WitchyPurpleSec
@witchypurplesec.bsky.social
InfoSec "professional" | privacy advocate | public speaker | nerd | podcaster
https://witchypurplesec.com/
Mentally I'm in the hit 90's film Hackers at all times
On a voyage for the One Piece
https://witchypurplesec.com/
Mentally I'm in the hit 90's film Hackers at all times
On a voyage for the One Piece
At the intersection of this privacy and security issue there is... sadness... and photos from your wedding probably...
It's weird how people forget that privacy issues can become security or safety issues.
It's weird how people forget that privacy issues can become security or safety issues.
NEW: A flaw in the website of Hama Film, a photo booth maker with presence in Australia, UAE and the U.S., exposes pictures and videos of its customers.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Flaw in photo booth maker’s website exposes customers’ pictures | TechCrunch
Hama Film makes photo booths that upload pictures and videos online. But their backend systems have a simple flaw that allows anyone to download customer pictures.
techcrunch.com
December 12, 2025 at 5:09 PM
At the intersection of this privacy and security issue there is... sadness... and photos from your wedding probably...
It's weird how people forget that privacy issues can become security or safety issues.
It's weird how people forget that privacy issues can become security or safety issues.
I went from IT to SysAd to CyberSec. I see a lot of people say you "have" to do SOC first to break into #cybersecurity but that's not true. The same path doesn't have to work for everyone. In this persons case I would take the SysAd role in a heartbeat but that's what works for me.
December 11, 2025 at 6:59 PM
I went from IT to SysAd to CyberSec. I see a lot of people say you "have" to do SOC first to break into #cybersecurity but that's not true. The same path doesn't have to work for everyone. In this persons case I would take the SysAd role in a heartbeat but that's what works for me.
OWASP continues to be a guidepost and key resource pool for baselining your security. With the rapid adoption of AI and teams struggling with budgets their AI Top 10 publications are going to be invaluable over the next several years.
genai.owasp.org/2025/12/09/o...
genai.owasp.org/2025/12/09/o...
December 10, 2025 at 9:47 PM
OWASP continues to be a guidepost and key resource pool for baselining your security. With the rapid adoption of AI and teams struggling with budgets their AI Top 10 publications are going to be invaluable over the next several years.
genai.owasp.org/2025/12/09/o...
genai.owasp.org/2025/12/09/o...
Happy RSAC Speaker Selectionmas to those who celebrate. I hope Santa Hugh Thompson and the rest of the RSAC elves brought you the speaking engagement confirmation you were hoping for.
December 10, 2025 at 7:06 PM
Happy RSAC Speaker Selectionmas to those who celebrate. I hope Santa Hugh Thompson and the rest of the RSAC elves brought you the speaking engagement confirmation you were hoping for.
"While companies often highlight research that benefits them, today’s leading AI labs are given an unusual level of authority to self-report the risks and capabilities of the technology they’re racing to deploy." Is heavy quote that summarizes just a single oddity (issue) around AI and business.
NEW: Four sources tell @mzeff.bsky.social that OpenAI has become reluctant to publish research on the negative economic impacts of AI, including job displacement.
At least two members of OpenAI's economic research team have recently quit over that perceived pullback.
At least two members of OpenAI's economic research team have recently quit over that perceived pullback.
OpenAI Staffer Quits, Alleging Company’s Economic Research Is Drifting Into AI Advocacy
Four sources close to the situation claim OpenAI has become hesitant to publish research on the negative impact of AI. The company says it has only expanded the economic research team’s scope.
www.wired.com
December 9, 2025 at 9:23 PM
"While companies often highlight research that benefits them, today’s leading AI labs are given an unusual level of authority to self-report the risks and capabilities of the technology they’re racing to deploy." Is heavy quote that summarizes just a single oddity (issue) around AI and business.
We've normalized sharing photos of our friends and families for so long this is an unfortunate but not entirely unexpected consequence. Always contact your loved ones directly if you think there's a problem and agree on a secret password or phrase only your loved ones know to prove it's you.
