1. The simplicity and cost of conducting disruptive operations do not always correlate with the extent of their effectiveness
2. The spillover risk of the #UkraineRussiaWar๏ธ is increasing.
2/2
There are two main observations from the recent Radio Hack likely conducted by a pro-#Russia group that significantly disrupted #Poland's Railway System: 1/2
#Poland #Ukraine #Russia
www.wired.com/story/poland...
#BlackHat so far has been an amazing opportunity to connect with good mentors and friends. Say hello if you are here!
Kudos to the @NYTimes for this high-quality investigative work - A Global Web of Chinese Propaganda funded through US nonprofits Leads to a U.S. Tech Mogul
#propaganda #China
https://t.co/xKSeWBS7iF
Are you going to BlackHat? If so, join us at the Daylight Beach Club 10 Aug for some great networking, some pool-side relaxation and incredible vibes. Hang with Grammy nominated DJ Morgan Page.
Register here: https://www.eventbrite.com/e/hubble-blackhat-usa-pool-party-tickets-673225494577
Join us on this week's #SafeMode podcast as @bilyanalilly.bsky.social analyzes the collaborative efforts that halted Russian cyber threats on Ukraine. Find out the lessons learned and Elon Musk's role in supporting Ukrainian forces. https://cyberscoop.com/radio/writer-and-researcher-bilyana-lilly/
Thank you Michal
Welcome to BlueSky, @alenapopova.bsky.social!
Check out this clever spin on MITRE's ATT&CK kill chain for malvertising. Cyber threat intelligence professionals can use the model to track threat actors exploiting this relatively novel attack vector. This is an actionable guide that you don't want to miss!
#cybersecurity #malvertising
Welcome to BlueSky @aejleslie.bsky.social!
Follow Alexander for high-quality ransomware and other cybercrime analysis!
Iliya Sachkov, co-founder of GroupIB, is not a criminal. He built a state-of-the-art platform to catch cyber criminals with Russia's best interest in mind.
The sentence he received is a deplorable example of how Russia's top innovators are smothered by the corrupt Kremlin.
Hi everyone, I will be attending #BlackHat and #defcon. Get in touch with me if you would like to meet.
DoE's Cybersecurity Capability Maturity Model (C2M2) is worth reading. Its latest version emphasizes both IT and OT security and is aligned with the NIST 800-53 and NIST CSF frameworks.
#cybersecurity #energy
https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
Another area where #Russiaโs and #Chinaโs influence operations playbooks converge: Mandiant links #Chinaโs influence operations to protests. https://www.mandiant.com/resources/blog/pro-prc-haienergy-us-news
The Biden administration announces its new smart home cybersecurity label - a move in the right direction for standardizing, recognizing and emphasizing on cybersecurity compliance. https://www.theverge.com/2023/7/18/23798153/fcc-cyber-trust-mark-biden-security
Furry paw on a computer keyboard.
InfoSecSherpa's Data Privacy and Information Security News Roundup for Saturday, July 15, 2023
Features the article, "Gay furry #hackers are targeting US states for passing anti-trans legislation."
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-saturday-july-15-2023-83550cb469a9
This was a well-spent Saturday morning with friends in #Manhattanbeach - a welcome pause from my critical infrastructure reading for the day!
An insightful episode of @FTโs Tech Tonic on how #Facebook transformed into a global social media giant connecting over 3 billion https://open.spotify.com/episode/6AtpHUaVYvkitnL2PXXqpQ?si=MPGaI3PgTVi_kyzTtDe4lg&context=spotify%3Ashow%3A6BRSvIBNQnB68GuoXJRCnQ
What are the top 10 #CISOโs knowledge domains? Hereโs a great podcast that summarizes them: https://open.spotify.com/episode/3GUg4PcYxLUyhWKQHVqp8R?si=ZgCKR1p-ShCdzgndeblSlw&context=spotify%3Ashow%3A0w9mqg1SY4ytTnehjeGnP1
#Microsoft is allowed to acquire #Activision. Two stellar companies with awesome teams unite https://www.nytimes.com/2023/07/11/technology/microsoft-activision-deal-ftc.html?smid=url-share
The head of #Russiaโs #Sandworm wrote his masterโs thesis on information warfare. I explained how he views destroying governments in it here: https://www.oodaloop.com/archive/2023/06/29/russian-cyber-war-an-elite-russian-hacker-spells-out-his-vision-for-information-confrontation-in-world-politics/
My thoughts for the New York Times on Prigozhin's aborted mutiny in Russia and what Putin may seek to do next https://www.nytimes.com/2023/07/04/opinion/putin-prigozhin-wagner-group-russia.html
This post offers an overview of the latest Chinese surveillance laws & identifies questions foreign companies doing business in #China should address going forward
https://www.oodaloop.com/archive/2023/07/03/growing-risk-to-us-corporations-prc-laws-expand-ccp-oversight-and-surveillance-requirements/
#Chinaโs new counterespionage law just came into effect. The law expands the definition of espionage to any documents, data, materials or any other items related to national security interests.
It leaves a lot of room for interpretation giving more power to the #PRC government.
Campfire moments at #LakeTahoe
I am proud to have contributed to this analysis of the thesis of #Sandwormโs head, who is in charge of one of the most dangerous cyber actors working on the Russian governmentโs payroll: https://www.zdf.de/nachrichten/panorama/hacker-sandworm-evgenii-serebriakov-100.html #cyber #infosec #Russia
How #Putin managed #Prigozhinโs attempted coup:
โ๏ธ diffuse - take back control of key territory and information space
โ๏ธ depost - strip Prighozin of his positions
โ๏ธ displace - send him to Belarus
Any other major steps?
Bulgarian language is not Russian. Bulgaria is not Russia. We are a NATO and a EU member. Bulgaria also supports Ukraine against Russian aggression. Putting Bulgarian language in a Russian bar might have worked in the past. Now, it is an anachronistic oddity.
Welcome to BlueSky @kschake.bsky.social!
A piece of advice โก๏ธ
