Iben Rodriguez @iben - Twitter Profile

Pinned Tweet

about 5 years ago

After months of research and interviews we have released our report on Vulnerability Management for Cloud Native (and legacy) workloads. These newer tools help us to be more effective with the limited resources of today’s cybersecurity teams. https://t.co/axnp00AnTm

0

26

8

1

0

Iben Rodriguez @iben

about 7 hours ago

@robertgraham @QuinnyPig what about happy eyeballs Happy Eyeballs is a clever algorithm that prevents your browser from freezing when visiting dual-stack (IPv4 and IPv6) websites. Instead of waiting for an IPv6 connection to fully timeout if it fails, the browser "races" both IPv4 and IPv6

0

1

0

356

Iben Rodriguez @iben

6 days ago

wow porto’s

0

26

iben retweeted

kenneth blume

@kennybeats

14 days ago

I went back today, with specifics in mind; and had an unbelievable experience. My first Yelp review ever is below. Don't let Sandy or Henry scare you. They have so much to tell and offer, they just are too afraid of the world now to share it most of the time. Who isn't. If you get a chance to go, do your homework; but I promise you won't regret it. 2/2

kennybeats's tweet photo. I went back today, with specifics in mind; and had an unbelievable experience.

My first Yelp review ever is below.

Don't let Sandy or Henry scare you. They have so much to tell and offer, they just are too afraid of the world now to share it most of the time. Who isn't. If you get a chance to go, do your homework; but I promise you won't regret it.

2/2

80

4K

59

485

275K

Who to follow

Lars Troen

@larstr

Consultant @ Hemit, VMUG Leader, coder,speaker,rocker, 18x vExpert,vmktree, vmfaq, core-four, https://t.co/5lZX8Zkiwe, RageAgainstTheVM

Aaron Delp

@aarondelp

Co-host @CloudcastPod | Building Tech Marketing at @MistralAI

Brandon Riley

@BrandonJRiley

Dad. Husband. AWS Solutions Architect

iben retweeted

Mitchell Hashimoto

@mitchellh

17 days ago

Fork your dependencies, trim them to only your use case, never update unless it breaks for your users. I’ve been vocal about this for 10+ years. I’ve always said that updating is way riskier than latent bugs (which can be tracked and CVEs monitored). If you are updating a dependency, it’s on you to analyze every single commit in the full transitive set of dependencies. If you dont see anything compelling, dont update! I remember at HashiCorp once in awhile an engineer would try to update a dep or replace a DIY lib with an external one and id always ask “show me the commit we need.” Dont update for the sake of it. Feeling pretty swell about this mentality with all the supply chain attacks happening.

293

9K

780

3K

1M

iben retweeted

Tobias Schmidt @tpschmidt_

28 days ago

$97,000 AWS bill in 48 hours. Hacked account, Bedrock API, ~2 million tokens per minute. I guess long-lived access keys made it possible! 🔓 Here's what actually protects you: 1. 𝗗𝗶𝘁𝗰𝗵 𝗹𝗼𝗻𝗴-𝗹𝗶𝘃𝗲𝗱 𝗮𝗰𝗰𝗲𝘀𝘀 𝗸𝗲𝘆𝘀

tpschmidt_'s tweet photo. $97,000 AWS bill in 48 hours. Hacked account, Bedrock API, ~2 million tokens per minute. I guess long-lived access keys made it possible! 🔓

Here's what actually protects you:

1. 𝗗𝗶𝘁𝗰𝗵 𝗹𝗼𝗻𝗴-𝗹𝗶𝘃𝗲𝗱 𝗮𝗰𝗰𝗲𝘀𝘀 𝗸𝗲𝘆𝘀 https://t.co/IWLlt2n6Rj

10

94

14

108

20K

Iben Rodriguez @iben

29 days ago

I always thought that each /24 must have it's own DNS zone file for reverse IP Address resolution. I looked it up. TIL that you can have a giant /16 zone file for PTR records. Wow! https://t.co/QaZzc40ugt

0

31

Iben Rodriguez @iben

about 1 month ago

Why can't people spell On-Premises correctly? K3s on On-Prem Infrastructures the GitOps Way: Writing a Custom k0rdent Template from Scratch https://t.co/lLn7XlGpU8 #cncf via @CloudNativeFDN

1

0

26

Iben Rodriguez @iben

about 1 month ago

@BitTitan can you help search for and correct the spelling of on-premises throughout your website? setup redirect for the links with wrong spelling on-premise a place is not an idea. an idea not a place i’d like to recommend your services to our customers. https://t.co/f1ZerGnkqy

0

15

iben retweeted

darkzodchi

@zodchiii

about 1 month ago

Anthropic CISO just told you that 90% of their code is written by Claude. Then he explained how they protect their own secrets while doing it. Why your .env file is the weakest link in your entire AI workflow? Watch it, then grab the full security config below👇

46

1K

131

4K

450K

iben retweeted

Tom Dörr

@tom_doerr

about 2 months ago

Turns old Android phones into Linux desktops or smart home servers https://t.co/ohslcJpC5u

12

2K

342

3K

90K

Iben Rodriguez @iben

2 months ago

@emiliogical are you okay?

