Dr. Bilyana Lilly 🦋🌻
@bilyanalilly.bsky.social
Author of “Russian Information Warfare” | Cyber chair, WSF | Randite | Oxonian | Bear huntress
There are two main observations from the recent Radio Hack likely conducted by a pro-#Russia group that significantly disrupted #Poland's Railway System: 1/2
#Poland #Ukraine #Russia
www.wired.com/story/poland...
#Poland #Ukraine #Russia
www.wired.com/story/poland...
The Cheap Radio Hack That Disrupted Poland's Railway System
The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.
www.wired.com
August 27, 2023 at 9:15 PM
There are two main observations from the recent Radio Hack likely conducted by a pro-#Russia group that significantly disrupted #Poland's Railway System: 1/2
#Poland #Ukraine #Russia
www.wired.com/story/poland...
#Poland #Ukraine #Russia
www.wired.com/story/poland...
#BlackHat so far has been an amazing opportunity to connect with good mentors and friends. Say hello if you are here!
August 10, 2023 at 5:50 PM
#BlackHat so far has been an amazing opportunity to connect with good mentors and friends. Say hello if you are here!
Kudos to the @NYTimes for this high-quality investigative work - A Global Web of Chinese Propaganda funded through US nonprofits Leads to a U.S. Tech Mogul
#propaganda #China
https://t.co/xKSeWBS7iF
#propaganda #China
https://t.co/xKSeWBS7iF
t.co
August 5, 2023 at 3:15 PM
Kudos to the @NYTimes for this high-quality investigative work - A Global Web of Chinese Propaganda funded through US nonprofits Leads to a U.S. Tech Mogul
#propaganda #China
https://t.co/xKSeWBS7iF
#propaganda #China
https://t.co/xKSeWBS7iF
Reposted by Dr. Bilyana Lilly 🦋🌻
Are you going to BlackHat? If so, join us at the Daylight Beach Club 10 Aug for some great networking, some pool-side relaxation and incredible vibes. Hang with Grammy nominated DJ Morgan Page.
Register here: https://www.eventbrite.com/e/hubble-blackhat-usa-pool-party-tickets-673225494577
Register here: https://www.eventbrite.com/e/hubble-blackhat-usa-pool-party-tickets-673225494577
August 5, 2023 at 2:57 AM
Are you going to BlackHat? If so, join us at the Daylight Beach Club 10 Aug for some great networking, some pool-side relaxation and incredible vibes. Hang with Grammy nominated DJ Morgan Page.
Register here: https://www.eventbrite.com/e/hubble-blackhat-usa-pool-party-tickets-673225494577
Register here: https://www.eventbrite.com/e/hubble-blackhat-usa-pool-party-tickets-673225494577
Reposted by Dr. Bilyana Lilly 🦋🌻
Join us on this week's #SafeMode podcast as @bilyanalilly.bsky.social analyzes the collaborative efforts that halted Russian cyber threats on Ukraine. Find out the lessons learned and Elon Musk's role in supporting Ukrainian forces. https://cyberscoop.com/radio/writer-and-researcher-bilyana-lilly/
August 3, 2023 at 7:06 PM
Join us on this week's #SafeMode podcast as @bilyanalilly.bsky.social analyzes the collaborative efforts that halted Russian cyber threats on Ukraine. Find out the lessons learned and Elon Musk's role in supporting Ukrainian forces. https://cyberscoop.com/radio/writer-and-researcher-bilyana-lilly/
Welcome to BlueSky, @alenapopova.bsky.social!
July 29, 2023 at 10:54 PM
Welcome to BlueSky, @alenapopova.bsky.social!
Check out this clever spin on MITRE's ATT&CK kill chain for malvertising. Cyber threat intelligence professionals can use the model to track threat actors exploiting this relatively novel attack vector. This is an actionable guide that you don't want to miss!
#cybersecurity #malvertising
#cybersecurity #malvertising
Profiling hackers using the Malvertising Attack Matrix by Confiant
What is Malvertising?
blog.confiant.com
July 29, 2023 at 5:38 PM
Check out this clever spin on MITRE's ATT&CK kill chain for malvertising. Cyber threat intelligence professionals can use the model to track threat actors exploiting this relatively novel attack vector. This is an actionable guide that you don't want to miss!
