Iben Rodriguez

After months of research and interviews we have released our report on Vulnerability Management for Cloud Native (and legacy) workloads. These newer tools help us to be more effective with the limited resources of today’s cybersecurity teams. gigaom.com/report/gigaom-…

Microsoft introduces Backup and Recovery for Microsoft Entra ID! Entra Backup and Recovery solution enables you to quickly recover from malicious attacks or accidental changes by reverting your core tenant objects to any previous state within the last 5 days. With automated backups and granular recovery capabilities, it ensures minimal downtime and supports your business continuity in the face of unexpected disruptions. Entra automatically generates one backup per day, retaining the last 5 days of backup history. You can recover key properties of the following core tenant objects: - Users - Groups - Applications - Conditional access policies - Service principals - Organization - Authentication methods - Authorization policy - Named locations #EntraID #Microsoft365 #Microsoft

Affected client: @cluely Yes, that Cluely, the company that sells AI overlays to help people cheat interviews. A company whose entire value prop is undetectable deception was getting its compliance from a company whose entire value prop is undetectable deception. Synergy!

Multithreaded Nmap wrapper with a dashboard github.com/Sharkeonix/nma…

join the society of quantum engineers sqe as we strive towards sqeatsjsu.org Quantum engineering applies quantum mechanics to design technologies that solve problems too complex for classical computers, utilizing qubits for simultaneous processing.

basic software supply chain security controls dictate that we don’t allow unfettered access to the internet from devices on networks we control. use a binary registry service like artifactory with x-ray from @jfrog to mitigate rookie configuration mistake vulnerabilities

Google Cloud is giving out FREE access to its GCP lab environment plus a 100% exam voucher. This is fully covered. All you need to do is complete the required learning activities, and you earn a voucher for an eligible certification exam. Eligible exams include: - Associate Cloud Engineer - Professional Cloud Architect - Generative AI Leader Registrations are currently open and close March 11. If you’ve been waiting for an excuse to get cloud-certified, this is it. Get started here: developers.google.com/program/gear/g… Don’t say nobody told you.

New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises: arstechnica.com/security/2026/… AirSnitch resets WiFi security back to the bad-old-days of ARP spoofing and trivial MITM.

@HackingDave @ericellis did you look in the wigle database? share.google/aimode/bcNWxlw…

@ericellis Yah, we had created an iphone app + android app called "Find Nancy" that we built, but need the MAC/IRK and could turn every device in the location to one that could look for the signal.

I passed my research to law enforcement. Looks like they are using it. Super cool to see this unfold live. I hope they find her.

Sweden is committing more than €100 million to a sweeping classroom overhaul: replacing tablets and screens with traditional printed textbooks to help reverse falling student performance and sharpen focus. After more than a decade of embracing digital-first education, Swedish authorities are now pivoting back to paper-based learning. Official data and recent studies cited by the Ministry of Education show that prolonged screen use in class has been linked to shorter attention spans, weaker reading comprehension, and reduced critical-thinking abilities. Research consistently finds that reading on illuminated screens requires greater mental effort and invites more distractions compared to the calm, linear experience of physical books—factors believed to have contributed to declining academic outcomes in recent years. Under the new plan, every student will receive printed textbooks for all core subjects, restoring books as the central learning tool. Digital devices and online resources will remain available as supportive tools, but they will no longer dominate daily instruction. This bold €100+ million investment signals Sweden’s leadership in rethinking the role of technology in education. It underscores a broader, growing recognition worldwide: while screens provide speed and access, the hands-on, distraction-free engagement of physical books supports deeper concentration, stronger memory retention, and more effective long-term learning. By choosing paper over pixels, Sweden is charting a path toward a more balanced, evidence-informed classroom future—one that puts proven pedagogical principles ahead of unchecked digital trends.

Last week I tweeted about Linear only supporting SSO on their enterprise tier. Their CEO DM’d me suggesting I reach out to sales. I didn’t. The entire point is that I don’t want to have to deal with sales just to enable a feature. Anyway, their sales team keeps cold emailing me about it so I migrated off the platform.

@NathanMcNulty this is what nightmares are made of We have three different types of cage nets, and should settle on a standard size so that they don’t get mixed up. 

we use 1032, which is the same as a telecom rack if you see any M5 or M6 cage nuts please try to avoid. what is m8?!?!

