Greg Otto

Pentagon gets new CISO with appointment of Aaron Bishop Aaron Bishop has been tapped to serve as the Defense Department's chief information security officer and deputy CIO for cybersecurity.

James “Aaron” Bishop has been tapped to serve as the Pentagon’s chief information security officer and deputy CIO for cybersecurity, the department announced on social media Thursday. defensescoop.com/2026/03/05/p...

@snlyngaas.bsky.social and crew had it first, something i'm sure i will hear about in a text message or two

FBI targeted with ‘suspicious’ activity on its networks The FBI found evidence that its networks had been targeted in a suspected cybersecurity incident, the bureau confirmed on Thursday, without sharing any further details.

NEW: FBI targeted with ‘suspicious’ activity on its networks cyberscoop.com/fbi-targeted...

I truly do think all of the "Noem out, Mullin in" posts and stories are failing American democracy right now!

Trump is announcing his nominee.

That's it.

If the Senate majority wants to confirm him, they're a part of this—even after knowing what they know now.

And that matters come November.

I kinda did this when I was messing with OpenClaw over the weekend, and i nearly slipped into a coma

No one told me the "vibe" in "vibe coding" was "bad acid trip"

NASA chatbots, Treasury coding, OPM drafting: How agencies have deployed Claude Federal agencies are working to halt their use of Anthropic tools amid a battle between the Claude maker and President Trump over how those services should be used.

NASA chatbots, Treasury coding, OPM drafting: Federal agencies are working to halt their use of Anthropic tools amid a battle between the company and President Trump over how those services should be used fedscoop.com/nasa-chatbot...

LLMs are getting better at unmasking people online Can online anonymity survive generative AI? A new ETH Zurich study reveals how LLMs can automate deanonymization attacks, unmasking anonymous users in minutes at a fraction of the cost of traditional ...

LLMs are getting better at unmasking people online cyberscoop.com/ai-deanonymi...

Love the part about the official CoD account saying the leaker was wrong. Are they gonna C&D every smooth-brained CoD player who expresses a terrible opinion on the internet?

Authorities from 14 countries shut down major cybercrime forum LeakBase The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database.

Authorities from 14 countries shut down major cybercrime forum LeakBase cyberscoop.com/leakbase-cyb...

Or use this company’s open source project? 🤷‍♂️

AI security company Fallen Angel Systems red-teamed their own AI agent and found it would casually leak infrastructure, creds, and personal details with simple questions - No jailbreaks, no prompt injection, no encoding tricks. Really interesting read - fallenangelsystems.com/blog/we-red-...

Well it nearly killed me but i have a viable openclaw bot that actually is already turning up stuff for us to cover. I am by no means a developer, but fwiw, do not try to hook up your bot to WhatsApp or Slack. Total nightmare.

The antithesis sentence structure sticks out to me now like the sorest thumb on the planet. I'm not anti-AI but, its just everywhere. Unique language stands out more than ever nowadays.

I'm learning this is the way

Oh my god the last instance of what I was trying to do worked and I didn’t see it and I deleted the container in a fit of rage I WANT TO DIEEEEEEEEE

Spent eight hours today trying to set up an openclaw bot that fed into a slack instance and I can, without a doubt, say that I’ve never hated computers more than I do than this moment in time

Senator puts hold on Trump’s pick for top uniformed cyber chief over lack of experience, 'vague' answers to surveillance questions A Democratic senator on the intelligence committee said he would block Trump’s pick for top uniformed cyber chief because his nominee “is not qualified for this job."

new from @dflawrence.bsky.social: @wyden.senate.gov said in a letter this week he would block Trump’s pick for the top uniformed cyber chief because he “is not qualified for this job” along with “vague assurances about following the law” defensescoop.com/2026/02/27/w...

Gottumukkala out, Andersen in as acting CISA director Madhu Gottumukkala steps down as acting director of CISA, replaced by Nick Andersen. The move follows criticism of agency performance and leadership shifts at DHS.

Gottumukkala out, Andersen in as acting CISA director cyberscoop.com/cisa-leaders...

Might dress as the Napster logo for the Halloween show

Metallica Announce Las Vegas Sphere Residency, With ‘No Repeat Weekends’ As expected, Metallica has announced that the band will debut its 'Life Burns Faster' residency at Sphere in Las Vegas later this year.

Ready to go into debt for this variety.com/2026/music/n...

Vulnerabilities grew like weeds in 2025, but only 1% were weaponized in attacks Too many defenders and researchers are paying attention to defects and unsubstantiated exploit concepts that aren’t worth their time, VulnCheck’s Caitlin Condon said.

Would-be attackers spent 2025 swimming in a sea of more than 40,000 newly published vulnerabilities, VulnCheck said in a report released Wednesday, but only 1% of those defects were exploited in the wild cyberscoop.com/vulncheck-ex...

