Securing Bits

@securing_bits

I explain application security using comic art.

Joined April 2023

516 Following

608 Followers

743 Posts

Pinned Tweet

Securing Bits @securing_bits

almost 3 years ago

In February, I discovered a critical authentication bypass in the Google Cloud API Gateway and reported it to @GoogleVRP. 🧵[1/10] References: Write-Up: https://t.co/E9nletAuEb CVE: https://t.co/Gj0fw4ztWd GitHub Advisory: https://t.co/Tr4dn615Wt #bugbounty #googlecloud

securing_bits's tweet photo. In February, I discovered a critical authentication bypass in the Google Cloud API Gateway and reported it to @GoogleVRP. 🧵[1/10]

References:
Write-Up: https://t.co/E9nletAuEb
CVE: https://t.co/Gj0fw4ztWd
GitHub Advisory: https://t.co/Tr4dn615Wt

#bugbounty #googlecloud https://t.co/nGroMQpfjp

2

31

9

16

6K

Securing Bits @securing_bits

20 days ago

@0day_ninja @chompie1337 One day you will make it and become a mentor yourself :)

1

1

0

0

42

Securing Bits @securing_bits

20 days ago

@0day_ninja @chompie1337 One day man…one day 🤝

1

1

0

0

51

Securing Bits @securing_bits

21 days ago

@antirez @fchollet Thanks a lot !!

0

1

0

0

107

Who to follow

Building AI Agents And Automation Workflow ⚡| Blockchain Solidity Developer💥

Pentester || Red Team Bro || Guitar Shredder || Swole AF

#100DaysOfCode Exploring, Learning, Building, Sharing stuff I find valuable. Having Fun. Let's Connect. #LearninginPublic

Securing Bits @securing_bits

4 months ago

@ctbbpodcast Love you guys ! 🙏

0

0

0

0

240

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

Building your next LLM integration? Beware of Indirect Prompt Injection vulnerability. Previous models like GPT4 and Bing have been affected. #llm #applicationsecurity #chatgpt

securing_bits's tweet photo. Building your next LLM integration?

Beware of Indirect Prompt Injection vulnerability. Previous models like GPT4 and Bing have been affected.

#llm #applicationsecurity #chatgpt https://t.co/VTpFnGlcz4

1

2

2

0

385

0

0

0

0

82

Securing Bits @securing_bits

about 2 years ago

Building your next LLM integration? Beware of Indirect Prompt Injection vulnerability. Previous models like GPT4 and Bing have been affected. #llm #applicationsecurity #chatgpt

securing_bits's tweet photo. Building your next LLM integration?

Beware of Indirect Prompt Injection vulnerability. Previous models like GPT4 and Bing have been affected.

#llm #applicationsecurity #chatgpt https://t.co/VTpFnGlcz4

1

2

2

0

385

Securing Bits @securing_bits

about 2 years ago

Learn more about indirect prompt injections from the paper 'Not what you’ve signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection' Link: https://t.co/RRRZWx94ZU

1

0

0

0

85

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

HTTP Response Headers: Usage 🛠 and Security Abuse ☠. Those complement the HTTP Request Headers we saw last week :) #websecurity #bugbounty #bugbountytips

securing_bits's tweet photo. HTTP Response Headers: Usage 🛠 and Security Abuse ☠.

Those complement the HTTP Request Headers we saw last week :)

#websecurity #bugbounty #bugbountytips https://t.co/ap7YDHlYNg

1

2

0

3

254

0

0

0

0

81

Securing Bits @securing_bits

about 2 years ago

HTTP Response Headers: Usage 🛠 and Security Abuse ☠. Those complement the HTTP Request Headers we saw last week :) #websecurity #bugbounty #bugbountytips

securing_bits's tweet photo. HTTP Response Headers: Usage 🛠 and Security Abuse ☠.

Those complement the HTTP Request Headers we saw last week :)

#websecurity #bugbounty #bugbountytips https://t.co/ap7YDHlYNg

1

2

0

3

254

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

HTTP Request Headers: Usage🛠️ and Security Abuse💀 #websecurity #bugbounty #bugbountytips

securing_bits's tweet photo. HTTP Request Headers: Usage🛠️ and Security Abuse💀

#websecurity #bugbounty #bugbountytips https://t.co/t5ZkdjKC8z

1

1

0

0

173

0

0

0

0

65

Securing Bits @securing_bits

about 2 years ago

HTTP Request Headers: Usage🛠️ and Security Abuse💀 #websecurity #bugbounty #bugbountytips

securing_bits's tweet photo. HTTP Request Headers: Usage🛠️ and Security Abuse💀

#websecurity #bugbounty #bugbountytips https://t.co/t5ZkdjKC8z

1

1

0

0

173

Securing Bits @securing_bits

about 2 years ago

@sephr @ABouhoula @AmitZac1 I haven’t checked their methodology either, just trusting the reputation of the conference which involves peer review already .