#cybersecurity #malvertising
#cybersecurity #malvertising
Welcome to BlueSky @aejleslie.bsky.social!
Follow Alexander for high-quality ransomware and other cybercrime analysis!
Follow Alexander for high-quality ransomware and other cybercrime analysis!
July 29, 2023 at 3:36 AM
Welcome to BlueSky @aejleslie.bsky.social!
Follow Alexander for high-quality ransomware and other cybercrime analysis!
Follow Alexander for high-quality ransomware and other cybercrime analysis!
Iliya Sachkov, co-founder of GroupIB, is not a criminal. He built a state-of-the-art platform to catch cyber criminals with Russia's best interest in mind.
The sentence he received is a deplorable example of how Russia's top innovators are smothered by the corrupt Kremlin.
The sentence he received is a deplorable example of how Russia's top innovators are smothered by the corrupt Kremlin.
Russian cybersecurity chief jailed for 14 years for treason
Sachkov who helped found one of Russia’s most prominent cybersecurity firms was accused of aiding foreign spies.
www.aljazeera.com
July 27, 2023 at 5:32 PM
Iliya Sachkov, co-founder of GroupIB, is not a criminal. He built a state-of-the-art platform to catch cyber criminals with Russia's best interest in mind.
The sentence he received is a deplorable example of how Russia's top innovators are smothered by the corrupt Kremlin.
The sentence he received is a deplorable example of how Russia's top innovators are smothered by the corrupt Kremlin.
Hi everyone, I will be attending #BlackHat and #defcon. Get in touch with me if you would like to meet.
July 26, 2023 at 8:15 PM
Hi everyone, I will be attending #BlackHat and #defcon. Get in touch with me if you would like to meet.
DoE's Cybersecurity Capability Maturity Model (C2M2) is worth reading. Its latest version emphasizes both IT and OT security and is aligned with the NIST 800-53 and NIST CSF frameworks.
#cybersecurity #energy
https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
#cybersecurity #energy
https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
www.energy.gov
July 25, 2023 at 11:44 PM
DoE's Cybersecurity Capability Maturity Model (C2M2) is worth reading. Its latest version emphasizes both IT and OT security and is aligned with the NIST 800-53 and NIST CSF frameworks.
#cybersecurity #energy
https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
#cybersecurity #energy
https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
Another area where #Russia’s and #China’s influence operations playbooks converge: Mandiant links #China’s influence operations to protests. https://www.mandiant.com/resources/blog/pro-prc-haienergy-us-news
Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences
Newswire services are being used to distribute pro-PRC content to subdomains of legitimate U.S.-based news outlets.
www.mandiant.com
July 24, 2023 at 7:10 PM
Another area where #Russia’s and #China’s influence operations playbooks converge: Mandiant links #China’s influence operations to protests. https://www.mandiant.com/resources/blog/pro-prc-haienergy-us-news
The Biden administration announces its new smart home cybersecurity label - a move in the right direction for standardizing, recognizing and emphasizing on cybersecurity compliance. https://www.theverge.com/2023/7/18/23798153/fcc-cyber-trust-mark-biden-security
The Biden administration is tackling smart devices with a new cybersecurity label
Look for the “Cyber Trust” label on IoT devices next year.
www.theverge.com
July 18, 2023 at 7:26 PM
The Biden administration announces its new smart home cybersecurity label - a move in the right direction for standardizing, recognizing and emphasizing on cybersecurity compliance. https://www.theverge.com/2023/7/18/23798153/fcc-cyber-trust-mark-biden-security
Reposted by Dr. Bilyana Lilly 🦋🌻
InfoSecSherpa's Data Privacy and Information Security News Roundup for Saturday, July 15, 2023
Features the article, "Gay furry #hackers are targeting US states for passing anti-trans legislation."
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-july-15-2023-83550cb469a9
Features the article, "Gay furry #hackers are targeting US states for passing anti-trans legislation."
