Reposted by Sean Cassidy
Illustrative example of using Asana AI Studio to improve security *and* productivity.
I reporting a phishing attack from gmail - this resulted in a task being created in Asana.
AI automatically triaged the nature of the attack and escalated it based on specifics (like targeting the CEO). 1/2
I reporting a phishing attack from gmail - this resulted in a task being created in Asana.
AI automatically triaged the nature of the attack and escalated it based on specifics (like targeting the CEO). 1/2
June 5, 2025 at 3:21 PM
Illustrative example of using Asana AI Studio to improve security *and* productivity.
I reporting a phishing attack from gmail - this resulted in a task being created in Asana.
AI automatically triaged the nature of the attack and escalated it based on specifics (like targeting the CEO). 1/2
I reporting a phishing attack from gmail - this resulted in a task being created in Asana.
AI automatically triaged the nature of the attack and escalated it based on specifics (like targeting the CEO). 1/2
Reposted by Sean Cassidy
Deafening Silence From The Cybersecurity Industry by Forbes senior contributor Tony Bradley; links to Luta Security CEO's recent blog post @k8em0.bsky.social @lutasecurity.bsky.social
www.forbes.com/sites/tonybr...
www.forbes.com/sites/tonybr...
Deafening Silence From The Cybersecurity Industry
Chris Krebs affirmed the 2020 election was secure. Now he's the target of an Executive Order—and the cybersecurity industry’s silence is enabling a dangerous precedent.
www.forbes.com
April 16, 2025 at 4:59 PM
Deafening Silence From The Cybersecurity Industry by Forbes senior contributor Tony Bradley; links to Luta Security CEO's recent blog post @k8em0.bsky.social @lutasecurity.bsky.social
www.forbes.com/sites/tonybr...
www.forbes.com/sites/tonybr...
Reposted by Sean Cassidy
Here's my blogpost in support of Krebs. It's different enough from those by @stamos.org or @k8em0.bsky.social that it's worth writing, though the conclusion is much the same.
cybersect.substack.com/p/i-am-speak...
cybersect.substack.com/p/i-am-speak...
I am speaking up in support of Chris Krebs
We all need to
cybersect.substack.com
April 17, 2025 at 12:47 AM
Here's my blogpost in support of Krebs. It's different enough from those by @stamos.org or @k8em0.bsky.social that it's worth writing, though the conclusion is much the same.
cybersect.substack.com/p/i-am-speak...
cybersect.substack.com/p/i-am-speak...
Reposted by Sean Cassidy
Working with Chris Krebs and getting to know his wife Emily and their family has been one of the great honors of my life. The attack against their family should be condemned by all.
I have written a post about what is happening to them here: www.linkedin.com/posts/alexst...
I have written a post about what is happening to them here: www.linkedin.com/posts/alexst...
Exclusive | Former Trump Official Targeted With Government Probe Vows to… | Alex Stamos
*The following is a message from Alex and Katie Stamos and does not represent any company or organization*
Working with Chris Krebs and getting to know his wife Emily and their five children has been...
www.linkedin.com
April 16, 2025 at 8:45 PM
Working with Chris Krebs and getting to know his wife Emily and their family has been one of the great honors of my life. The attack against their family should be condemned by all.
I have written a post about what is happening to them here: www.linkedin.com/posts/alexst...
I have written a post about what is happening to them here: www.linkedin.com/posts/alexst...
one of my favorite parts of vibe coding is that it brings one of the core parts of programming - randomly changing things until it's fixed - to everyone
April 2, 2025 at 8:54 PM
one of my favorite parts of vibe coding is that it brings one of the core parts of programming - randomly changing things until it's fixed - to everyone
if someone wrote a really high quality rss reader right now it would do so well
March 30, 2025 at 5:09 AM
if someone wrote a really high quality rss reader right now it would do so well
Reposted by Sean Cassidy
“ThErE Is nO EvIdEnCe oF AnY ThReAt aCtOr aCtIvItY” said the clowns at @lastpass.bsky.social in their many, many updates trying to downplay the severity of this breach.
If you’re using LastPass in 2025, you’re being grossly negligent.
If you’re using LastPass in 2025, you’re being grossly negligent.
Unsealed court docs: US investigators believe hackers behind the 2022 LastPass breach stole $150M in XRP, now worth ~$700M, from one person in January 2024 (Thomas Brewster/Forbes)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
March 8, 2025 at 2:50 AM
“ThErE Is nO EvIdEnCe oF AnY ThReAt aCtOr aCtIvItY” said the clowns at @lastpass.bsky.social in their many, many updates trying to downplay the severity of this breach.
If you’re using LastPass in 2025, you’re being grossly negligent.
If you’re using LastPass in 2025, you’re being grossly negligent.
This example of writing from DeepSeek's r1 model is incredible. It actually persuaded me that the chat interface is more than just a rough first draft of a UI.
Also, "the demon stirs"? I could read this all day.
substack.com/@jasmine/not...
Also, "the demon stirs"? I could read this all day.
substack.com/@jasmine/not...
Jasmine Sun on Substack
for the first time— and it brings me no joy to admit this— an LLM has produced writing I think is actually good
DeepSeek’s new r1 model was able to take some extremely rough bullet points and generat...
substack.com
January 28, 2025 at 2:54 PM
This example of writing from DeepSeek's r1 model is incredible. It actually persuaded me that the chat interface is more than just a rough first draft of a UI.
Also, "the demon stirs"? I could read this all day.
substack.com/@jasmine/not...
Also, "the demon stirs"? I could read this all day.
substack.com/@jasmine/not...
TIL that C function definitions have an implicit semicolon after them, which enables you to put a function declaration in the for loop control block.
lcamtuf.substack.com/p/getting-si...
lcamtuf.substack.com/p/getting-si...
Getting silly with C, part (void*)2
They won't be able to find bugs in your code if they can't figure out how it works.
lcamtuf.substack.com
January 10, 2025 at 5:05 PM
TIL that C function definitions have an implicit semicolon after them, which enables you to put a function declaration in the for loop control block.
lcamtuf.substack.com/p/getting-si...
lcamtuf.substack.com/p/getting-si...
Reposted by Sean Cassidy
Find yourself fixing the family printer today?🎄
We get hit with tech requests & our folks don’t realize they are most at risk bc they reuse their password everywhere!
Thanks @techcrunch.com @zackwhittaker.bsky.social for chatting about how to help our fam at home 💻
techcrunch.com/2024/12/25/h...
We get hit with tech requests & our folks don’t realize they are most at risk bc they reuse their password everywhere!
Thanks @techcrunch.com @zackwhittaker.bsky.social for chatting about how to help our fam at home 💻
techcrunch.com/2024/12/25/h...
December 25, 2024 at 5:08 PM
Find yourself fixing the family printer today?🎄
We get hit with tech requests & our folks don’t realize they are most at risk bc they reuse their password everywhere!
Thanks @techcrunch.com @zackwhittaker.bsky.social for chatting about how to help our fam at home 💻
techcrunch.com/2024/12/25/h...
We get hit with tech requests & our folks don’t realize they are most at risk bc they reuse their password everywhere!
Thanks @techcrunch.com @zackwhittaker.bsky.social for chatting about how to help our fam at home 💻
techcrunch.com/2024/12/25/h...
Reposted by Sean Cassidy
Reporters, this is a story worth covering. It might not be as glamorous as high-profile hacks, and it might not attract as many clicks, but it’s important. The quiet adoption of HTTPS has improved online security for billions of people, and it deserves attention.
medium.com/@boblord/the...
medium.com/@boblord/the...
The Quiet HTTPS Revolution
In a recent post, I explained that the websites I visit on my Chromebook are almost all delivered over HTTPS. Better still, 100% of the…
medium.com
December 20, 2024 at 4:09 AM
Reporters, this is a story worth covering. It might not be as glamorous as high-profile hacks, and it might not attract as many clicks, but it’s important. The quiet adoption of HTTPS has improved online security for billions of people, and it deserves attention.
medium.com/@boblord/the...
medium.com/@boblord/the...
i saw a drone show last night and it was so good i never want to see fireworks ever again. 10/10 no notes
December 15, 2024 at 5:33 PM
i saw a drone show last night and it was so good i never want to see fireworks ever again. 10/10 no notes
Reposted by Sean Cassidy
For anyone interested in detection and prevention methods against Salt Typhoon intrusions targeting communication providers, here is a comprehensive guide:
media.defense.gov/2024/Dec/03/...
media.defense.gov/2024/Dec/03/...
December 4, 2024 at 2:37 PM
For anyone interested in detection and prevention methods against Salt Typhoon intrusions targeting communication providers, here is a comprehensive guide:
media.defense.gov/2024/Dec/03/...
media.defense.gov/2024/Dec/03/...
