Mark Carter

For all of you who proudly served our nation 🇺🇸 thank you 🙏 On this veteran day and every day #usa

Bank of America Discloses Data Breach After Customers' Documents Disappear, Says Names, Addresses, Account Information and Social Security Numbers Affected - The Daily Hodl Bank of America says efforts to locate sensitive documents containing personal information on an undisclosed number of customers have failed. The North Carolina-based bank says it is unable to recover...

🛡️ Bank of America Discloses Data Breach After Customers’ Documents Disappear, Says Names, Addresses, Account Information and Social Security Numbers Affected dailyhodl.com/2025/04/12/b... #Infosec

Great to see authentication and authorization finally integrated into agentic AI 🛡️ Very excited about Agent2Agent Protocol (A2A) 👍 well written technical documentation. Recommended read google.github.io/A2A/#/docume... #MachineLearning #Infosec

🤔 NIST Trustworthy and Responsible AI
NIST AI 100-2e2025 - Adversarial Machine Learning
A Taxonomy and Terminology of Attacks and Mitigations nvlpubs.nist.gov/nistpubs/ai/... #Infosec

Alphabet in Talks to Buy Cloud Security Firm Wiz for $33 Billion Alphabet Inc. is in talks to purchase cloud-security company Wiz Inc. for $33 billion, restarting discussions that were called off last summer after extended negotiations, according to people familiar...

🤯 Alphabet Inc. Said in Talks to Buy Cyber Firm Wiz for $33 Billion www.bloomberg.com/news/article... #Infosec #Google

AI coding assistant refuses to write code, tells user to learn programming instead Cursor AI tells user, “I cannot generate code for you, as that would be completing your work.”…

😜 An AI Coding Assistant Refused to Write Code—and Suggested the User Learn to Do It Himself arstechnica.com/ai/2025/03/a... #AI

TELUS Digital Survey Reveals Enterprise Employees Are Entering Sensitive Data Into AI Assistants More Than You Think Nearly seven out of 10 (68%) enterprise employees who use generative AI (GenAI) at work say they access publicly available GenAI assistants such as Ch

🤔 57% of enterprise employees admit to entering high-risk information into publicly available generative AI assistants, exposing critical security gaps in enterprise AI usage www.businesswire.com/news/home/20... #Infosec

OmniParser V2: Turning Any LLM into a Computer Use Agent - Microsoft Research Yadong Lu, Senior Researcher; Thomas Dhome-Casanova, Software Engineer; Jianwei Yang, Principal Researcher; Ahmed Awadallah, Partner Research Manager Graphic User interface (GUI) automation requires a...

👍 Microsoft Research OmniParser V2: Turning Any LLM into a Computer Use Agent www.microsoft.com/en-us/resear... #MachineLearning

Amazon Q Developer now supports upgrade to Java 21 - AWS Discover more about what's new at AWS with Amazon Q Developer now supports upgrade to Java 21

👍 Amazon Q Developer now supports upgrade to Java 21. In just a few steps, update applications to the latest supported Java versions, gain performance benefits, and remove vulnerabilities in unsupported versions. aws.amazon.com/about-aws/wh... #aWS #Infosec

The Benefits of the M&A Frenzy in Fraud Solutions As cybercriminals exploit AI-generated deepfake scams and synthetic identity fraud, financial institutions are investing heavily in fraud detection, anti-money

🤔 The Benefits of the M&A Frenzy in Fraud Solutions - Emerging Vendors, Consolidation Drive Innovation in Fraud, AML, Scam Prevention. The Global Anti-Scam Alliance reported that scammers stole $1.03 trillion in 2024. www.bankinfosecurity.com/benefits-ma-...

MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack MGM Resorts International agreed to pay $45 million to settle multiple class action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023.

🤔 MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack therecord.media/mgm-agrees-4... #Infosec #Law

What Is China’s DeepSeek and Why Is It Freaking Out the AI World? (Bloomberg) -- DeepSeek, a Chinese AI startup that’s just over a year old, has stirred awe and consternation in Silicon Valley after demonstrating breakthrough artificial-intelligence models that offe...

What Is China’s DeepSeek and Why Is It Freaking Out the AI World? www.yahoo.com/news/china-d... #MachineLearning

Towards System 2 Reasoning in LLMs: Learning How to Think With Meta Chain-of-Thought We propose a novel framework, Meta Chain-of-Thought (Meta-CoT), which extends traditional Chain-of-Thought (CoT) by explicitly modeling the underlying reasoning required to arrive at a particular CoT....

Interesting read 🤔 Towards System 2 Reasoning in LLMs: Learning How to Think With Meta Chain-of-Thought arxiv.org/abs/2501.04682 #MachineLearning

Excellent set of Metrics 🛡️ CISA Issues New Goals to Strengthen IT Cybersecurity www.cisa.gov/resources-to... #Infosec

RICTOR Unveils the World's First Amphibious Passenger Flying Motorcycle, Equipped with Automatic Route Planning and Takeoff/Landing System /PRNewswire/ -- In recent years, the rapid advancement of technology and the growing demand for diversified travel options have brought eVTOL technology into...

