I've been working on a talk tentatively titled "Myths and Lies in InfoSec"
Some of the research I'll be referencing in the talk was inspired by one particular stat: "60% of small businesses go out of business within 6 months of a data breach"
How do we know a stat is fake? 🧵⏲️
Post-quantum cryptography is coming — but deployment won’t be smooth.
This clip breaks down the uneven readiness between client software and enterprise systems, and why organizations are concerned about breaking production environments during rollout. While some systems can be updated immediately when inactive, the real challenge is managing live infrastructure without disruption.
Is security modernization worth the operational risk it introduces?
#Cybersecurity #PostQuantum #Cryptography
@Spade_Max27@SecWeekly@QANplatform Easier in your case though, because you can upgrade without crossing your fingers that some other party also upgrades, right?
For browsers, email, and anything else that's client/server, you can do the job perfectly and it's all for naught if others don't do the same.
@JonaPaw48287@SecWeekly LLMs are also inherently vulnerable by design and difficult to protect
When any and all unstructured input data could be malicious...
Cyber 'Home Alone' Part 1: Fight Back with Digital Traps!
Canary Tokens are a simple yet powerful tool for cybersecurity, providing alerts when an attacker interacts with a bait file, URL, or service. Perfect for improving your detection capabilities.
Watch Adrian Sanabria @sawaba demo a web bug Canary Token in his Free Upskill Challenge (UC), Detection via Deception. https://t.co/5ObAWpKflG
All 50+ UCs are FREE! Try one, try them all. 😉
#Cybersecurity #HackingTips #InfoSec #DigitalForensics #EthicalHacking
@thedawgyg IIRC, it was $20k to find ONE bug, the one that crashed OpenBSD
Maybe DoS is valuable to someone, but these bugs are just mostly wasting everyone’s time by forcing software updates for no tangible benefit.
But what do I know - maybe Rocket League’s servers run on OpenBSD?
Please check support inbox at terminal dot shop pls @thdxr@adamdotdev@ThePrimeagen@teej_dv@iamdavidhill
i need help with my subscription
pleeeeeease
ordering coffee over SSH was hilarious, did it live on a podcast, but it won't let me manage my subscription
🛡️ Securing access to data alone is no longer enough in an AI-driven world.
On this @SecWeekly episode learn what is driving renewed interest in hybrid architectures and how a #SASE platform is adjacent to #DSPM and vice-versa.
https://t.co/xgfWSm5GtG
#SkyhighSecurity#AI
ICYMI: Mandiant’s Principal Security Consultant Ryan Fried and @Google’s Principal Strategic Security Consultant José Toledo joined @SecWeekly podcast to explore how cyberattacks can derail organizational spending—and (cont) https://t.co/CyMOcGIi9b
Why does security keep failing despite massive investments in tools and compliance? Adrian Sanabria (@sawaba), Principal Researcher at The Defenders Initiative and Main Host of Enterprise Security Weekly (@secweekly), explores this uncomfortable truth in our latest episode of the Be Fearless Podcast.
Adrian discusses with @JohnCarse why checklist-focused security keeps defenders behind, how cyber insurance might force real change, and why AI has become the attacker's number one accomplice in 2025.
Hear the conversation: https://t.co/6CHlt3xXJe
#cybersecurity #browsersecurity #enterprisesecurity
Exposure is everywhere now — cloud, SaaS, IoT, shadow IT, vendors you don’t control.
Replay the @SCMagazine webcast with @sawaba, @hdmoore & @todb to learn why continuous discovery matters and how attackers exploit what you can’t see.
👉 https://t.co/WGF7EWyjbK
📺 Live webcast Dec 3 with @SCMagazine!
Your attack surface doesn’t end at the firewall.
Join @hdmoore, @todb, and @sawaba to learn how continuous discovery + attack path mapping keeps you ahead.
👉 https://t.co/gmRLe0yHhg
Your attack surface is sprawling & full of blind spots.
🎥 On Dec 3 at 2 PM ET, @SCMagazine brings together @hdmoore, @todb, & @sawaba to reveal how to operationalize attack surface management without losing your mind.
👉 Register here: https://t.co/gmRLe0yHhg
Why does security keep failing despite massive investments in tools and compliance frameworks? Adrian Sanabria (@sawaba), Principal Researcher at The Defenders Initiative and Main Host of Enterprise Security Weekly (@SecWeekly), explores this uncomfortable truth in our latest episode of the Be Fearless Podcast.
Adrian discusses with @JohnCarse why focusing on checklists keeps defenders perpetually behind, how cyber insurance might force real change in security practices, and why AI has become the attacker's number one accomplice in 2025. He also covers prompt injection attacks as the next big problem, using frameworks correctly to guide decisions, and why CISOs must avoid the "hoarding" mindset.
Watch now: https://t.co/9oOMr3PHST
#cybersecurity #browsersecurity #enterprisesecurity
Wait..there’s more. If you liked @sawaba piece ‘ A Market for Lemonade’, this insightful piece expands on it. The very astute Adrian writes that much of the funding in #cybersecurity industry is going to the lemonade makers. And that is not a good thing. https://t.co/Fd4O0uxieW