Across party lines and industry, the verdict is the same: CISA is in trouble One year into the second Trump administration, CISA faces a 33% loss in personnel and shuttered divisions. Experts warn of "decimated" capabilities and a leadership vacuum as the agency struggles to m...

Former CISA employees say the "level of trust" between the feds and the private sector is weakening or gone, and they worry the country is moving toward a fragmented, every-sector-for-itself reality. cyberscoop.com/cisa-personn...

Across party lines and industry, the verdict is the same: CISA is in trouble One year into the second Trump administration, CISA faces a 33% loss in personnel and shuttered divisions. Experts warn of "decimated" capabilities and a leadership vacuum as the agency struggles to m...

With Sean Plankey’s nomination stalled, Acting Director Madhu Gottumukkala is overseeing a chaotic transition. One industry source told CyberScoop that "nobody would argue he’s doing a great job," pointing to reported security lapses and a "lack of capacity." cyberscoop.com/cisa-personn...

Across party lines and industry, the verdict is the same: CISA is in trouble One year into the second Trump administration, CISA faces a 33% loss in personnel and shuttered divisions. Experts warn of "decimated" capabilities and a leadership vacuum as the agency struggles to m...

CISA's brain drain is big: it's lost roughly 1/3 of the workforce. Congress has noticed: Rep. Andrew Garbarino warns that "the best and brightest have left," while Rep. Bennie Thompson notes the agency is significantly weaker due to this lack of manpower. cyberscoop.com/cisa-personn...

Across party lines and industry, the verdict is the same: CISA is in trouble One year into the second Trump administration, CISA faces a 33% loss in personnel and shuttered divisions. Experts warn of "decimated" capabilities and a leadership vacuum as the agency struggles to m...

Is the Shields Up era of CISA over? A year into the second Trump admin, @timstarks.bsky.social talked to industry experts and fmr officials who now describe an agency being hollowed out, with the "connective tissue" of cyber defense failing just as threats intensify. cyberscoop.com/cisa-personn...

Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker Peter Williams was sentenced to seven years in prison Tuesday for selling restricted zero-day exploits to a Russian broker. Prosecutors say the $35M trade secret theft involved the specialized Trenchant unit.

Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker cyberscoop.com/l3harris-exe...

Peter Williams sentenced to 87 months (7 years, 3 months), story to come shortly

For anyone that follows this stuff, you will not be surprised to know Williams is being sentenced as we speak in DC federal court. Sentence and story to come when the judge hands down her decision