FBI Warns of Hackers Altering Photos Found on Social Media to Use as Fake Proof
FBI Warns of Hackers Altering Photos Found on Social Media to Use as Fake Proof
cybersecuritynews.com
December 8, 2025 at 9:47 PM
We've normalized sharing photos of our friends and families for so long this is an unfortunate but not entirely unexpected consequence. Always contact your loved ones directly if you think there's a problem and agree on a secret password or phrase only your loved ones know to prove it's you.
Reposted by WitchyPurpleSec
#OnThisDay in 1981, Simon & Simon aired “Trapdoors”—likely the first non–sci-fi depiction of computer hacking on US TV. 💻📞
Teen Robbie Rist uses an Apple II + acoustic modem to access a bank—2 years before “hacker” hit mainstream media.
A proto-Whiz Kids story from creator Phil DeGuere.
Teen Robbie Rist uses an Apple II + acoustic modem to access a bank—2 years before “hacker” hit mainstream media.
A proto-Whiz Kids story from creator Phil DeGuere.
December 8, 2025 at 4:50 PM
#OnThisDay in 1981, Simon & Simon aired “Trapdoors”—likely the first non–sci-fi depiction of computer hacking on US TV. 💻📞
Teen Robbie Rist uses an Apple II + acoustic modem to access a bank—2 years before “hacker” hit mainstream media.
A proto-Whiz Kids story from creator Phil DeGuere.
Teen Robbie Rist uses an Apple II + acoustic modem to access a bank—2 years before “hacker” hit mainstream media.
A proto-Whiz Kids story from creator Phil DeGuere.
There is no rule book for getting into CyberSec. Every person I've ever talked to had a different path and they vary wildly. What matters is that you are eager to learn and help. A good manager will recognize that and hire you in a second. Skills can be taught but your heart and drive are yours.
After over 1000 applications, the poster has landed a full-time job in vulnerability remediation at a large corporation. They graduated a year ago with a degree in Cybersecurity Analytics/Operations and had one internship. They advise against believing you must start at a help desk.
It can be done
The search is finally over. After 1000+ applications I finally landed a full time position doing vulnerability remediation at a large corporation. I graduated about a year ago with a bachelors degr...
reddit.com
December 8, 2025 at 8:53 PM
There is no rule book for getting into CyberSec. Every person I've ever talked to had a different path and they vary wildly. What matters is that you are eager to learn and help. A good manager will recognize that and hire you in a second. Skills can be taught but your heart and drive are yours.
Reposted by WitchyPurpleSec
Someone should make a isdowndetectordown website, and then also put it on cloudflare.
December 5, 2025 at 9:04 AM
Someone should make a isdowndetectordown website, and then also put it on cloudflare.
I commissioned new art for The Spooky Cyber Story Club podcast! I worked with an actual human artist on Fiverr and I couldn't be happier with the results.
You can listen on most major platforms or on my RSS site:
rss.com/podcasts/the...
#HumanArt #CyberSecurity #Podcast #CyberHorrorStories
You can listen on most major platforms or on my RSS site:
rss.com/podcasts/the...
#HumanArt #CyberSecurity #Podcast #CyberHorrorStories
December 5, 2025 at 6:29 PM
I commissioned new art for The Spooky Cyber Story Club podcast! I worked with an actual human artist on Fiverr and I couldn't be happier with the results.
You can listen on most major platforms or on my RSS site:
rss.com/podcasts/the...
#HumanArt #CyberSecurity #Podcast #CyberHorrorStories
You can listen on most major platforms or on my RSS site:
rss.com/podcasts/the...
#HumanArt #CyberSecurity #Podcast #CyberHorrorStories
Kevin McCallister is a social engineer. Look at how he handles the grocery store clerk in Home Alone and his entire hotel scheme in Home Alone Lost In New York.
#Cybersecurity #Holidays #SocialEngineering #Hacker
#Cybersecurity #Holidays #SocialEngineering #Hacker
a close up of a young boy 's face with the number 3 in the background
ALT: a close up of a young boy 's face with the number 3 in the background
media.tenor.com
December 1, 2025 at 1:58 PM
Kevin McCallister is a social engineer. Look at how he handles the grocery store clerk in Home Alone and his entire hotel scheme in Home Alone Lost In New York.