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-july-15-2023-83550cb469a9
July 16, 2023 at 12:58 AM
InfoSecSherpa's Data Privacy and Information Security News Roundup for Saturday, July 15, 2023
Features the article, "Gay furry #hackers are targeting US states for passing anti-trans legislation."
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-july-15-2023-83550cb469a9
Features the article, "Gay furry #hackers are targeting US states for passing anti-trans legislation."
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-july-15-2023-83550cb469a9
This was a well-spent Saturday morning with friends in #Manhattanbeach - a welcome pause from my critical infrastructure reading for the day!
July 15, 2023 at 7:34 PM
This was a well-spent Saturday morning with friends in #Manhattanbeach - a welcome pause from my critical infrastructure reading for the day!
An insightful episode of @FT’s Tech Tonic on how #Facebook transformed into a global social media giant connecting over 3 billion https://open.spotify.com/episode/6AtpHUaVYvkitnL2PXXqpQ?si=MPGaI3PgTVi_kyzTtDe4lg&context=spotify%3Ashow%3A6BRSvIBNQnB68GuoXJRCnQ
Peak social media: The ads machine
Listen to this episode from FT News Briefing on Spotify. Mark Zuckerberg used advertising to turn Facebook into the first global social media giant, boasting 3bn users around the world. But today ther...
open.spotify.com
July 15, 2023 at 2:21 PM
An insightful episode of @FT’s Tech Tonic on how #Facebook transformed into a global social media giant connecting over 3 billion https://open.spotify.com/episode/6AtpHUaVYvkitnL2PXXqpQ?si=MPGaI3PgTVi_kyzTtDe4lg&context=spotify%3Ashow%3A6BRSvIBNQnB68GuoXJRCnQ
What are the top 10 #CISO’s knowledge domains? Here’s a great podcast that summarizes them: https://open.spotify.com/episode/3GUg4PcYxLUyhWKQHVqp8R?si=ZgCKR1p-ShCdzgndeblSlw&context=spotify%3Ashow%3A0w9mqg1SY4ytTnehjeGnP1
#59 - CISO Knowledge Domains Part 1
Listen to this episode from CISO Tradecraft® on Spotify. One of the most common questions that we get asked on CISO Tradecraft is what do I need to learn to be a good CISO? After a lot of reflectio...
open.spotify.com
July 11, 2023 at 10:02 PM
What are the top 10 #CISO’s knowledge domains? Here’s a great podcast that summarizes them: https://open.spotify.com/episode/3GUg4PcYxLUyhWKQHVqp8R?si=ZgCKR1p-ShCdzgndeblSlw&context=spotify%3Ashow%3A0w9mqg1SY4ytTnehjeGnP1
#Microsoft is allowed to acquire #Activision. Two stellar companies with awesome teams unite https://www.nytimes.com/2023/07/11/technology/microsoft-activision-deal-ftc.html?smid=url-share
Judge Rejects F.T.C. Delay of $70 Billion Microsoft-Activision Deal
Microsoft also said it was negotiating changes to the deal to satisfy objections made by a British regulator, which could allow it to complete its purchase of the video game giant as soon as this mont...
www.nytimes.com
July 11, 2023 at 8:00 PM
#Microsoft is allowed to acquire #Activision. Two stellar companies with awesome teams unite https://www.nytimes.com/2023/07/11/technology/microsoft-activision-deal-ftc.html?smid=url-share
The head of #Russia’s #Sandworm wrote his master’s thesis on information warfare. I explained how he views destroying governments in it here: https://www.oodaloop.com/archive/2023/06/29/russian-cyber-war-an-elite-russian-hacker-spells-out-his-vision-for-information-confrontation-in-world-politics/
Russian Cyber War: An Elite Russian Hacker Spells Out His Vision for "Information Confrontation in W...
