the year — #HolidayHack Challenge 2025 is LIVE. Join Santa @KringleCon and thousands of players worldwide in the year’s most festive CTF adventure. It's free, fun, and pure cyber joy!
0
3
7
SANS Stormcast Wednesday, November 5th, 2025: Apple Patches; Exploits against Trucking and Logistic; Google Android Patches https://t.co/7KFHD0bXsd
0
1
7
SANS Stormcast Friday, October 31st, 2025: Bug Bounty Headers; Exchange hardening; MOVEIt vulnerability https://t.co/S1VSWuUv9B
0
3
4
I had a great time on Saturday at @BSidesAugusta. Well-run event! Great to run into many familiar faces and even more new ones. Even better to see a lot of people new to the industry attending their first @Bsides.
0
0
3
Fantastic to be back at @BSidesAugusta and learn about Developers from the very entertaining @johullrich
1
2
5
🚨 Even trusted tools can be a threat. Malicious extensions are spreading through VS Code & OpenVSX. SANS’s Dr. @johullrich warns there’s “no good way to verify an app hasn’t been compromised.” Keep extensions minimal & stay vigilant. Read the full story here 👉
csoonline.com
Report from Wiz also says developers are uploading extensions that include access tokens and other secrets.
0
1
7
My cat just wiped my to-do list for today. So I guess I will attend to her for the rest of the day.
0
0
7
SANS Stormcast Tuesday, October 14th, 2025: ESAFENET Scans; Payroll Priates; MSFT Edge IE Mode https://t.co/bnjKoJqc0P
0
2
4
SANS Stormcast Wednesday, October 8th, 2025: FreePBX Exploits; Disrupting Teams Threats; Kibana and QT SVG Patches https://t.co/BrxqJBhz2z
0
3
10
Quick and Dirty Analysis of Possible Oracle E-Business Suite Exploit Script (CVE-2025-61882) https://t.co/cbbkz89SKF
0
4
11
2 more days to get the early-bird discount for one of my all-time favorite conferences, #SANS #DFIRCON in Miami in Nov. There are a bunch of hands-on workshops on Sun, 16 Nov, lots of evening events during the week #FOR577 my last in 2025. @sansforensics
https://t.co/Ltuk7DBjYA
0
2
6
I wrote up a quick blogpost why this SIM farm story is bogus and why you journalists should feel embarrassed for not questioning such obvious propaganda. https://t.co/juWXx9HUqm
The Secret Service dismantled a network of more than 300 SIM servers and 100,000 SIM cards in the New York-area that were capable of crippling telecom systems and carrying out anonymous telephonic attacks, disrupting the threat before world leaders arrived for the UN General
32
163
863
Passwords aren’t enough. 🔒 In this month’s OUCH! Newsletter, @johullrich explains why Passkeys are: ✅ Safer ✅ Simpler ✅ Unique 👉 Learn how they work → https://t.co/RYwTWQcuIT
0
1
3