#Cybersecurity #Holidays #SocialEngineering #Hacker
#Cybersecurity #Holidays #SocialEngineering #Hacker
If you aren't 100% sold on giving my new #Cybersecurity podcast a listen. Maybe this short clip will help you decide if the remaining 10 minutes is worth your time. The Spooky Cyber Story Club is available on most major podcasting platforms.
rss.com/podcasts/the...
rss.com/podcasts/the...
November 22, 2025 at 6:44 PM
If you aren't 100% sold on giving my new #Cybersecurity podcast a listen. Maybe this short clip will help you decide if the remaining 10 minutes is worth your time. The Spooky Cyber Story Club is available on most major podcasting platforms.
rss.com/podcasts/the...
rss.com/podcasts/the...
If you are looking for a fun (free) team building opportunity or you like game/challenge based learning the #HolidayHack challenge is live now and always a blast.
#CounterHack #CTF #KringleCon
www.sans.org/cyber-ranges...
#CounterHack #CTF #KringleCon
www.sans.org/cyber-ranges...
Holiday Hack Cybersecurity Challenge 2025 | SANS Institute
Join the global cybersecurity community in the most festive and challenging event of the year! The SANS Holiday Hack Challenge cyber range offers FREE, high-quality, and super fun hands-on cybersecuri...
www.sans.org
November 7, 2025 at 6:31 PM
If you are looking for a fun (free) team building opportunity or you like game/challenge based learning the #HolidayHack challenge is live now and always a blast.
#CounterHack #CTF #KringleCon
www.sans.org/cyber-ranges...
#CounterHack #CTF #KringleCon
www.sans.org/cyber-ranges...
While my podcast logo is a bit basic and rough now I'm hoping to have something better by next episode. I've actually had some stellar experiences on Fiverr so I'm commissioning something there. I know AI could make me... something... but I'd prefer a human artist.
November 4, 2025 at 10:13 PM
While my podcast logo is a bit basic and rough now I'm hoping to have something better by next episode. I've actually had some stellar experiences on Fiverr so I'm commissioning something there. I know AI could make me... something... but I'd prefer a human artist.
Thinking about swapping my phone out for a newer device (last years model) so I can run a security focused OS full time. I already use a privacy focused OS on my travel phone so I think im ready to go full time on my primary device.
November 4, 2025 at 3:04 PM
Thinking about swapping my phone out for a newer device (last years model) so I can run a security focused OS full time. I already use a privacy focused OS on my travel phone so I think im ready to go full time on my primary device.
It's Halloween! So it's a great day to announce my new horror themed #cybersecurity #podcast, The Spooky Cyber Story Club! In future episodes I'll be interviewing CyberSec, InfoSec, and Red Team professionals to discuss their cyber horror stories.
rss.com/podcasts/the...
rss.com/podcasts/the...
The Spooky Cyber Story Club | Podcast on RSS.com
The Spooky Cyber Story Club is here to cover all of your cybersecurity horror stories. Instead of monsters, madmen, ghouls, and ghosts, The Spooky Cyber Story Club covers breaches, incidents, hacker e...
rss.com
October 31, 2025 at 1:11 PM
It's Halloween! So it's a great day to announce my new horror themed #cybersecurity #podcast, The Spooky Cyber Story Club! In future episodes I'll be interviewing CyberSec, InfoSec, and Red Team professionals to discuss their cyber horror stories.
rss.com/podcasts/the...
rss.com/podcasts/the...
Dropping a fun project on Friday that mixes my beloved Halloween vibes with #Cybersecurity. I'm pumped to get spooky and help out the CyberSec and InfoSec communities at the same time.
a picture of a fire in the woods was taken by a person named the black
ALT: a picture of a fire in the woods was taken by a person named the black
media.tenor.com
October 28, 2025 at 7:33 PM
Dropping a fun project on Friday that mixes my beloved Halloween vibes with #Cybersecurity. I'm pumped to get spooky and help out the CyberSec and InfoSec communities at the same time.
Always remember AI needs a human element. We have to stop acting like it's infallible. I truly belive we aren't in the Trough of Disillusionment yet. When it comes to AI it feels like the Peak of Inflated Expectations is long and arduous because of the its perceived simplicity and ROI.
