Today we will announce the big winners of our CTF! Stay tuned, we should post around 4pm
#NSEC
It's on 🔥🔥
Ça part 🔥🔥
Pas qu'on veut vous faire regretter de ne pas être des nôtres... quoique! 🥳
Photos du party de Northsec 2025
Not to give you FOMO but a little bit... 🥳
Picture of our party at Northsec 2025
✨ STUDENT CONFERENCE TICKET DRAW ✨
Our sponsor Google is giving away 4 student tickets to our conferences starting this Thursday.
To enter: share this post and mention which conference you'd most like to attend.
Winners will be announced tonight!
Did you know your DNS security could accidentally leak your entire subdomain structure? Enter DNSSEC with NSEC/NSEC3 records, which is great for ensuring integrity and authentication but can also be a sneaky way for attackers to ‘zone walk’ and enumerate your domains...
Darrell Hall breaks it down in our latest blog post: https://www.pentestpartners.com/security-blog/dnssec-nsec-the-accidental-treasure-map-to-your-subdomains/
What's covered:
• How NSEC/NSEC3 can inadvertently expose DNS data
• The difference between zone transfers and zone walking
• How to crack NSEC3 records (and why you should care)
• Real-world examples and mitigation strategies
#DNSSEC #CyberSecurity #Infosec #DNS #NSEC #NSEC3 #ZoneWalking #ThreatIntel
@polysecure J'adore les deux épisodes sur le #nsec ! Ça me donne encore plus hâte à l'an prochain.
#nsec is over, once again it was amazing! Thanks to everyone involved in making it possible. You all rock! The conference and CTF were awesome, I had a great time through it all.
And I'm very proud that my team finished 9th in the CTF. The competition for that top 10 is fierce for that top 10.
I already have my ticket for next year. I'm looking forward to it.
Watch @becojo's #NorthSec talk at 10:45 EDT on YouTube!
https://www.youtube.com/watch?v=YUJu8qkkz-o
catch us tomorrow morning at @NorthSec for an overview on finding vulnerable GitHub Actions workflows in open-source projects at scale, ways of living in a pipeline, and a new SAST tool to analyze CI workflows! #nsec #appsec #supplychain
#nsec is tomorrow!!!! I'm really excited.
I'll be speaking about #Nim #malware and my Stockholm-syndromy relationship tomorrow, May 16th 14:30 at #NSec. There's a nice title card and all!
+ check out Nimfilt, the #IDA plugin I created ('cause if you do, I can justify working on this kind of tool on company time😁)
https://github.com/eset/nimfilt
The next few days should be awesome. We have our internal conference at work this week. I'll miss the last two days because I'll be at the #nsec conference and CTF. And after that, if I still have have some energy left, I'll try a few challenges in the #HackTheBox Business CTF.
So much learning. I think my brain will explode. It will be fun.
Our preciouses just arrived 😍
IT'S GETTING REAL!
*****
Nos précieuses viennent d'arriver 😍
ON SE VOIT TRÈS BIENTÔT!
#NSec #BadgeLife #FlagBot 👀 🤭
I got my ticket for the #nsec conference and CTF. Early bird tickets are now available https://tickets.nsec.io/2024/
R to @KadriSimson: 📜My full speech from the opening of the North Seas Energy Cooperation Ministerial #NSEC can be found here👇
https://ec.europa.eu/commission/presscorner/detail/en/SPEECH_23_5902
🐦🔗: https://nitter.cz/KadriSimson/status/1726546577022705908#m
[2023-11-20 10:22 UTC]
OK, I know a little about DNS but wildcards + #DNSSEC are out of my league. Nevertheless, I'm pretty confident that this TYPE65283 shenanigans Cloudflare is using in its #NSEC RR does not come from the RFCs 🤔
$ dig prout.cloudflare.com +dnssec
...
;; AUTHORITY SECTION:
prout.cloudflare.com. 3600 IN NSEC \000.prout.cloudflare.com. RRSIG NSEC TYPE65283
Im sorry for the delay but we finally released the code for the @NorthSec CTF badge.
🔗 https://github.com/nsec/nsec-badge/
#nsec #badgelife
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst