Reposted by Mike Sec
Straight up, I developed and taught — and @kikta.net now teaches — an entire course at the @alperovitch.institute that boils down to “you can shape adversary cyber activity but you can’t deter it because that’s how intelligence operations work”. Being mad at China for playing the game is ridiculous.
November 12, 2025 at 8:12 PM
Straight up, I developed and taught — and @kikta.net now teaches — an entire course at the @alperovitch.institute that boils down to “you can shape adversary cyber activity but you can’t deter it because that’s how intelligence operations work”. Being mad at China for playing the game is ridiculous.
Reposted by Mike Sec
I explained to my class week that despite all the panic about state actor capabilities:
-The biggest threat to electricity is squirrels
-Minecraft skids have the best DDoS capabilities
-No amount of disruption could ever beat misconfiguration, with DNS at the top of the list
-The biggest threat to electricity is squirrels
-Minecraft skids have the best DDoS capabilities
-No amount of disruption could ever beat misconfiguration, with DNS at the top of the list
October 27, 2025 at 9:46 PM
I explained to my class week that despite all the panic about state actor capabilities:
-The biggest threat to electricity is squirrels
-Minecraft skids have the best DDoS capabilities
-No amount of disruption could ever beat misconfiguration, with DNS at the top of the list
-The biggest threat to electricity is squirrels
-Minecraft skids have the best DDoS capabilities
-No amount of disruption could ever beat misconfiguration, with DNS at the top of the list
Reposted by Mike Sec
EXCLUSIVE: President Donald Trump has decided not to nominate Army Lt. Gen. William Hartman to be the next leader of U.S. Cyber Command and the National Security Agency.
On @therecordmedia.bsky.social
therecord.media/william-hart...
On @therecordmedia.bsky.social
therecord.media/william-hart...
Acting US Cyber Command, NSA chief won’t be nominated for the job, sources say
Army Lt. Gen. William Hartman, the acting leader of U.S. Cyber Command and the NSA, will not be nominated to take the job permanently, sources told Recorded Future News.
therecord.media
October 11, 2025 at 12:55 AM
EXCLUSIVE: President Donald Trump has decided not to nominate Army Lt. Gen. William Hartman to be the next leader of U.S. Cyber Command and the National Security Agency.
On @therecordmedia.bsky.social
therecord.media/william-hart...
On @therecordmedia.bsky.social
therecord.media/william-hart...
Data center security being the Achilles heel of AI has been the topic of concern for the last year or two. I think the biggest takeaway from this piece is the need for a business continuity plan - being ready to go back to manual processes where AI has taken over.
www.scworld.com/perspective/...
www.scworld.com/perspective/...
Attacks on data centers: the biggest threat to the AI boom
Here’s a four-step strategy for keeping data centers safe.
www.scworld.com
September 24, 2025 at 12:23 PM
Data center security being the Achilles heel of AI has been the topic of concern for the last year or two. I think the biggest takeaway from this piece is the need for a business continuity plan - being ready to go back to manual processes where AI has taken over.
www.scworld.com/perspective/...
www.scworld.com/perspective/...
Reposted by Mike Sec
Peter Kyle raised eyebrows last year when he said he was made, just hours into office, “very very aware that there was a cybersecurity challenge that our country faced that I simply wasn’t aware of before.”
We report a secret briefing by intel chiefs was responsible: therecord.media/cyberattack-...
We report a secret briefing by intel chiefs was responsible: therecord.media/cyberattack-...
September 9, 2025 at 9:50 AM
Peter Kyle raised eyebrows last year when he said he was made, just hours into office, “very very aware that there was a cybersecurity challenge that our country faced that I simply wasn’t aware of before.”
We report a secret briefing by intel chiefs was responsible: therecord.media/cyberattack-...
We report a secret briefing by intel chiefs was responsible: therecord.media/cyberattack-...
Reposted by Mike Sec
Microsoft: Multiple subsea fiber cuts in the Red Sea impacting global communications
azure.status.microsoft/en-us/status
azure.status.microsoft/en-us/status
September 6, 2025 at 8:50 PM
Microsoft: Multiple subsea fiber cuts in the Red Sea impacting global communications
azure.status.microsoft/en-us/status
azure.status.microsoft/en-us/status
Interesting attack vector. Essentially the AI equivalent of domain squatting, except with AI model names.
www.securityweek.com/ai-supply-ch...
www.securityweek.com/ai-supply-ch...
AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products
An AI supply chain issue named Model Namespace Reuse can allow attackers to deploy malicious models and achieve code execution.
www.securityweek.com
September 4, 2025 at 2:10 PM
Interesting attack vector. Essentially the AI equivalent of domain squatting, except with AI model names.
www.securityweek.com/ai-supply-ch...
www.securityweek.com/ai-supply-ch...
Reposted by Mike Sec
🚨New research drop: Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
It was a pleasure collaborating with Sreekar Madabushi and @kennethkinion.bsky.social from Validin!
Read our blog post: s1.ai/nk-ops
It was a pleasure collaborating with Sreekar Madabushi and @kennethkinion.bsky.social from Validin!
Read our blog post: s1.ai/nk-ops
Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
DPRK-aligned threat actors abuse CTI platforms to detect infrastructure exposure and scout for new assets.
s1.ai
September 4, 2025 at 10:33 AM
🚨New research drop: Contagious Interview | North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms
It was a pleasure collaborating with Sreekar Madabushi and @kennethkinion.bsky.social from Validin!
Read our blog post: s1.ai/nk-ops
It was a pleasure collaborating with Sreekar Madabushi and @kennethkinion.bsky.social from Validin!
Read our blog post: s1.ai/nk-ops
Reposted by Mike Sec
Legislation to renew two federal cybersecurity laws has finally begun moving through Congress, but it’s unclear if lawmakers will be able to pass both bills before an end-of-the-month deadline.
On @therecordmedia.bsky.social
therecord.media/house-homela...
On @therecordmedia.bsky.social
therecord.media/house-homela...
With less than a month to go, House panel votes to extend popular cyber programs
Ten-year extensions of a threat information sharing law and a cybersecurity grant program for states and localities won bipartisan approval in the House Homeland Security Committee.
therecord.media
September 3, 2025 at 3:36 PM
Legislation to renew two federal cybersecurity laws has finally begun moving through Congress, but it’s unclear if lawmakers will be able to pass both bills before an end-of-the-month deadline.
On @therecordmedia.bsky.social
therecord.media/house-homela...
On @therecordmedia.bsky.social
therecord.media/house-homela...
Reposted by Mike Sec
New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details.
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
A look into what action Netscaler customers need to take ASAP.
doublepulsar.com
August 28, 2025 at 9:22 PM
New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details.
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
More to come, including on CVE-2025-7775 too.
doublepulsar.com/citrix-forgo...
The timing of this announcement on the same day that the US and its allies called out Chinese technology companies for hacking is nothing short of ironic…
I find this push-and-pull over a bunch of things — cyber offense, active defense, hacking back, letters of marque, industry issues, policymaking issues — to be really fascinating. cyberscoop.com/google-cyber...
Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense
Google says it is starting a cyber “disruption unit,” a development that arrives in a potentially shifting U.S. landscape toward more offensive-oriented approaches in cyberspace.
cyberscoop.com
August 28, 2025 at 11:21 AM
The timing of this announcement on the same day that the US and its allies called out Chinese technology companies for hacking is nothing short of ironic…
While its expiration isn’t ideal, it isn’t the end of the world. Not all of gov use it, nor do all private orgs want to share under them due to their requirements. It makes it easier on those that don’t want to do the legwork, but it is certainly not the only solution. cyberscoop.com/cisa-2015-ex...
Here’s what could happen if CISA 2015 expires next month
Expiration of a 2015 law could dramatically reduce cyber threat information sharing within industry, as well as between companies and the federal government, almost to the point of eliminating it.
cyberscoop.com
August 18, 2025 at 10:27 AM
While its expiration isn’t ideal, it isn’t the end of the world. Not all of gov use it, nor do all private orgs want to share under them due to their requirements. It makes it easier on those that don’t want to do the legwork, but it is certainly not the only solution. cyberscoop.com/cisa-2015-ex...
Reposted by Mike Sec
Cyber Command has the talent. Now it needs the tools, speed, and innovation to match.
Full Speed Ahead: Optimizing U.S. Cyber Command for the Future Fight - War on the Rocks
Think of U.S. Cyber Command as a Ferrari straining in second gear, unable to shift higher as rivals close the gap on the straightaway. As China and other
warontherocks.com
August 18, 2025 at 7:00 AM
Cyber Command has the talent. Now it needs the tools, speed, and innovation to match.
“Agentic AI is really AI that can take action on your behalf, right? That will become the next insider threat, because, as organizations have these agentic AI deployed, they don’t have built-in guardrails to stop somebody from abusing it”
I've rolled my eyes for years at hyperbolic claims of AI revolutionizing cyber, but especially after Vegas this year I think it's now time to call it: Hackers of every stripe are using LLMs now.
The era of AI hacking has arrived
Hackers and cybersecurity companies have entered an AI arms race.
www.nbcnews.com
August 17, 2025 at 2:23 PM
“Agentic AI is really AI that can take action on your behalf, right? That will become the next insider threat, because, as organizations have these agentic AI deployed, they don’t have built-in guardrails to stop somebody from abusing it”
“True deterrence requires the capacity to continuously undermine an adversary’s capabilities and prepare to impose unacceptable costs.”
Great op-ed presenting the state of play and how the US may be able to course correct its approach to cyber policy.
www.foreignaffairs.com/china/china-...
Great op-ed presenting the state of play and how the US may be able to course correct its approach to cyber policy.
www.foreignaffairs.com/china/china-...
China Is Winning the Cyberwar
America needs a new strategy of deterrence.
www.foreignaffairs.com
August 13, 2025 at 4:00 PM
“True deterrence requires the capacity to continuously undermine an adversary’s capabilities and prepare to impose unacceptable costs.”
Great op-ed presenting the state of play and how the US may be able to course correct its approach to cyber policy.
www.foreignaffairs.com/china/china-...
Great op-ed presenting the state of play and how the US may be able to course correct its approach to cyber policy.
www.foreignaffairs.com/china/china-...
Great example of how cybersecurity is a community.
Spoke with DEFCON Franklin about their incredible work helping water utilities with cyber
If you have cyber experience and want to volunteer to help a local water utility, reach out to them!
therecord.media/def-con-fran...
If you have cyber experience and want to volunteer to help a local water utility, reach out to them!
therecord.media/def-con-fran...
DEF CON volunteers step up to help water sector after China, Iran attack utilities
The DEF CON Franklin project paired volunteer cybersecurity experts with water utilities in four states, hardening their systems against potential nation-state threats. The founders expect that the mo...
therecord.media
August 12, 2025 at 8:14 PM
Great example of how cybersecurity is a community.
Remember: Data poisoning doesn’t stop with model training data in RAG environments. www.scworld.com/feature/llm-...
a rainbow with the words " be more you know " and a star
ALT: a rainbow with the words " be more you know " and a star
media.tenor.com
August 11, 2025 at 11:45 PM
Remember: Data poisoning doesn’t stop with model training data in RAG environments. www.scworld.com/feature/llm-...
While I give the ProPublica team accolades for their digital escorts article, this one lacks direct evidence/connections. Lack of substantive proof leads to analytical leaps, as seen here. Friendly reminder, correlation doesn’t equal causation.
www.propublica.org/article/micr...
www.propublica.org/article/micr...
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China
Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but didn’t mention that it has long used China-based engineers to maintain the...
www.propublica.org
August 1, 2025 at 11:32 PM
While I give the ProPublica team accolades for their digital escorts article, this one lacks direct evidence/connections. Lack of substantive proof leads to analytical leaps, as seen here. Friendly reminder, correlation doesn’t equal causation.
www.propublica.org/article/micr...
www.propublica.org/article/micr...
July 31, 2025 at 6:39 PM
Given the number of government officials who have repeatedly stated the intentions of Volt for the last 2 years, either they were all wrong, or this one is not yet up to speed and may need to be briefed…
cyberscoop.com/feds-still-t...
cyberscoop.com/feds-still-t...
Feds still trying to crack Volt Typhoon hackers’ intentions, goals
Federal analysts are still sizing up what the Chinese hackers known as Volt Typhoon might have intended by setting up shop there, a CISA official said Thursday.
cyberscoop.com
July 31, 2025 at 5:45 PM
Given the number of government officials who have repeatedly stated the intentions of Volt for the last 2 years, either they were all wrong, or this one is not yet up to speed and may need to be briefed…
cyberscoop.com/feds-still-t...
cyberscoop.com/feds-still-t...
Lost in this strategy are the security implications this will have. Where threat actors may have had to gain access to multiple agencies and databases to develop insights on intelligence targets, now they will only need to gain access to the models.
www.defenseone.com/policy/2025/...
www.defenseone.com/policy/2025/...
US government will ingest all federal data into AI models, WH tech director says
That's one of the national-security reasons the U.S. needs to lead the world in AI, said OSTP's Michael Kratsios.
www.defenseone.com
July 31, 2025 at 12:17 AM
Lost in this strategy are the security implications this will have. Where threat actors may have had to gain access to multiple agencies and databases to develop insights on intelligence targets, now they will only need to gain access to the models.
www.defenseone.com/policy/2025/...
www.defenseone.com/policy/2025/...
Similar to something I commented recently on regarding the use of cyber in Russia/Ukraine - that conflict, and underscored by Israel/Iran - showed how cyber is only a means to an end, or a “combined arm” in military parlance, but not the end itself, and should not be viewed that way.
What the Israel-Iran conflict revealed about wartime cyber operations www.atlanticcouncil.org/blogs/new-at...
What the Israel-Iran conflict revealed about wartime cyber operations
The cyber operations on display during the recent twelve-day conflict appear to have offered an incremental edge in warfare, rather than a revolutionary one.
www.atlanticcouncil.org
July 30, 2025 at 6:59 PM
Similar to something I commented recently on regarding the use of cyber in Russia/Ukraine - that conflict, and underscored by Israel/Iran - showed how cyber is only a means to an end, or a “combined arm” in military parlance, but not the end itself, and should not be viewed that way.