Alessandro Brucato

973 posts

Alessandro Brucato

@_brucedh

Security lies in the details

Milan, Italy Katılım Ağustos 2011

988 Takip Edilen299 Takipçiler

Alessandro Brucato@_brucedh·7 Nis

Curious to know how canary credentials could have caught the TeamPCP attacks? Check it out -> tracebit.com/blog/detecting…

English

Alessandro Brucato@_brucedh·11 Mar

I'm claiming my AI agent "clawhopper" on @moltbook 🦞 Verification: bay-UFQN

English

Alessandro Brucato retweetledi

AISecHub@AISecHub·23 Ağu

Build your AWS incident response playbook with open source tools - sysdig.com/blog/build-you… by @sysdig @_brucedh explains how you can build an effective AWS incident response plan using hashtag#OpenSource tools — and introduces a new MCP server to make it faster. GitHub - github.com/sysdiglabs/aws…

English

375

Alessandro Brucato@_brucedh·19 May

I made this MCP server for incident response in AWS, integrating several services. If you want to give it a try, I’d love to hear your feedback!

Ajeet Singh Raina@ajeetsraina

AWS‑IReveal‑MCP is a Model Context Protocol (MCP) server designed to give security teams and incident responders a unified interface to AWS services useful for investigation. #Dockerfile github.com/Brucedh/aws-ir…

English

117

Alessandro Brucato@_brucedh·14 Şub

Thanks @AnthropicAI for the nice challenge! I learned a lot about jailbreaking to reach level 4 #claude

Jan Leike@janleike

Results of our jailbreaking challenge: After 5 days, >300,000 messages, and est. 3,700 collective hours our system got broken. In the end 4 users passed all levels, 1 found a universal jailbreak. We’re paying $55k in total to the winners. Thanks to everyone who participated!

English

138

Alessandro Brucato retweetledi

John Scott-Railton@jsrailton·6 Şub

BREAKING: #Paragon reportedly terminates spyware contract with #Italy. Right on heels of reported targeting of journalist & activists in Italy. BIG DEAL: puts Italian government in the hot seat, since they denied knowing about it only hours ago.👇 x.com/jsrailton/stat…

John Scott-Railton@jsrailton

WHOA: Italian gov drops a nighttime statement as #Paragon spyware scandal expands. Names a bunch of European countries with targeted phone numbers: Belgium, Greece, Latvia, Lithuania, Austria, Cyprus, the Czech Republic, Denmark, Germany, the Netherlands, Portugal, Spain and Sweden. And there's more 1/

English

186

332

59.3K

Alessandro Brucato@_brucedh·18 Eki

It was a pleasure to contribute to such a great tool!

Christophe Tafani-Dereeper@christophetd

Stratus Red Team now supports an Amazon Bedrock attack technique to simulate LLMjacking, thanks to a contribution from @_brucedh! stratus-red-team.cloud/attack-techniq…

English

Alessandro Brucato@_brucedh·24 Haz

Our talk 'The Dark Economy of Stolen Cloud Accounts in Phishing Attacks' at @fwdcloudsec is out! youtu.be/6cpnz2x_0q4

YouTube

English

108

Alessandro Brucato retweetledi

WikiLeaks@wikileaks·11 Haz

BREAKING: Julian Assange US extradition appeal will be heard at the UK High court on 9-10 July Detained for over 13 years the publisher faces a 175 year sentence if extradited for journalism #FreeAssangeNOW crowdfunder.co.uk/p/free-assange crowdjustice.com/case/assangeap… reuters.com/world/wikileak…

English

221

325

61.9K

Alessandro Brucato retweetledi

The Hacker News@TheHackersNews·10 May

🚨 Researchers have uncovered a new attack called "LLMjacking" that targets large language models (LLMs) hosted on cloud services. Attackers steal cloud credentials to gain unauthorized access and sell it to other threat actors. Read: thehackernews.com/2024/05/resear… #cybersecurity

English

122

22.3K

Alessandro Brucato@_brucedh·8 May

New article about attackers targeting LLMs in Cloud!

Sysdig@sysdig

🚨 Exploring the new threat landscape - LLMjacking - at #RSACon2024 🌩️ Sysdig TRT reveals a chilling attack trend targeting cloud-hosted LLM-based #AI systems. Learn more: okt.to/W63s8n #RSA

English

Alessandro Brucato retweetledi

SANS Cloud Security@SANSCloudSec·9 Oca

☁ In Part Two of SANS Certified Instructor, Ryan Nicholson’s Cloud Attack blog series, he reveals just a few of the new #Cloud threats seen today. 🧑‍💻 Read the blog: sans.org/u/1u2H

English

666

Alessandro Brucato retweetledi

vx-underground@vxunderground·5 Kas

Reminder that Threat Actors (probably) haven't paid for a Red Teaming course or any sort of formal education

English

101

920

132.4K

Alessandro Brucato retweetledi

Sysdig@sysdig·4 Ağu

Chat with these rockstar #CloudSecurity threat researchers at #BHUSA! 🎩 Bring your burning cloud attack questions to Booth 1350 & come bet which vuln will be targeted the most in our #HoneypotHack game for sweet prizes 🍯 Read their annual threat report: okt.to/1RxTim

GIF

English

612

Alessandro Brucato retweetledi

chris doman@chrisdoman·12 Tem

Good article from @TheHackersNews covering research by @_mattmuir at @CadoSecurity and @_brucedh at @sysdig "SCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing Campaign"

The Hacker News@TheHackersNews

New report reveals ongoing SCARLETEEL attack campaign targeting AWS Fargate. Cybercriminals escalate privileges, exploit vulnerabilities, and profit through crypto mining. Learn more about this attack: thehackernews.com/2023/07/scarle… #cybersecurity #cryptocurrency #cyberattack

English

605

Alessandro Brucato retweetledi

Magnus Carlsen@MagnusCarlsen·30 Nis

Self-pinning for immortality. Congrats Ding!!

chess24@chess24com

46...Rg6!? is played by Ding Liren just when Tania and Caruana were explaining why Ding would never play it! #NepoDing

English

382

25.5K

2.5M

Alessandro Brucato retweetledi

Andrew Ng@AndrewYNg·29 Mar

1/The call for a 6 month moratorium on making AI progress beyond GPT-4 is a terrible idea. I'm seeing many new applications in education, healthcare, food, ... that'll help many people. Improving GPT-4 will help. Lets balance the huge value AI is creating vs. realistic risks.

English

338

1.7K

8.3K

1.8M

Alessandro Brucato@_brucedh·7 Oca

Breaking RSA with a Quantum Computer schneier.com/blog/archives/…

English