October 25, 2025 at 7:25 PM
Always remember AI needs a human element. We have to stop acting like it's infallible. I truly belive we aren't in the Trough of Disillusionment yet. When it comes to AI it feels like the Peak of Inflated Expectations is long and arduous because of the its perceived simplicity and ROI.
If you run into anyone who works at Amazon on the AWS team today give them a hug and buy them a beer because this probably wasn't a great day.
October 20, 2025 at 9:01 PM
If you run into anyone who works at Amazon on the AWS team today give them a hug and buy them a beer because this probably wasn't a great day.
The AWS outage really exemplifies putting all your eggs in one basket. You think "oh my environment is diversified enough and I have failover set up". That's great for things you can control but what happens when tier 1/support systems are also dependent on that same infrastructure (e.g. Atlassian)?
October 20, 2025 at 3:54 PM
The AWS outage really exemplifies putting all your eggs in one basket. You think "oh my environment is diversified enough and I have failover set up". That's great for things you can control but what happens when tier 1/support systems are also dependent on that same infrastructure (e.g. Atlassian)?
Submitted 3 more session topics for #CyberSecurity conferences today. I was out of the game this year so I'm hoping to talk at several red and blue teamer conferences next year.
a man in a blue shirt and tie is talking to another man in front of a bulletin board that says " pete silvia "
ALT: a man in a blue shirt and tie is talking to another man in front of a bulletin board that says " pete silvia "
media.tenor.com
October 15, 2025 at 9:12 PM
Submitted 3 more session topics for #CyberSecurity conferences today. I was out of the game this year so I'm hoping to talk at several red and blue teamer conferences next year.
An example of exactly what I mean. Social media companies are not equipped to handle the storage and protection of ID's so they'll outsource it. Now due to age verification people's ID's are in the wild.
#Cybersecurity #Breaches #CyberSec
discord.com/press-releas...
#Cybersecurity #Breaches #CyberSec
discord.com/press-releas...
October 6, 2025 at 8:01 PM
An example of exactly what I mean. Social media companies are not equipped to handle the storage and protection of ID's so they'll outsource it. Now due to age verification people's ID's are in the wild.
#Cybersecurity #Breaches #CyberSec
discord.com/press-releas...
#Cybersecurity #Breaches #CyberSec
discord.com/press-releas...
If you're a #Cybersecurity professional looking to get started in public speaking try calling your local public library and offer to teach a free #security basics course. You'll get to help people strengthen their security while figuring out your public speaking process in a low risk situation.
a man in a suit and tie is singing into a microphone while standing at a podium .
ALT: a man in a suit and tie is singing into a microphone while standing at a podium .
media.tenor.com
October 6, 2025 at 3:25 PM
If you're a #Cybersecurity professional looking to get started in public speaking try calling your local public library and offer to teach a free #security basics course. You'll get to help people strengthen their security while figuring out your public speaking process in a low risk situation.
Physical security should be included in your #Cybersecurity toolkit. You need to protect your crown jewels (e.g., people, equipment, documents, etc.) When you travel consider bringing a deadbolt strap to prevent unauthorized entry.
www.redteamtools.com/super_grip_d...
#CybersecurityAwarenessMonth
www.redteamtools.com/super_grip_d...
#CybersecurityAwarenessMonth
RTT Deadbolt Safety Strap
www.redteamtools.com
October 5, 2025 at 10:14 PM
Physical security should be included in your #Cybersecurity toolkit. You need to protect your crown jewels (e.g., people, equipment, documents, etc.) When you travel consider bringing a deadbolt strap to prevent unauthorized entry.
www.redteamtools.com/super_grip_d...
#CybersecurityAwarenessMonth
www.redteamtools.com/super_grip_d...
#CybersecurityAwarenessMonth
With the rise of social media and simplified AI tools it's easier than ever to train a model on someone's voice. If you get a panicked phone call from a loved one how do you know it's them? Talk to your family and agree on a password you can ask for to verify their identity.
#Cybersecurity
#Cybersecurity
October 2, 2025 at 5:48 PM
With the rise of social media and simplified AI tools it's easier than ever to train a model on someone's voice. If you get a panicked phone call from a loved one how do you know it's them? Talk to your family and agree on a password you can ask for to verify their identity.
#Cybersecurity
#Cybersecurity