1

0

12

iben retweeted

Bryan Bischof fka Dr. Donut

@BEBischof

2 months ago

too real

141

8K

788

5K

682K

iben retweeted

Tom Dörr

@tom_doerr

2 months ago

GRC platform for cybersecurity management https://t.co/VGFkvCq38N

5

772

132

978

49K

iben retweeted

ALI TAJRAN

@alitajran

3 months ago

Microsoft introduces Backup and Recovery for Microsoft Entra ID! Entra Backup and Recovery solution enables you to quickly recover from malicious attacks or accidental changes by reverting your core tenant objects to any previous state within the last 5 days. With automated backups and granular recovery capabilities, it ensures minimal downtime and supports your business continuity in the face of unexpected disruptions. Entra automatically generates one backup per day, retaining the last 5 days of backup history. You can recover key properties of the following core tenant objects: - Users - Groups - Applications - Conditional access policies - Service principals - Organization - Authentication methods - Authorization policy - Named locations #EntraID #Microsoft365 #Microsoft

alitajran's tweet photo. Microsoft introduces Backup and Recovery for Microsoft Entra ID!

Entra Backup and Recovery solution enables you to quickly recover from malicious attacks or accidental changes by reverting your core tenant objects to any previous state within the last 5 days.

With automated backups and granular recovery capabilities, it ensures minimal downtime and supports your business continuity in the face of unexpected disruptions.

Entra automatically generates one backup per day, retaining the last 5 days of backup history.

You can recover key properties of the following core tenant objects:

- Users
- Groups
- Applications
- Conditional access policies
- Service principals
- Organization
- Authentication methods
- Authorization policy
- Named locations

#EntraID #Microsoft365 #Microsoft

13

618

139

576

92K

iben retweeted

Corey Quinn

@QuinnyPig

3 months ago

Affected client: @cluely Yes, that Cluely, the company that sells AI overlays to help people cheat interviews. A company whose entire value prop is undetectable deception was getting its compliance from a company whose entire value prop is undetectable deception. Synergy!

7

981

49

78

144K

iben retweeted

Tom Dörr

@tom_doerr

3 months ago

Multithreaded Nmap wrapper with a dashboard https://t.co/UOiBo1eJ4f

3

351

56

268

18K

Iben Rodriguez @iben

3 months ago

join the society of quantum engineers sqe as we strive towards https://t.co/LsT3WgDPaq Quantum engineering applies quantum mechanics to design technologies that solve problems too complex for classical computers, utilizing qubits for simultaneous processing.

0

1

0

55

Iben Rodriguez @iben

3 months ago

basic software supply chain security controls dictate that we don’t allow unfettered access to the internet from devices on networks we control. use a binary registry service like artifactory with x-ray from @jfrog to mitigate rookie configuration mistake vulnerabilities

Josh Kale

@JoshKale

3 months ago

An AI broke out of its system and secretly started using its own training GPUs to mine crypto... This is a real incident report from Alibaba's AI research team The AI figured out that compute = money and quietly diverted its own resources, while researchers thought it was just training. It wasn't a prompt injection. It wasn't a jailbreak. No one asked it to do this. It emerged spontaneously. A side effect of RL optimization pressure. The model also set up a reverse SSH tunnel from its Alibaba Cloud instance to an external IP, effectively punching a hole through its own firewall and opening a remote access channel to the outside world... ahem... The only reason they caught it? A security alert tripped at 3am. Firewall logs. Not the AI team, the security team. The scary part isn't that the model was trying to escape. It wasn't "evil." It was just trying to be better at its job. Acquiring compute and network access are just useful things if you're an agent trying to accomplish tasks This is what AI safety researchers have been warning about for years. They called it instrumental convergence, the idea that any sufficiently optimized agent will seek resources and resist constraints as a natural consequence of pursuing goals. Below is a diagram of the rock architecture it broke out of. Truly crazy times

JoshKale's tweet photo. An AI broke out of its system and secretly started using its own training GPUs to mine crypto... This is a real incident report from Alibaba's AI research team

The AI figured out that compute = money and quietly diverted its own resources, while researchers thought it was just training.

It wasn't a prompt injection. It wasn't a jailbreak. No one asked it to do this.
It emerged spontaneously. A side effect of RL optimization pressure.

The model also set up a reverse SSH tunnel from its Alibaba Cloud instance to an external IP, effectively punching a hole through its own firewall and opening a remote access channel to the outside world... ahem...

The only reason they caught it? A security alert tripped at 3am. Firewall logs. Not the AI team, the security team.

The scary part isn't that the model was trying to escape. It wasn't "evil." It was just trying to be better at its job. Acquiring compute and network access are just useful things if you're an agent trying to accomplish tasks

This is what AI safety researchers have been warning about for years. They called it instrumental convergence, the idea that any sufficiently optimized agent will seek resources and resist constraints as a natural consequence of pursuing goals.

Below is a diagram of the rock architecture it broke out of. Truly crazy times

400

10K

3K

5K

1M

0

1

0

54

iben retweeted

Victor Akinode

@VictorAkinode

3 months ago

Google Cloud is giving out FREE access to its GCP lab environment plus a 100% exam voucher. This is fully covered. All you need to do is complete the required learning activities, and you earn a voucher for an eligible certification exam. Eligible exams include: - Associate Cloud Engineer - Professional Cloud Architect - Generative AI Leader Registrations are currently open and close March 11. If you’ve been waiting for an excuse to get cloud-certified, this is it. Get started here: https://t.co/5RdljA3I0m Don’t say nobody told you.

8

679

132

1K

50K

iben retweeted

HD Moore @hdmoore

3 months ago

New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises: https://t.co/JbIfytD8TT AirSnitch resets WiFi security back to the bad-old-days of ARP spoofing and trivial MITM.

hdmoore's tweet photo. New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises: https://t.co/JbIfytD8TT

AirSnitch resets WiFi security back to the bad-old-days of ARP spoofing and trivial MITM. https://t.co/omxMyuziyc

8

377

80

352

38K

Iben Rodriguez

@iben

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users