Just one week late posting this after being snowed into the hotel for two days longer than planned. How lucky was I to help get something new(ish) off the ground in its second year amidst its second calamity and to help speakers showcase their work in the CFP and on the mainstage!

DISTRICTCON IS STILL A GO! We are excited to see you all on Saturday, January 24 as we are still going through our normal programming!

While we are unable to process refunds, we are adding virtual components to Saturday AND Sunday including a livestream for public sessions for ticket holders.

Vibes are high for DistrictCon! We’ll see you tomorrow 😎

Screenshot of Snowstorm hitting east coast

The @districtcon.bsky.social gods ask for their due. The conference may proceed but one natural crisis will occur

HAPPY FRIDAY!!! Our Agenda is now live! Check it out!
Check it out: www.districtcon.org/speakers

One fun thing the @dreadnode.bsky.social CTI agent is unearthing from the Great Firewall leaks is how many of the employees of this Chinese deep-packet inspection/malware intro/censorship company are also part-time (PhD) students

If it can work for them, it can work for me!

.

Interested in Jump The Wall? Applications close Nov 7 🔥
www.districtcon.org/jtw

C U T E

Interesting paper out of Dartmouth about private sector's role in U.S. offensive cyber landscape. Recommends a national offensive cyber strategy and a pilot program for private sector access to "low-risk" targets like crypto scammers and ransomware operators:

sergeybratus.gitlab.io/papers/Dartm...

This is going to be SO good!

We're officially announcing our speakers DistrictCon Year 1! Check out our incredible lineup: www.districtcon.org/speakers

This also includes our Day 1 & Day 2 Keynotes from Ian Levy and Dan Ridge.

And don't forget, GA tickets go on sale November 16! See you in January! 🪩

Come see ya boy

German Firms Hand Over Secrets That China Could Use for Leverage As German firms wrestle with new Chinese controls on rare earths, they are handing Beijing sensitive supply chain information it could potentially use to squeeze manufacturers or shut down production ...

In early 2019 while at the German Parliament‘s Foreign Affairs Committee, I imagined this exact scenario: China using the rare earth supply chain to get fully visibility and self-reinforcing leverage. When urged to develop other sources, such as Malaysia (where I even went), Merkel gov did nothing.

sergeybratus.gitlab.io/papers/Dartm...

Behind the struggle for control of the CVE program Following a funding scare that nearly shuttered the CVE program, outside experts and CISA are positioning to take charge of the 25-year-old system before the next funding crisis hits.

So my other big piece of the day is an inside look at the struggle for the future of the CVE programthat just went live at CyberScoop. 1/2

cyberscoop.com/cve-program-...

Publications

Washington is rethinking the relationship between government agencies and the private sector in offensive cyber, considering giving the private sector a more active role. Perfect timing for @winnona.bsky.social & Sergey Bratus to put out this well-reasoned and legally grounded perspective:

#offensiveaicon

If the CISA 2015 info-sharing law expires tomorrow, CISA the agency may eliminate its real-time threat indicator sharing database, according to a new DHS OIG report. www.oig.dhs.gov/sites/defaul...

Participation in sharing program has been declining since 2020. Post-expiration plans unclear.

Mark your calendars!! 💕

Speaking as a Chinese person, in the Chinese culture, money is often given to others in a gesture of bribery.

districtcon.org/cfp

💕💕💕 this post brings me joy.
Can’t promise power (ffs) but can definitely promise good vibes again! ✨

I stopped by DistrictCon earlier this year, (no ticket) but was able to borrow a badge and such.

The vibes were awesome, the people were great, and even with a multi-block power outage at the venue, they were still able to keep it going.

I recommend this one in DC

Our Call for Papers is officially OPEN!

We are looking for
- Hacking Magic 👾🪄 (cool research, novel TTPs, tool releases, etc.)
- Policy Roundtable Topics ⚖️ (specific cyber topics focused on geopolitics, ethics, legal frameworks, governance, etc.)

www.districtcon.org/cfp

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyber Spies A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.

How did China's top APT hackers come to be? Many were early "Honkers" - patriotic hackers who in late 90s launched low-skill cyberattacks against nations deemed disrespectful to China. But once Honkers developed their skills, PLA/MSS came calling. Based on great research by bsky.app/profile/eube...

Was a ton of fun to talk about the 0day market and Pall Mall at Summercon! Thanks for having me 💕

Mobilizing Cyber Power: The Growing Role of Cyber Militias in China’s Network Warfare Force Structure This report examines how China’s cybersecurity industry fields reserve and militia units in support of the PLA and national mobilization system.

“alignment with CCP priorities offers privileged access to state resources, regulatory favor, and expanded commercial opportunities [to hackers]."

NEW Phenomenal report on Chinese civil military fusion and cyber militias by Kieran Green: margin.re/mobilizing-c...

submit to districtcon.org/junkyard 🐞

We’re proud to announce the Review Board for DistrictCon’s call for papers! Our CFP will open next month, and we're excited to receive all your submissions! www.districtcon.org/cfp