One of our biggest issues as a cybersecurity community and industry is that we inflicted dozens of partly overlapping cryptonyms on the world and just expect them to deal with it because we can't.
Still consistently the best cyber-related podcast out there
כנראה עדיין שוק תרמי כתוצאה מחימום מהיר על אינדוקציה
Considering that one of Israel's overt goals for the war is to destabilize the Iranian government, a nation-wide shutdown of public internet access plays well into Israel's hands.
And it may not even stop further attacks.
Predatory Sparrow has dumped the Nobitex crytpo platform source code on Telegram
They previously stole $90mil worth of assets in a hack yesterday
t.me/gonjeshkdara...
My hot take is that it isn't a lack of strategy, Israel has many viable, ambitious strategies.
It's a constant failure of political will, unity, and patience to enact a strategy.
Interesting! In my book, Offensive Cyber Operations, I talk a lot about the convergence of tactical offensive cyber and electronic warfare.
The resources, approach and desired outcomes are deeply connected.
The UK's move is in line with trends seen elsewhere. Will dive more into it all later.
You could get away with a lot more back then, especially considering that the orgs/people who were targeted had next to nothing for endpoint and network security.
The most interesting bit here is that the best Western gov cyber outfits overhauled their operational approach after the mid-10s to focus more on avoiding detection.
The era of the "factory ops" was too risky with the rise of threat intel.
Harder to reliably spot 2025's Regin, Careto, Flame, etc
"the technical team's analysis indicates that the attacker's methods and related technical proficiency were relatively low-level."
Nothing in the article to explain what makes this "cyber warfare".
If you’ve been laid off from a cyber intel position, please reach out if you’d like to come to @sleuthcon.bsky.social.
NEW: Hundreds of victims are surfacing across the world from zero-day cyberattacks on SAP, in a campaign that one leading cyber expert is comparing to the vast Chinese government-linked Salt Typhoon and Volt Typhoon breaches. cyberscoop.com/sap-cyberatt...
Drama over at X/xAI.
Whatever you ask Grok, it pivots to “white genocide” in South Africa.
The last panel is what Grok claims was a “verbatim” system prompt that caused the behavior. Jury out.
It’s now fixed but they haven’t yet bothered explaining.
This, not those AGI fantastical scenarios.
New from 404 Media: the Signal clone the Trump administration uses was just hacked. TeleMessage makes a modified version of Signal that archives messages for government agencies, Waltz used it. A hacker got some users' messages, group chats. Hugely significant breach www.404media.co/the-signal-c...
Knowing Betz, he has been on a path leading to this for many years.
The literal birth of my firstborn child was less anxiety inducing than a full week of driving and parking in Tel Aviv.
New tech class, new vulnerability class
THREAD: When @thekrebscycle.bsky.social and his workplace, @sentinelone.com, were singled out by Donald Trump on Wednesday, I thought it was an opportunity to weigh the cybersecurity industry's rhetoric against their real world actions.
Cybersecurity is built on trust, I can only imagine how CISA staff must be feeling.
👀 China reportedly acknowledged to outgoing Biden officials in December that it was responsible for the Volt Typhoon critical infrastructure intrusions, linking them to "increasing U.S. policy support for Taiwan." www.wsj.com/politics/nat...
I was there. It was meant literally.
“JD Work — now on the US NSC — shocked some by warning that the US would take lethal action against malicious actors in commercial cyber operations.
Participants who heard [it said] they were unsure if it was meant literally or figuratively”
The Swiss population doesn’t want to buy the F35 anymore, given everything that’s going on in Trump’s US.
In 2020, a 50,1% majority had voted for the acquisition in a referendum.
www.watson.ch/schweiz/wirt...
Why is the headline on all X outage stories about Musk blaming Ukraine for the DDoS? Why aren't media outlets putting the emphasis on the security lapse that allowed script kiddies (or whoever) to launch the attack against X as well as the lack of any evidence that the traffic came from Ukraine IPs?
DDoS attacks frequently use compromised or otherwise co-opted IP addresses. The global distribution helps avoid geofencing defenses.
Public high-confidence attribution takes time and effort. So take any quickfire claims with healthy skepticism.
מסכים לגמרי, האמירות האלו מתעלמות מהמגבלות האינהרנטיות של LLMs. יש הבדל בין עיבוד וניסוח תוכן מורכב לבין חשיבה יוצרת
Great coverage by @kimzetter.bsky.social. In this ecosystem we need to be doubly suspicious of major claims even if published by reputable sources.
Considering the denials it's hard to pin down the truth. That said if things continue we may still see a gradual derisking of Russia by the US.
That's genuinely lovely but if we are to establish soft power diplomatic momentum that isn't dependent on the US establishment maybe do it on a network that isn't Elon's X.
Madness
New from 404 Media: anyone can push updates to the Doge.gov site. Two sources independently found the issue, one made their own decision to deface the site. "THESE 'EXPERTS' LEFT THEIR DATABASE OPEN."
www.404media.co/anyone-can-p...
Yep