1

0

0

0

22

Securing Bits @securing_bits

about 2 years ago

Recent research conducted by ETH reveals that 65.4% of the most visited websites in the EU offer a cookie rejection option, yet they could still potentially gather user data even after users explicitly reject their cookies. 🕵️‍♂️ Is privacy compliance so difficult? #privacy #gdpr

securing_bits's tweet photo. Recent research conducted by ETH reveals that 65.4% of the most visited websites in the EU offer a cookie rejection option, yet they could still potentially gather user data even after users explicitly reject their cookies. 🕵️‍♂️

Is privacy compliance so difficult?

#privacy #gdpr https://t.co/JwjaZmuDE5

1

1

0

0

170

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

Guard your LLM against prompt injection with these powerful tools: - https://t.co/w4XxrLxz5b - https://t.co/LaPxKE2xix - https://t.co/wWyPOOf1hp - https://t.co/y3yF0hWP1M - https://t.co/oS1Ur6hkWQ - https://t.co/l9l5puZ5br #AI #MachineLearning #LLM #Security 🛡️🔒

securing_bits's tweet photo. Guard your LLM against prompt injection with these powerful tools:

- https://t.co/w4XxrLxz5b
- https://t.co/LaPxKE2xix
- https://t.co/wWyPOOf1hp
- https://t.co/y3yF0hWP1M
- https://t.co/oS1Ur6hkWQ
- https://t.co/l9l5puZ5br

#AI #MachineLearning #LLM #Security 🛡️🔒 https://t.co/fD5ZLaG2cn

1

2

1

1

164

0

0

0

0

44

Securing Bits @securing_bits

about 2 years ago

Guard your LLM against prompt injection with these powerful tools: - https://t.co/w4XxrLxz5b - https://t.co/LaPxKE2xix - https://t.co/wWyPOOf1hp - https://t.co/y3yF0hWP1M - https://t.co/oS1Ur6hkWQ - https://t.co/l9l5puZ5br #AI #MachineLearning #LLM #Security 🛡️🔒

securing_bits's tweet photo. Guard your LLM against prompt injection with these powerful tools:

- https://t.co/w4XxrLxz5b
- https://t.co/LaPxKE2xix
- https://t.co/wWyPOOf1hp
- https://t.co/y3yF0hWP1M
- https://t.co/oS1Ur6hkWQ
- https://t.co/l9l5puZ5br

#AI #MachineLearning #LLM #Security 🛡️🔒 https://t.co/fD5ZLaG2cn

1

2

1

1

164

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

What could go wrong during the ML model development lifecycle (Part 2) ? Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio at @CloudNativeFdn. #ai #machinelearning #security

securing_bits's tweet photo. What could go wrong during the ML model development lifecycle (Part 2) ?

Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio
at @CloudNativeFdn.

#ai #machinelearning #security https://t.co/rk72sU7fIW

1

2

0

0

95

0

0

0

0

28

Securing Bits @securing_bits

about 2 years ago

What could go wrong during the ML model development lifecycle (Part 2) ? Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio at @CloudNativeFdn. #ai #machinelearning #security

securing_bits's tweet photo. What could go wrong during the ML model development lifecycle (Part 2) ?

Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio
at @CloudNativeFdn.

#ai #machinelearning #security https://t.co/rk72sU7fIW

1

2

0

0

95

Securing Bits @securing_bits

about 2 years ago

If you missed Part 1 👇 https://t.co/I9hicZsbbF

Securing Bits @securing_bits

about 2 years ago

What could go wrong during the ML model development lifecycle? Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio at @CloudNativeFdn. Talk: https://t.co/V25GB17nnb #ai #machinelearning #security

securing_bits's tweet photo. What could go wrong during the ML model development lifecycle?

Example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by @d1gital_f and James Callaghan of @controlplaneio at
@CloudNativeFdn.

Talk: https://t.co/V25GB17nnb

#ai #machinelearning #security https://t.co/Qq2gIIkeIp

1

0

0

0

158

1

0

0

0

45

Securing Bits @securing_bits

about 2 years ago

I hope you've found this thread helpful. Follow me here @securing_bits or on Linkedin https://t.co/SyC2mq9zrV for more, and if you enjoy my content make sure to subscribe to my weekly free newsletter at https://t.co/TaVmXgK4iL. Like/Repost the quote below if you can:

Securing Bits @securing_bits

about 2 years ago

Authentication (AuthN) architecture patterns for microservices👇 #microservices #applicationsecurity #systemdesign

securing_bits's tweet photo. Authentication (AuthN) architecture patterns for microservices👇

#microservices #applicationsecurity #systemdesign https://t.co/Gm1H808oth

2

1

0

0

211

0

0

0

0

45

Securing Bits @securing_bits

about 2 years ago

Authentication (AuthN) architecture patterns for microservices👇 #microservices #applicationsecurity #systemdesign

securing_bits's tweet photo. Authentication (AuthN) architecture patterns for microservices👇

#microservices #applicationsecurity #systemdesign https://t.co/Gm1H808oth

2

1

0

0

211

Last Seen Users on Sotwe

Trends for you

Most Popular Users