Treasury Sanctions Exploit Broker Network for Theft and Sale of U.S. Government Cyber Tools First-Ever Action Under the Protecting American Intellectual Property ActWASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated Sergey Sergeyevich Zelenyuk (Zelenyuk) and his company, Matrix LLC (doing business as Operation Zero), as well as five associated individuals and entities, for their acquisition and distribution of cyber tools harmful to U.S. national security.  Zelenyuk and Operation Zero trade in “exploits”—pieces of code or techniques that take advantage of vulnerabilities in a computer program to allow users to gain unauthorized access, steal information, or take control of an electronic device—and have offered rewards to anyone who will provide them with exploits for U.S.-built software.  Among the exploits that Operation Zero acquired were at least eight proprietary cyber tools, which were created for the exclusive use of the U.S. government and select allies and which were stolen from a U.S. company.  Operation Zero then sold those stolen tools to at least one unauthorized user.“If you steal U.S. trade secrets, we will hold you accountable,” said Secretary of the Treasury Scott Bessent.  “Treasury will continue to work alongside the rest of the Trump Administration to protect sensitive American intellectual property and safeguard our national security.”This action coincides with an investigation by the Department of Justice and the Federal Bureau of Investigation of Peter Williams, an Australian national and a former employee of the aforementioned U.S. company who pleaded guilty on October 29, 2025, to two counts of theft of trade secrets. Williams stole several proprietary cyber tools from the company between 2022 and 2025 and sold them to Operation Zero in exchange for millions of dollars paid in cryptocurrencies.OFAC is designating Zelenyuk, Operation Zero, and the five associated individuals and entities pursuant to Executive Order (E.O.) 13694, as further amended by E.O. 14306 (“E.O. 13694, as further amended”).  In parallel with this action, the Department of State is sanctioning Zelenyuk, Operation Zero, and an affiliated UAE company, Special Technology Services LLC FZ (STS) pursuant to the Protecting American Intellectual Property Act (PAIPA).  These are the first persons sanctioned under this law, which provides for sanctions against persons who have knowingly engaged in, or benefitted from, significant theft of trade secrets of United States persons, if the theft of such trade secrets is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.  Please refer to the Department of State’s press release for more information about this action under PAIPA. ZELENYUK’S ACQUISITION AND SALE OF CYBER TOOLSRussian national Zelenyuk,through his St. Petersburg, Russia-headquartered company Operation Zero, has been active as an exploit broker since 2021.  Operation Zero has offered millions of dollars in bounties to cybersecurity researchers and others for the development or acquisition of exploits targeting commonly used software, including U.S.-built operating systems and encrypted messaging applications.  Operation Zero does not disclose the discovered exploits to the companies developing the affected software, and Operation Zero customers could use the tools to launch ransomware attacks or engage in other malign activities.  In advertisements and other public-facing materials, Zelenyuk and Operation Zero have stated that they will only sell the exploits they acquire to customers from non-NATO countries.  Zelenyuk, through Operation Zero, has sought to sell exploits to foreign intelligence agencies.  Zelenyuk and Operation Zero have also sought to develop other cyber intelligence systems, including spyware and methods to extract personal identifying information and other sensitive data uploaded by users of artificial intelligence applications like large language models.  Operation Zero has sought to recruit hackers to support its activities and develop business relationships with foreign intelligence agencies through use of social media.OFAC is designating Zelenyuk and Operation Zero pursuant to E.O. 13694, as further amended, for being responsible for or complicit in, or having engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a threat to the national security, foreign policy, or economic health or financial stability of the United States, and that have the purpose of or involve causing a misappropriation of funds or economic resources, intellectual property, proprietary or business confidential information, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.OPERATION ZERO’S AFFILIATESBeyond Zelenyuk and Operation Zero, OFAC is imposing sanctions on individuals and companies associated with them.  Marina Evgenyevna Vasanovich (Vasanovich) is Zelenyuk’s assistant. STS is a UAE-based technology company controlled by Zelenyuk.  OFAC is designating Vasanovich and STS pursuant to E.O. 13694, as further amended, for being owned or controlled by, or having acted or purported to act for or on behalf of, directly or indirectly, Zelenyuk.OFAC is also designating Azizjon Makhmudovich Mamashoyev (Mamashoyev) and Oleg Vyacheslavovich Kucherov (Kucherov).  Kucherov is a Russian national and a suspected member of the Trickbot cybercrime gang. OFAC previously designated members of the Trickbot group in February 2023 and September 2023.  Trickbot, first identified in 2016, is a highly modular malware suite that allows the Trickbot cybercrime gang to conduct a variety of malicious cyber activities, including ransomware attacks against the U.S. government, as well as hospitals and healthcare centers across the United States.  Kucherov and Mamashoyev have previously had work relationships with Operation Zero.  OFAC is designating Mamashoyev and Kucherov pursuant to E.O. 13694, as further amended, for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods and services to or in support of, Zelenyuk,Additionally, OFAC is sanctioning Advance Security Solutions, another exploit brokerage firm that, like Operation Zero, offers bounties for exploits for U.S.-built software. Advance Security Solutions is an offensive cybersecurity company created by Mamashoyev with operations in the UAE and Uzbekistan.  OFAC is designating Advance Security Solutions pursuant to E.O. 13694, as further amended, for being owned or controlled by, or having acted or purported to act for or on behalf of, directly, Mamashoyev.SANCTIONS IMPLICATIONSAs a result of today’s action, all property and interests in property of the designated or blocked persons described above that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC.  In addition, any entities that are owned, directly or indirectly, individually or in the aggregate, 50 percent or more by one or more blocked persons are also blocked.  Unless authorized by OFAC, or exempt, OFAC’s regulations generally prohibit all transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of blocked persons. Violations of U.S. sanctions may result in the imposition of civil or criminal penalties on U.S. and foreign persons.  OFAC may impose civil penalties for sanctions violations on a strict liability basis.  OFAC’s Economic Sanctions Enforcement Guidelines provide more information regarding OFAC’s enforcement of U.S. economic sanctions. In addition, financial institutions and other persons may risk exposure to sanctions for engaging in certain transactions or activities involving designated or otherwise blocked persons.  The prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated or blocked person, or the receipt of any contribution or provision of funds, goods, or services from any such person.  The power and integrity of OFAC sanctions derive not only from OFAC’s ability to designate and add persons to the SDN List, but also from its willingness to remove persons from the SDN List consistent with the law.  The ultimate goal of sanctions is not to punish, but to bring about a positive change in behavior.  For information concerning the process for seeking removal from an OFAC list, including the SDN List, or to submit a request, please refer to OFAC’s guidance on Filing a Petition for Removal from an OFAC List.Click here for more information on the individuals and entities designated or otherwise blocked today.###

Treasury sanctions Operation Zero, the Russian zero-day brokerage which former L3 Harris exec Peter Williams sold several exploits to. home.treasury.gov/news/press-r...

CrowdStrike says attackers are moving through networks in under 30 minutes The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.

CrowdStrike says attackers are moving through networks in under 30 minutes cyberscoop.com/crowdstrike-...