A few days ago I almost got bit by a .shop fake website impersonating a website I wanted to use.
krebsonsecurity.com/2024/12/why-...
krebsonsecurity.com/2024/12/why-...
December 4, 2024 at 12:29 AM
A few days ago I almost got bit by a .shop fake website impersonating a website I wanted to use.
krebsonsecurity.com/2024/12/why-...
krebsonsecurity.com/2024/12/why-...
why do onions tell you to wash them before use. who is eating the onion skins
November 28, 2024 at 4:28 PM
why do onions tell you to wash them before use. who is eating the onion skins
LLMs are going to take a lot of security industry jobs. We're already starting to see it, and in 2025, and especially 2026, it'll be all we're talking about.
November 27, 2024 at 12:05 AM
LLMs are going to take a lot of security industry jobs. We're already starting to see it, and in 2025, and especially 2026, it'll be all we're talking about.
Reposted by Sean Cassidy
If you're using Telegram? Don't.
At the moment, Signal (signal.org) is the most secure fully mature messaging app that's out there. It's what CULT OF THE DEAD COW uses for our intra-herd conversations, as well as being pretty much the Gold Standard in the information security community right now.
At the moment, Signal (signal.org) is the most secure fully mature messaging app that's out there. It's what CULT OF THE DEAD COW uses for our intra-herd conversations, as well as being pretty much the Gold Standard in the information security community right now.
November 22, 2024 at 12:15 AM
If you're using Telegram? Don't.
At the moment, Signal (signal.org) is the most secure fully mature messaging app that's out there. It's what CULT OF THE DEAD COW uses for our intra-herd conversations, as well as being pretty much the Gold Standard in the information security community right now.
At the moment, Signal (signal.org) is the most secure fully mature messaging app that's out there. It's what CULT OF THE DEAD COW uses for our intra-herd conversations, as well as being pretty much the Gold Standard in the information security community right now.
Reposted by Sean Cassidy
CISO starter pack? Yes please. go.bsky.app/D3emUbj
November 26, 2024 at 12:44 PM
CISO starter pack? Yes please. go.bsky.app/D3emUbj
i will never forget the time, i, a newly minted freshman in college, was in the supermarket and asked if a guy was on line (for checkout). and he said, "you mean, like, on the internet? oh here in rochester we actually say in line rather than on line."
November 25, 2024 at 11:55 PM
i will never forget the time, i, a newly minted freshman in college, was in the supermarket and asked if a guy was on line (for checkout). and he said, "you mean, like, on the internet? oh here in rochester we actually say in line rather than on line."
Reposted by Sean Cassidy
What are your go-to recent research articles on how LLMs are _actually_ being leveraged by threat actors (or could be).
No hypemen and p-doomers please. Deep fakes and “phishing could get better” out os scope.
I’m aware of the Google fuzzing stuff and the OpenAI attrib do a couple months ago.
No hypemen and p-doomers please. Deep fakes and “phishing could get better” out os scope.
I’m aware of the Google fuzzing stuff and the OpenAI attrib do a couple months ago.
November 22, 2024 at 3:38 PM
What are your go-to recent research articles on how LLMs are _actually_ being leveraged by threat actors (or could be).
No hypemen and p-doomers please. Deep fakes and “phishing could get better” out os scope.
I’m aware of the Google fuzzing stuff and the OpenAI attrib do a couple months ago.
No hypemen and p-doomers please. Deep fakes and “phishing could get better” out os scope.
I’m aware of the Google fuzzing stuff and the OpenAI attrib do a couple months ago.
me: my privacy is important! don’t share my personal information!
also me: enters every free online giveaway i see
also me: enters every free online giveaway i see
November 23, 2024 at 5:28 PM
me: my privacy is important! don’t share my personal information!
also me: enters every free online giveaway i see
also me: enters every free online giveaway i see
2024: Wiz acquires Dazz
2025: Bloop acquires Blop
2025: Bloop acquires Blop
November 21, 2024 at 5:50 PM
2024: Wiz acquires Dazz
2025: Bloop acquires Blop
2025: Bloop acquires Blop
I heard someone describe themselves as an AI skeptic recently. What even is an AI Skeptic? Someone who hasn't used any LLMs?
November 19, 2024 at 5:04 PM
I heard someone describe themselves as an AI skeptic recently. What even is an AI Skeptic? Someone who hasn't used any LLMs?