Editor’s note: This post by Dr. Bilyana Lilly provides insights into an aspect of Russia’s information warfare activities. Dr. Lilly, part of the OODA Network, is the author of the book Russian In...
www.oodaloop.com
July 8, 2023 at 6:30 AM
The head of #Russia’s #Sandworm wrote his master’s thesis on information warfare. I explained how he views destroying governments in it here: https://www.oodaloop.com/archive/2023/06/29/russian-cyber-war-an-elite-russian-hacker-spells-out-his-vision-for-information-confrontation-in-world-politics/
Reposted by Dr. Bilyana Lilly 🦋🌻
My thoughts for the New York Times on Prigozhin's aborted mutiny in Russia and what Putin may seek to do next https://www.nytimes.com/2023/07/04/opinion/putin-prigozhin-wagner-group-russia.html
Opinion | Putin Created a Beast, and Now He Has No Idea How to Rein It In
After Yevgeny Prigozhin’s failed mutiny, Vladimir Putin must now figure out what to do with Wagner troops in Latin America, the Middle East and Africa.
www.nytimes.com
July 4, 2023 at 9:07 PM
My thoughts for the New York Times on Prigozhin's aborted mutiny in Russia and what Putin may seek to do next https://www.nytimes.com/2023/07/04/opinion/putin-prigozhin-wagner-group-russia.html
This post offers an overview of the latest Chinese surveillance laws & identifies questions foreign companies doing business in #China should address going forward
https://www.oodaloop.com/archive/2023/07/03/growing-risk-to-us-corporations-prc-laws-expand-ccp-oversight-and-surveillance-requirements/
https://www.oodaloop.com/archive/2023/07/03/growing-risk-to-us-corporations-prc-laws-expand-ccp-oversight-and-surveillance-requirements/
July 3, 2023 at 8:55 PM
This post offers an overview of the latest Chinese surveillance laws & identifies questions foreign companies doing business in #China should address going forward
https://www.oodaloop.com/archive/2023/07/03/growing-risk-to-us-corporations-prc-laws-expand-ccp-oversight-and-surveillance-requirements/
https://www.oodaloop.com/archive/2023/07/03/growing-risk-to-us-corporations-prc-laws-expand-ccp-oversight-and-surveillance-requirements/
#China’s new counterespionage law just came into effect. The law expands the definition of espionage to any documents, data, materials or any other items related to national security interests.
It leaves a lot of room for interpretation giving more power to the #PRC government.
It leaves a lot of room for interpretation giving more power to the #PRC government.
Growing Risk to International Corporations: PRC Laws Expand CCP Oversight and Surveillance Requireme...
This update captures the latest on PRC laws with a special focus on factors relevant to business decision-makers. The content here is tailored to what we recommend every corporate director/board membe...
www.oodaloop.com
July 3, 2023 at 8:53 PM
#China’s new counterespionage law just came into effect. The law expands the definition of espionage to any documents, data, materials or any other items related to national security interests.
It leaves a lot of room for interpretation giving more power to the #PRC government.
It leaves a lot of room for interpretation giving more power to the #PRC government.
Campfire moments at #LakeTahoe
July 3, 2023 at 12:29 AM
Campfire moments at #LakeTahoe
I am proud to have contributed to this analysis of the thesis of #Sandworm’s head, who is in charge of one of the most dangerous cyber actors working on the Russian government’s payroll: https://www.zdf.de/nachrichten/panorama/hacker-sandworm-evgenii-serebriakov-100.html #cyber #infosec #Russia
June 28, 2023 at 6:43 AM
I am proud to have contributed to this analysis of the thesis of #Sandworm’s head, who is in charge of one of the most dangerous cyber actors working on the Russian government’s payroll: https://www.zdf.de/nachrichten/panorama/hacker-sandworm-evgenii-serebriakov-100.html #cyber #infosec #Russia
How #Putin managed #Prigozhin’s attempted coup:
☑️ diffuse - take back control of key territory and information space
☑️ depost - strip Prighozin of his positions
☑️ displace - send him to Belarus
Any other major steps?
☑️ diffuse - take back control of key territory and information space
☑️ depost - strip Prighozin of his positions
☑️ displace - send him to Belarus
Any other major steps?
June 24, 2023 at 11:35 PM
How #Putin managed #Prigozhin’s attempted coup:
☑️ diffuse - take back control of key territory and information space
☑️ depost - strip Prighozin of his positions
☑️ displace - send him to Belarus
Any other major steps?
☑️ diffuse - take back control of key territory and information space
☑️ depost - strip Prighozin of his positions
☑️ displace - send him to Belarus
Any other major steps?