Matt Johansen
@mattjay
Followers
44K
Following
77K
Media
5K
Statuses
46K
Helping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!
Join 30k+ subscribers:
Joined June 2008
šØ Exciting thingšØ I'm getting back to my content creation roots. I've missed blogging, podcasting, and community engagement from back before I worked for big companies with scary PR teams. So. I'm launching a newsletter called Vulnerable U.
vulnu.com
Infosec's favorite weekly newsletter for news, tools, and tips with 30,000+ CISOs, founders, change-makers, and straight up hackers.
19
40
269
Iām seeing a ton of chatter on this one.
ā ļø Alert: Widespread data theft campaign by UNC6395. The threat actor is targeting Salesforce instances via Salesloft Drift, targeting sensitive data. Organizations should investigate, rotate credentials, and harden access controls. More here:
2
1
28
This is a big shift
Weāve developed Claude for Chrome, where Claude works directly in your browser and takes actions on your behalf. Weāre releasing it at first as a research preview to 1,000 users, so we can gather real-world insights on how itās used.
1
2
14
RT @Numbers_STN: @mattjay Yep. and all of the major messenger apps use ImageIO in the background.
0
2
0
Share with your Apple user friends and family. When they say under active exploitation that means they have evidence of hacked devices in the wild using this. This update protects you. Stay safe.
0
0
7
Vulnerability is in ImageIO and is an out of bounds write issue. Super common in these types of exploits. Processing a malicious image result in memory corruption. This smells like zero click to me.
3
3
14
Itās everything not just iOS. iPadOS. macOS all versions. Get to patching!
1
2
8
š£ Hi itās me the guy who tells you to not ignore your Apple updates today. Zero day under active exploitation usually means spyware going after journalists, politicians, and activists. Or even just at the border crossings.
2
34
91
Decent list for vibe coders / indie hackers who aren't necessarily security focused. Since my follower list is more security focused, Let's crowdsource a bit. What did he miss? (Keep it easy for indie devs to follow/implement).
HOW TO SECURE YOUR RAW DOG VPS SERVER. - Disable password auth, use only key-based auth (both Hetzner and Digital Ocean do this by default usually).- Install fail2ban on SSH.- Enable unattended-upgrades with auto reboot.- Enable firewall in Hetzner/Digital Ocean dashboard and.
1
1
10
RT @dinodaizovi: This is an interesting case study because it concretely shows that you have to go further than allowlisting known/trustedā¦.
cloud.google.com
We discovered China-nexus threat actors deployed custom backdoors on Juniper Networksā Junos OS routers.
0
34
0
We go through it all and how to protect yourself:. Cursor quietly switched it's IDE extension marketplace - malware popping up already.
0
0
8
Woke big tech requires you be poly to get engineering job. When will the madness stop.
AWS paying up to $152k for an entry level Cloud Engineer role š³ . Need TS/SCI w/ poly tho.
17
3
66
