Tom Gilheany
LightNews LightNews
banner
tomgilheany.bsky.social
Tom Gilheany
@tomgilheany.bsky.social
180 followers 290 following 8 posts
Cybersecurity Innovation for AI & Emerging Tech
Board Advisor | Sr. Product Leadership | Innovation
Emerging Tech | AI | Cloud | IoT | Critical Infrastructure
Speaker | Author | Innovator | Patent-Holder
SF Bay Area, USA
Posts Replies Media Videos
tomgilheany.bsky.social
#BSidesSF #BSides BSidesSF 2026 call for Participation is open! If you're interested in being a presenter at BSidesSF (and for a possible chance at presenting on the big IMAX screen!), gather your co-presenters and your best security ideas! bsidessf.org
BSidesSF
BSidesSF 2026 will be held March 21-22! The Call for Participation (CFP) is now open! We are now accepting submissions for presentations, workshops, and other sessions for BSidesSF ...
bsidessf.org
September 10, 2025 at 8:30 PM
tomgilheany.bsky.social
Are you a Product Professional or Startup Founder whose org. is always in Firefighting Mode? Join us online next Wed. in welcoming Lynne Levy - hear the secrets of "Leadership & Influence When Everything's On Fire". #productmanager #FOUNDER svpma.org/events/month...
Leadership and Influence When Everything’s on Fire with Lynne Levy, CEO and Coach, The Inspired Leader - Silicon Valley Product Management Association
How to lead, stay visible, and protect your sanity in times of chaos. Date/Time: Wednesday, August 20, 2025 at 7pm PST online via Zoom Speaker: Lynne Levy, CEO and Coach, The Inspired Leader Topic: Le...
svpma.org
August 15, 2025 at 11:55 AM
Reposted by Tom Gilheany
cti-news.bsky.social
📢 Marks & Spencer’s ransomware nightmare – more details emerge
https://www.bitdefender.com/en-us/blog/hotforsecurity/marks-spencers-ransomware-nightmare-more-details-emerge
June 6, 2025 at 4:36 PM
tomgilheany.bsky.social
www.npr.org/2025/06/05/n...
OpenAI takes down covert operations tied to China and other countries
The company said China and other nations are covertly trying to use chatbots to influence opinion around the world. In one case, operatives also used the tools to write internal performance reports.
www.npr.org
June 6, 2025 at 4:38 PM
tomgilheany.bsky.social
Looking forward to hearing from Jen Easterly & Chris Krebs at #RSAC2025 #RSAC shortly!
May 1, 2025 at 4:35 PM
Reposted by Tom Gilheany
campuscodi.risky.biz
Live streams from the BSides San Francisco 2025 security conference, which are taking place over the weekend, are available on YouTube

www.youtube.com/@BSidesSF/st...
April 26, 2025 at 7:25 PM
tomgilheany.bsky.social
Radio check before the second day of setup for #BSidesSF! All charged and ready! #CyberSecurity #RSAC #infosec
April 25, 2025 at 11:28 AM
tomgilheany.bsky.social
1. Unencrypted Data Transmission
2. Hardcoded Encryption Keys
3. Insecure Data Storage (including Username, password & encryption keys).
...
Basic software and application security minimum requirements!
#AI #GenAI #DeepSeek #Cybersecurity #OWASP #AppSec

www.nowsecure.com/blog/2025/02...
NowSecure Uncovers Multiple Security and Privacy Flaws in DeepSeek iOS Mobile App - NowSecureShare on LinkedinShare on XShare on FacebookShare on Mastodon
A NowSecure mobile application security and privacy assessment has uncovered multiple security and privacy issues in the DeepSeek iOS mobile app that lead As the top iOS app since Jan 25, 2025, the De...
www.nowsecure.com
February 10, 2025 at 9:43 PM
tomgilheany.bsky.social
Proposed HIPPA Updates: www.hhs.gov/hipaa/for-pr... #HIPPA #Cybersecurity
www.hhs.gov
December 29, 2024 at 4:58 PM
Reposted by Tom Gilheany
hospitalitytek.bsky.social
FTC orders #Marriott and #Starwood to boost #cybersecurity following major incidents
www.techradar.com/pr...
FTC orders Marriott and Starwood to boost cybersecurity following major incidents
Firms told they failed to implement ‘reasonable data security’
www.techradar.com
December 26, 2024 at 4:10 PM
Reposted by Tom Gilheany
techdesk.flipboard.social.ap.brid.gy
Japan Airlines said it was hit by a cyberattack, causing delays to more than 20 domestic flights but the carrier said it was able to stop the onslaught and restore its systems hours later. Read more at @AssociatedPress. #japanairlines #cybersecurity #tech #technology https://flip.it/mJrcQ-
Airline hit by a cyberattack, delaying flights during the year-end holiday season
Japan Airlines has been hit by a cyberattack that caused delays to more than 20 domestic flights, but it managed to restore its systems within hours.
apnews.com
December 26, 2024 at 4:14 PM
Reposted by Tom Gilheany
deepthoughts10.infosec.exchange.ap.brid.gy
If you allow people outside of your organization to initiate Teams chats with your users, I’d definitely look for this.
#cybersecurity

From: @fabian_bader
https://infosec.exchange/@fabian_bader/113686636768785688
Fabian Bader (@fabian_bader@infosec.exchange)
Attached: 1 image NO-BREAK SPACE unicode characters in the display name are not something your average M365 users use. So better look into #Teams chat messages from those users. #SecurityTip #KQL https://github.com/f-bader/AzSentinelQueries/blob/master/Defender%20XDR/SuspiciousTeamsMessagesBasedOnUnicodeInDisplayName.md
infosec.exchange
December 20, 2024 at 7:23 PM
Reposted by Tom Gilheany
infosec.skyfleet.blue
Researchers Crack Microsoft Azure MFA in an Hour
Researchers Crack Microsoft Azure MFA in an Hour
www.darkreading.com
December 11, 2024 at 8:59 PM
Reposted by Tom Gilheany
mwyr.es
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday - https://mwyr.es/qxoDYhkf #darkreading #infosec #microsoft
Microsoft Fixes Zero-Day, Critical RCEs in Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
mwyr.es
December 11, 2024 at 11:11 PM
Reposted by Tom Gilheany
mwyr.es
Apple Pushes Major iOS, macOS Security Updates - https://mwyr.es/WZ8p0eT4 #securityweek #infosec #apple
Apple Pushes Major iOS, macOS Security Updates
Cupertino ships iOS 18.2 and macOS Sequoia 15.2 patches to fix data leakage, sandbox escapes and code exection vulnerabilities.
mwyr.es
December 11, 2024 at 11:13 PM
Reposted by Tom Gilheany
jpmjr.bsky.social
UK's cyber chief warns of a serious gap between cyber threats and defenses. The NCSC reports a threefold increase in serious cyber incidents. jpmellojr.blogspot.com/2024/12/uk-c... #CyberSecurity #CyberThreats #GCHQ #NCSC
U.K. cybersecurity chief warns of gap between risks and defenses
A warning issued by the new head the United Kingdom's National Cyber Security Centre (NCSC) should be sobering to cybersecurity pros every...
jpmellojr.blogspot.com
December 11, 2024 at 11:09 PM
Reposted by Tom Gilheany
handle.invalid
New Guidance for Federal AI Procurement Embraces Red Teaming and Other HackerOne Suggestions

https://www.hackerone.com/public-policy/federal-ai-procurement-guidance

#cybersecurity #infosec #security #hacker
December 10, 2024 at 4:45 PM
Reposted by Tom Gilheany
hackingne.ws
A critical vulnerability (CVE-2024-49600) in Dell Power Manager (versions before 3.17) allows local attackers to execute malicious code. Update to version 3.17 or later immediately. No workarounds exist.
December 10, 2024 at 5:00 PM
Reposted by Tom Gilheany
boblord.bsky.social
🔐 In case you missed my thoughts on HTTPS:
https://buff.ly/3Z9euRV

We still have a long way to go before products are secure by design, but let’s not overlook the massive improvements in network security over the past decade. Enjoy that café Wi-Fi and ignore the evil barista hacklore. 😉
The Quiet HTTPS Revolution
In a recent post, I explained that the websites I visit on my Chromebook are almost all delivered over HTTPS. Better still, 100% of the…
buff.ly
December 9, 2024 at 10:00 AM
Reposted by Tom Gilheany
infosec.skyfleet.blue
Multiple QNAP Vulnerabilities Let Remote Attackers To Compromise The System Remotely
Multiple QNAP Vulnerabilities Let Remote Attackers To Compromise The System Remotely
QNAP Systems has disclosed multiple critical vulnerabilities affecting its QTS and QuTS hero operating systems.
cybersecuritynews.com
December 9, 2024 at 8:42 AM
Reposted by Tom Gilheany
infosec.skyfleet.blue
How Chinese insiders are stealing data scooped up by President Xi's national surveillance system
How Chinese insiders exploit its surveillance state
'It's a double-edged sword,' security researchers tell The Reg
www.theregister.com
December 8, 2024 at 5:17 PM
tomgilheany.bsky.social
Cybersecurity......in......spaaaaaaace! This article parallels a fascinating presentation I attended last month, given by a Cybersecurity professional at NASA/JPL. When your operating environment changes drastically, if affects security drastically as well! www.cnbc.com/2024/11/30/i...
In the new space race, hackers are hitching a ride into orbit
As space exploration rapidly evolves, so do the cybersecurity threats facing spacecraft, satellites, and space-based systems.
www.cnbc.com
December 2, 2024 at 6:54 PM
Reposted by Tom Gilheany
taggart-tech.com
It's that time of year again!
November 12, 2024 at 4:04 PM