#devsecops #ci #githubactions #supplychainsecurity #cybersecurity | Luca Barba 🚨 That "harmless" third-party GitHub action? It was a Trojan horse 🐴 Your CI/CD pipeline, the backbone of your development, just got served a harsh reality check. That "harmless" third-party GitHub…

🚨 That "harmless" third-party GitHub action? It was a Trojan horse 🐴

#devsecops #ci #githubactions #supplychainsecurity #cybersecurity

Why Codefinger represents a new stage in the evolution of ransomware Forget typical ransomware! Codefinger hijacked cloud keys directly, exposing backup flaws and shared responsibility risks. Time to rethink defense.

Why Codefinger represents a new stage in the evolution of ransomware

NIST has dropped some new guidance on IR and how it fits into CSF 2.0.
csrc.nist.gov/pubs/sp/800/...

NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA

Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t) — AMPYX CYBER In the world of Bulk Electric System (BES) cybersecurity, signals of risk don’t always arrive with alarms blaring or malware lighting up dashboards. Sometimes, the signs are quieter—brute force login…

Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t) — AMPYX CYBER buff.ly/czFPfPC

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity As medical devices are bought and re-sold on the secondary market, they become harder to find and patch when a new vulnerability is discovered, a doctor told House lawmakers.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity

AI Image Site GenNomis Exposed 47GB of Underage Deepfakes Follow us on Blue Sky, Mastodon Twitter, Facebook and LinkedIn @Hackread

AI Image Site GenNomis Exposed 47GB of Underage Deepfakes

5 Strategies to Strengthen Industrial Cybersecurity

Taylor Swift photo

Breaking: Director of National Intelligence Tulsi Gabbard has revoked the security clearance for Taylor Swift

Ever heard of a computer that uses water to solve complex math problems? 🌊💡

In 1936, Soviet engineer Vladimir Lukyanov created the Water Integrator—an analog computer using water flow, gravity, and pipes to solve differential equations.

#Innovation #Engineering #TechHistory #AnalogComputing

#otsecurity #cybersecurity #ics #remoteaccess #threatdetection #lbsra | Luca Barba 🚨How remote access creates multiple attack vectors in OT environments. #OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA

🚨How remote access creates multiple attack vectors in OT environments.
#OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA

#pypi #sbom #cybersecurity #supplychainattack #integrity | Luca Barba 🚨 Supply Chain attack are becoming endemic - Malicious #PyPI Packages Stole Cloud Tokens 💡 Remember that XKCD meme about open source? That one guy in…

🚨 Supply Chain attack are becoming endemic - Malicious #PyPI Packages Stole Cloud Tokens 💡 Remember that XKCD meme about open source? That one guy in Nebraska ?

#pypi #sbom #cybersecurity #supplychainattack #integrity

Must-Watch Cybersecurity TV Shows 🎯👨‍💻
Need some hacking inspiration or just love a good cyber-thriller?

🔥 Mr. Robot – The GOAT 🐐
🕵️‍♂️ Person of Interest – Predict future?
💥 Black Mirror – Every episode = existential crisis 😳

#CyberSecurity #Hacking #TechThriller #TVSeries

#cybersecurity #zeroday #criticalinfrastructure #otsecurity #infosec | Luca Barba Are you watching "Zero Day" ? More Drama Than Reality, But Still Relevant 🤔 While Zero Day serves up a synchronized digital apocalypse, it's more Hollywood than real life. But it does spark a vital…

Are you watching "Zero Day" ?

Ideal to bring your siblings, your mother, your friends and brag about your job, and it is also a lot of fun. 😉

#Cybersecurity #ZeroDay #CriticalInfrastructure #OTSecurity #InfoSec

Cost of a Data Breach
In 2024, the average cost of a data breach reached an all-time high of $4.88 million

#cybersecurity #databreach #infosec #cyberresilience
buff.ly/xdE7A0N

600+ systems down. A hospital paralyzed.

#CyberSecurity #Ransomware #HealthcareSecurity #ThreatIntel #IoMTSecurity

buff.ly/qT46Pxl

🔎 Solar Panels: The New Frontline in Cyber Warfare

Hackers have found a new way to target critical infrastructure—through your solar panels.