When the job description said "Ability to lift 50 lbs" they actually meant it Also, these were so cursed

SSO (Single Sign-On) Clearly Explained. SSO can be thought of as a master key to open all different locks. It allows a user to log in to different systems using a single set of credentials. To fully understand the SSO process, let’s take a look at how a user would log into LinkedIn using Google as the identity provider: 𝟭) 𝗨𝘀𝗲𝗿 𝗿𝗲𝗾𝘂𝗲𝘀𝘁𝘀 𝗮𝗰𝗰𝗲𝘀𝘀 First, the user would attempt to access the Service Provider (LinkedIn). At this point, a user would be presented with login options, and in this example, they would select "Sign in with Google". 𝟮) 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗿𝗲𝗾𝘂𝗲𝘀𝘁 From here, the Service Provider (LinkedIn) will redirect the user to the Identity Provider (Google) with an authentication request. 𝟯) 𝗜𝗱𝗣 𝗰𝗵𝗲𝗰𝗸𝘀 𝗳𝗼𝗿 𝗮𝗰𝘁𝗶𝘃𝗲 𝘀𝗲𝘀𝘀𝗶𝗼𝗻 Once the Identity Provider (Google) has received the request, it will check for an active session. If it doesn't find one, authentication will be requested. 𝟰) 𝗨𝘀𝗲𝗿 𝘀𝘂𝗯𝗺𝗶𝘁𝘀 𝗰𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀 At this stage, the user will submit their login credentials (username and password) to the Identity Provider (IdP). 𝟱) 𝗜𝗱𝗣 𝘃𝗲𝗿𝗶𝗳𝗶𝗲𝘀 𝗰𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀 The Identity Provider will then verify the submitted credentials against its User Directory (database). If the credentials are correct, the IdP will create an authentication token or assertion. 𝟲) 𝗜𝗱𝗣 𝘀𝗲𝗻𝗱𝘀 𝘁𝗼𝗸𝗲𝗻 𝘁𝗼 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗣𝗿𝗼𝘃𝗶𝗱𝗲𝗿 Once the token or assertion has been created, the IdP sends it back to the Service Provider confirming the user's identity. The user is now authenticated and can access the Service Provier (LinkedIn). 𝟳) 𝗔𝗰𝗰𝗲𝘀𝘀 𝗴𝗿𝗮𝗻𝘁𝗲𝗱 𝘂𝘀𝗶𝗻𝗴 𝗲𝘅𝗶𝘀𝘁𝗶𝗻𝗴 𝘀𝗲𝘀𝘀𝗶𝗼𝗻 Since the Identity Provider has established a session, when the user goes to access a different Service Provider (e.g. GitHub), they won't need to re-enter their credentials. Future service providers will request authentication from the Identity Provider, recognize the existing session, and grant access to the user based on the previously authenticated session. SSO workflows like the above operate on SSO protocols, which are a set of rules that govern how the IdP and SP communicate and trust each other. Common protocols include Security Assertion Markup Language (SAML), OpenID Connect, and OAuth. What else would you add? -- 👋 PS: Get our System Design Handbook FREE when you join our newsletter. Join 27,501+ engineers: lucode.co/luc-newsletter… -- 🔖 Save for later. ♻️ Repost to help other engineers learn and grow. ➕ Follow Nikki Siapno + turn on notifications.

Let’s Encrypt has made IP-based TLS certificates generally available, allowing secure HTTPS connections directly to IP addresses. linuxiac.com/lets-encrypt-l… #LetsEncrypt #Certificates #TLS #Security

The Open-source platform that centralizes secure access to your entire infrastructure

@John_Capobianco i think they are sharpening the blades on ice skates, is that right?

Also at the Canadian Tire ! 5 rows away from the LED drill I’m telling you it’s a different vibe back home

Expert Keynote: Moving Beyond Compliance to Strategic Data Control dy.si/3kTaTT2

@MattPRD Share it on swarms marketplace, world’s largest agent marketplace swarms.world

It's sad this has to be said... but every app running on the device your IT admins use for privileged accounts has the potential to abuse those accounts There is a reason we recommend privileged/secure access workstations Don't overthink it - basic PAWs > productivity devices

A recent change to 1.1.1.1 accidentally altered the order of CNAME records in DNS responses, breaking resolution for some clients. Let's look at what happened and dive into the ambiguities of the DNS RFCs. cfl.re/4pH5BKx