Just the Russian GRU doing Russian GRU type stuff. Kudos to all agencies (USG and allies) for getting this out.
www.cisa.gov/news-events/...
Hardcoded credentials in the Signal archiving tool used by the White House is a five-alarm security dumpster fire.
Put it in the Louvre
"Make CISA great again."
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
“I dOn’T ThInK I eVeR MeT hIm”
Chris Krebs is America’s next profile in courage. The entire nation should support this honorable and courageous fellow citizen.
Let the cybering begin! Happy to see my friend @thekrebscycle.bsky.social here @cyberlawcon.bsky.social and talking about not only what matters in cyber, but why cyber lawyering matters too.
🗼 🇨🇳 "The Chinese are preparing for war. Are we?" SentinelOne’s @thekrebscycle.bsky.social weighs in on how China's access to the cranes at key U.S. ports could impact homeland security and even the U.S. military.
📺 To learn more, watch the full video clip: s1.ai/CBS-Cranes
RIP Dry January. HTTC
I would never admit this to my neighbors. We’d have to move.
Grumble grumble
It finally happened. In a recent move I threw out my "box o' cables." I thought, "nah, I'll never need those old things, I'm all modernized and stuff." Welp, today I needed a VGA cord to hook up an old monitor to an old DVR.....
The US says the FBI hacked ~4.2K devices in the US to delete PlugX, malware used by China-backed hackers since 2014, after obtaining warrants in August 2024 (Carly Page/TechCrunch)
Main Link | Techmeme Permalink
This never happened. Nope. Never.
Had a blast in Sydney, AUS recording a live "Wide World of Cyber" podcast w/ @patrick.risky.biz. Awesome crowd, timely content, & even better weather (early summer in Sydney ain't bad!). Sadly, no Kangaroo 🦘 sightings, but the biggest bats🦇I've ever seen! 10/10, would do again!
🇦🇺 SentinelOne's @thekrebscycle.bsky.social and @patrick.risky.biz dive deep into China's cyber activities, such as its Salt Typhoon intrusions into American telcos and Volt Typhoon prepositioning within critical infrastructure. What's coming in the next 12-24 months?
👉Watch more: s1.ai/WWC-ccp
Guess you could argue that volt only matters if activated whereas salt matters right now (God these terms are maddening)
Either way, I still think that focussing on ripping out whatever remains of Chinese infrastructure as the top priority response to salt flies in the face of the evidence about it
Also think salt, whilst important, is spying. Volt is more strategically significant as it’s a precursor to the disruption of civilian CNI, so way more serious & unlike salt a major departure from (a) norms & (b) previous Chinese ops
Absolutely - it’s salt & the naming are silly & unhelpful (I also posted about that!).
I do wonder though if this is a distraction: afaik from the publicly available info Salt wasn’t primarily due to Chinese kit but weaknesses in US (& other western) built, US operated infrastructure 1/2
For the sake of the special relationship I’ll refrain.
I could make a British cuisine joke but I won’t.
US Government moving on China associated TP Link as another concern in our cyber supply chain. Growing to dominate the residential WiFi and router market, they are seen as vulnerable and a tool used in hacks. Similar to advisories on Huawei and Kaspersky, move away!
www.bloomberg.com/news/article...
'A dozen Western countries - Britain, Germany, Poland, the Netherlands, five Nordic nations and the three Baltic states - agreed on Monday to "disrupt and deter" Russia's shadow fleet.' Including through forcible boarding. www.reuters.com/world/europe...
This week's show is up!
As video:
risky.biz/video/risky-...
As audio:
risky.biz/RB775/
Workers are adopting generative AI faster than companies can issue guidelines on how to do so; a survey says ~25% the US workforce already uses the tech weekly (Stephanie Stacey/Financial Times)
Main Link | Techmeme Permalink
Great convo here between @patrick.risky.biz and some guy named @thekrebscycle.bsky.social with medium fashion sense.