#Cybersecurity #RenewableEnergy #CriticalInfrastructure #OTSecurity

buff.ly/zkVTF2X

IT vs. OT Cybersecurity Champions

🎯 IT: Certified to the moon 🌙 – CISA, CISSP, CCNA, ITIL…
🔫 OT: Just give me IEC 62443, SANS, and a wrench.

#CyberSecurity #OTSecurity #ITvsOT #ICS #IndustrialSecurity #CyberChampion

#otsecurity #ics #cyberthreats #ransomware #industrialcybersecurity… | Luca Barba 🔴 OT security isn’t a niche problem anymore—it’s a battlefield. 2024 saw an 87% rise in ransomware attacks targeting OT and two new ICS-specific malware…

2024 saw an 87% rise in ransomware attacks targeting OT and two new ICS-specific malware

#otsecurity #ics #cyberthreats #ransomware

eyeInspect is a robust solution designed to safeguard operational technology (OT) and Internet of Things (IoT) environments.

Continuous updates are critical to keep the defense

buff.ly/RAzHrB1

#OTSecurity #Cybersecurity #Forescout #ITOT

#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement | Luca Barba 🔴 Manufacturing’s Silent Cyber Crisis: IT/OT Convergence Under Attack 75% of cyber incidents in manufacturing last year hit converged IT/OT environments—and…

Manufacturing’s Silent Cyber Crisis: 75% of cyber incidents in manufacturing last year hit converged IT/OT environments

#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement

Luca: "Let's experiment with GitHub Copilot for a quick script."

Also Luca: "Add code to line 76 to strip away all \n and \s from the variable named value and substitute them with a whitespace."

#GitHubCopilot #DeveloperHumor #AI #Programming

👉 Copilot: [see pic😂]

Luca Barba on LinkedIn: 2024 Threat Roundup from Forescout Vedere Labs 2024 Threat Roundup from Forescout Vedere Labs

10 countries account for 78% of malicious traffic

Top Cybersecurity Trends from Vedere Labs

#otsecurity #ics #scada #cybersecurity #itot | Luca Barba 🔐 Schneider’s Move on RTU Cybersecurity Here’s the reality: Remote sites—whether in water treatment, pipelines, or energy—are prime targets for cyber…

🔐 Schneider Electric’s SCADAPack 470i & 474i take a different approach: baking IT-grade security into rugged OT devices without disrupting operations.

buff.ly/VcZz5YF

#OTSecurity #ICS #SCADA #CyberSecurity #ITOT

🔎 Types of Cybercrimes on Social Networks

#CyberSecurity #OnlineSafety #DigitalThreat

🔎 IoT: The New Ransomware Gateway

Vedere Labs warned in 2022 with R4IoT—showing how ransomware can exploit IoT to pivot into IT/OT .
2024: Akira, responsible for 15% of incidents last year, just did it

#Cybersecurity #Ransomware #IoTSecurity
buff.ly/p3uqRRU

🔍 How to Spot a Penetration Tester

Pentesters leave digital footprints.
Are you monitoring these signs?

#CyberSecurity #Pentesting #RedTeam #BlueTeam #ThreatHunting

Credits : ACEResponder.com

🔍 "Cybersecurity experts" don’t exist.

Cybersecurity isn’t one skill—it’s an ecosystem. Risk assessment, governance, security operations, architecture, threat intelligence…

No one masters it all.

#CyberSecurity #RiskManagement #ThreatIntelligence #InfoSec #SecurityOps

#cybersecurity #userexperience #threatintelligence #datadriven #otsecurity | Luca Barba 🔍 When DrZeroTrust Put eyeInspect to the Test Seeing Dr. Chase Cunningham try out eyeInspect—and its self-demo capability—hits differently when you know the…

🔍 When DrZeroTrust Put eyeInspect to the Test

Seeing Dr. Chase Cunningham try out eyeInspect—and its self-demo capability—hits differently.

A seamless user experience isn’t just a nice-to-have; it’s the key to adoption.

#CyberSecurity #UserExperience

buff.ly/b2jdfwN