😮 RICTOR Unveils the World's First Amphibious Passenger Flying Motorcycle, Equipped with Automatic Route Planning and Takeoff/Landing System www.prnewswire.com/news-release...

Bad Tenable plugin updates take down Nessus agents worldwide Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates.

Bad Tenable plugin updates take down Nessus agents worldwide 🤔 fixing the issue requires manually upgrading www.bleepingcomputer.com/news/securit... #Infosec

The SSO Wall of Shame 🤔 A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. sso.tax #Infosec

Wishing an amazing 2025 to everyone 🎇 happy new year 🥳💃👯‍♂️

China-backed hackers breached US Treasury workstations | CNN Business The US Treasury Department notified lawmakers on Monday that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a “major incident.”

🛡️ ‘Major incident’: China-backed hackers breached US Treasury workstations www.cnn.com/2024/12/30/i... #Infosec

Principal Engineer Roles Framework I have worked on Amazon S3 for ~12 years and if there is one thing that I have learned, it is that when you run complex systems at scale, you must think deeply about how teams work. It’s not enough to...

Good read 🤔 #AWS Principal Engineer Roles Framework. In Amazon, a Principal Engineer is a very senior engineer who set direction on the evolution of your code, shape the culture of your engineering and operations, and improve your product roadmap. www.linkedin.com/pulse/princi...

Convincing a billion users to love passkeys: UX design insights from Microsoft to boost adoption and security | Microsoft Security Blog Passkeys offer faster, safer sign-ins than passwords. Read Microsoft tips for encouraging users to adopt passkeys for improved security.

The era of passwords is ending 👍 Convincing a billion users to love passkeys: UX design insights from #Microsoft to boost adoption. At Microsoft, we block 7,000 attacks on passwords per second—almost double from a year ago www.microsoft.com/en-us/securi... #Infosec

I just saw the future of the web — Google's new Deep Research tool unleashes swarms of AI agents to do in-depth research for you A Gemini feature that has to be seen to be believed

👍 I just saw the future of the web — Google's new Deep Research tool unleashes swarms of AI agents to do in-depth research for you www.tomsguide.com/ai/google-ge... #AI

White House: Salt Typhoon hacked telcos in dozens of countries ​Chinese state hackers, known as Salt Typhoon, have breached telecommunications companies in dozens of countries, President Biden's deputy national security adviser Anne Neuberger said today.

🛡️ Chinese state hackers have breached telecommunications companies in dozens of countries including 8 in #USA President Biden's deputy national security adviser Anne Neuberger said today www.bleepingcomputer.com/news/securit... #Infosec #China

Thinkst Thoughts Writing about our experiences and research findings

TL;DR Our credit card Canarytokens are out of beta. We love these tokens because they provide a novel way to alert on a strong signal of badness blog.thinkst.com #Infosec

Google sues Indian employee over alleged leaks 'See you in court', defendant posts

🧑‍⚖️ #Google sues Pixel engineer who allegedly posted trade secrets online www.theregister.com/2024/11/28/g... #Infosec #Legal

Insurance Companies Face $11.3 Million in Fines Due to Cybersecurity Failures | JD Supra In yet another example of the importance of a robust cybersecurity and data protection system, New York Attorney General (OAG) and the New York State...

nY AG and NYDFS collectively fined the insurance companies GEICO and The Travelers Indemnity Company $11.3 million due to a series of data breaches that accessed customer data www.jdsupra.com/legalnews/in... #Infosec

Insurance Companies Face $11.3 Million in Fines Due to Cybersecurity Failures | JD Supra In yet another example of the importance of a robust cybersecurity and data protection system, New York Attorney General (OAG) and the New York State...

🛡️ nY AG and NYDFS fined the insurance companies GEICO and The Travelers Indemnity Company $11.3 million due to a series of data breaches that accessed customer data https://www.jdsupra.com/legalnews/insurance-companies-face-11-3-million-3432732/ #Infosec

I have created a starter pack to shine light on organizations that make notable contributions back to the #infosec community in the form of generous free tiers, valuable webinars, trainings, resources, etc.

I am sure there are others, just DM or reply with any suggestions!

go.bsky.app/NMbiTUL

You've probably seen this great thread around by now bu just want to add pedantic legal point to the ethical discussion. Personal data released publicly in EU/UK does NOT lose its protection under GDPR. That's a US privacy concept. What protection u get may vary but it's not on/off.

Data broker leaves 600K+ sensitive files exposed online Researcher spotted open database before criminals … we hope

EXCLUSIVE: I spoke with security researcher and discoverer of open databases Jeremiah Fowler about finding 600k+ sensitive files containing thousands of people's criminal histories, background checks, vehicle and property records exposed to the internet in a non-password protected S3 bucket.