Alright, #infosec crew!

So, PCI DSS v4... that deadline's closing in fast, isn't it?

A&F dropped some serious insights on this: We're talking Script Security, Change Detection, Vendor Risks... the whole shebang!

Look, CSP alone just ain't gonna cut it, sorry not sorry. Third-party vendors? They're often the number one back door. Gotta check those dependencies, seriously!

Compliance isn't a "set it and forget it" kind of deal. You need constant monitoring, folks!

And let's be real: Who here has actually mapped out their entire PCI DSS v4 plan? Or are you still stuck playing Minesweeper?

Passbolt partnered with Quarkslab to conduct a penetration test and assumed breach assessment of Passbolt Cloud solution.

What was tested?
Evaluated API security, backend controls, and safeguards against unauthorized actions.
Simulated an internal attack to assess resilience against an adversary with server access.

Read more on the blog article: https://hubs.li/Q039csDh0

Over the last four months, passbolt underwent three independent assessments to evaluate and strengthen our security posture.

These assessments help us identify and address areas for improvement while confirming our existing security strengths.

Read more about the latest security reviews: https://hubs.li/Q039csDh0

See the findings in the thread.

PowerShell Active Directory Management in 2025: The Definitive Guide | https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=11241 | #2025Tech #ActiveDirectory #ADAutomation #PowerShell7 #SecurityAudit #UserManagement #WindowsServer2022
https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=11241

PowerShell Active Directory Management in 2025: The Definitive Guide | https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=11240 | #2025Tech #ActiveDirectory #ADAutomation #PowerShell7 #SecurityAudit #UserManagement #WindowsServer2022
https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=11240

PowerShell Active Directory Management in 2025: The Definitive Guide | https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=10647 | #2025Tech #ActiveDirectory #ADAutomation #PowerShell7 #SecurityAudit #UserManagement #WindowsServer2022
https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=10647

PowerShell Active Directory Management in 2025: The Definitive Guide | https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=10646 | #2025Tech #ActiveDirectory #ADAutomation #PowerShell7 #SecurityAudit #UserManagement #WindowsServer2022
https://techygeekshome.info/powershell-active-directory-2025/?fsp_sid=10646

Don't miss out on the insights from FOSDEM'25! The recording of "How FreeBSD Security Audits Have Improved our Security Culture" is now available to watch online. Learn about Alpha-Omega's work with the FreeBSD Foundation, the vulnerabilities identified, and the future of security in FreeBSD.

Watch the video and download the slides here: https://buff.ly/42OoyTC #FreeBSD #SecurityAudit #OpenSource #FOSDEM25 #AlphaOmega #infosec

National School Safety Task Force - School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #DOE #securityaudit #safetyaudit

National School Safety Task Force ​School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit

We’re excited to share the results of the @NGIZero funded independent #securityaudit of LibEuFin, GNU Taler’s core banking integration component, conducted by Radically Open Security. Check out our detailed response outlining how we’ve already addressed the findings! https://taler.net/en/news/2024-26.html

Prowler: An Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness.

https://github.com/prowler-cloud/prowler
#cybersecurity #securityaudit #dfir #kubernetes #aws #azure #gcp

National School Safety Task Force ​School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit

Our team recently completed a #securityaudit of Rabby Wallet. You can read the full report, including our findings, here: https://leastauthority.com/blog/audits/rabby-wallet-final-audit-report/

National School Safety Task Force ​School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit

National School Safety Task Force School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit

Oh boy. A simple #enumeration #attack could be used to read credit offers at #CHECK24 and #verivox, two big German portal offering a lot of things around comparing credit offers, insurance contracts and other things.

This is such a trivial mistake, it nearly feels deliberate. This should never ever happend. And for sure this should have be a red flag in any #securityaudit. I wonder how they can state "No indications of miss use.". #cybersecurity

Article in German:
https://correctiv.org/aktuelles/datenschutz/2024/09/17/kreditvermittlung-bei-check24-und-verivox-kritische-datenlecks-entdeckt/

National School Safety Task Force ​School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit

NATIONAL SCHOOL SAFETY TASK FORCE School Safety Audit https://buff.ly/4662wLD #securityaudit #safetyaudit #schools

National School Safety Task Force School Safety Security Audit only system that meets the USDOE ‘Climate Assessment’ requirement https://buff.ly/4662wLD #schoolsafety #USDOE #securityaudit #safetyaudit