alucab
@alucab.bsky.social
Deep in the trenches of IoT/OT/IoMT Cyber Security. Keeping critical infra safe and often calling BS. Views expressed here are mine (and sometimes unfiltered).
🚨 That "harmless" third-party GitHub action? It was a Trojan horse 🐴
#devsecops #ci #githubactions #supplychainsecurity #cybersecurity
#devsecops #ci #githubactions #supplychainsecurity #cybersecurity
#devsecops #ci #githubactions #supplychainsecurity #cybersecurity | Luca Barba
🚨 That "harmless" third-party GitHub action? It was a Trojan horse 🐴 Your CI/CD pipeline, the backbone of your development, just got served a harsh reality check. That "harmless" third-party GitHub…
buff.ly
April 14, 2025 at 3:25 PM
🚨 That "harmless" third-party GitHub action? It was a Trojan horse 🐴
#devsecops #ci #githubactions #supplychainsecurity #cybersecurity
#devsecops #ci #githubactions #supplychainsecurity #cybersecurity
Reposted by alucab
Why Codefinger represents a new stage in the evolution of ransomware
Why Codefinger represents a new stage in the evolution of ransomware
Forget typical ransomware! Codefinger hijacked cloud keys directly, exposing backup flaws and shared responsibility risks. Time to rethink defense.
buff.ly
April 12, 2025 at 5:42 PM
Why Codefinger represents a new stage in the evolution of ransomware
Reposted by alucab
NIST has dropped some new guidance on IR and how it fits into CSF 2.0.
csrc.nist.gov/pubs/sp/800/...
csrc.nist.gov/pubs/sp/800/...
NIST Special Publication (SP) 800-61 Rev. 3, Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile
This publication seeks to assist organizations with incorporating cybersecurity incident response recommendations and considerations throughout their cybersecurity risk management activities as descri...
csrc.nist.gov
April 5, 2025 at 12:25 PM
NIST has dropped some new guidance on IR and how it fits into CSF 2.0.
csrc.nist.gov/pubs/sp/800/...
csrc.nist.gov/pubs/sp/800/...
Reposted by alucab
NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA
buff.ly
April 5, 2025 at 1:12 PM
NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat | CISA
Reposted by alucab
Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t) — AMPYX CYBER buff.ly/czFPfPC
Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t) — AMPYX CYBER
In the world of Bulk Electric System (BES) cybersecurity, signals of risk don’t always arrive with alarms blaring or malware lighting up dashboards. Sometimes, the signs are quieter—brute force login…
buff.ly
April 5, 2025 at 2:42 PM
Four Years In: What NERC’s Cyber Security Incident Reporting Data Tells Us (and What It Doesn’t) — AMPYX CYBER buff.ly/czFPfPC
Reposted by alucab
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
As medical devices are bought and re-sold on the secondary market, they become harder to find and patch when a new vulnerability is discovered, a doctor told House lawmakers.
buff.ly
April 5, 2025 at 3:12 PM
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Reposted by alucab
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
Follow us on Blue Sky, Mastodon Twitter, Facebook and LinkedIn @Hackread
buff.ly
April 5, 2025 at 3:42 PM
AI Image Site GenNomis Exposed 47GB of Underage Deepfakes
Reposted by alucab
5 Strategies to Strengthen Industrial Cybersecurity
buff.ly
April 5, 2025 at 6:12 PM
5 Strategies to Strengthen Industrial Cybersecurity
Reposted by alucab
Breaking: Director of National Intelligence Tulsi Gabbard has revoked the security clearance for Taylor Swift
March 29, 2025 at 2:06 PM
Breaking: Director of National Intelligence Tulsi Gabbard has revoked the security clearance for Taylor Swift
Ever heard of a computer that uses water to solve complex math problems? 🌊💡
In 1936, Soviet engineer Vladimir Lukyanov created the Water Integrator—an analog computer using water flow, gravity, and pipes to solve differential equations.
#Innovation #Engineering #TechHistory #AnalogComputing
In 1936, Soviet engineer Vladimir Lukyanov created the Water Integrator—an analog computer using water flow, gravity, and pipes to solve differential equations.
#Innovation #Engineering #TechHistory #AnalogComputing
March 26, 2025 at 4:25 PM
Ever heard of a computer that uses water to solve complex math problems? 🌊💡
In 1936, Soviet engineer Vladimir Lukyanov created the Water Integrator—an analog computer using water flow, gravity, and pipes to solve differential equations.
#Innovation #Engineering #TechHistory #AnalogComputing
In 1936, Soviet engineer Vladimir Lukyanov created the Water Integrator—an analog computer using water flow, gravity, and pipes to solve differential equations.
#Innovation #Engineering #TechHistory #AnalogComputing
🚨How remote access creates multiple attack vectors in OT environments.
#OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA
#OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA
#otsecurity #cybersecurity #ics #remoteaccess #threatdetection #lbsra | Luca Barba
🚨How remote access creates multiple attack vectors in OT environments. #OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA
buff.ly
March 25, 2025 at 4:25 PM
🚨How remote access creates multiple attack vectors in OT environments.
#OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA
#OTSecurity #CyberSecurity #ICS #RemoteAccess #ThreatDetection #LBSRA
🚨 Supply Chain attack are becoming endemic - Malicious #PyPI Packages Stole Cloud Tokens 💡 Remember that XKCD meme about open source? That one guy in Nebraska ?
#pypi #sbom #cybersecurity #supplychainattack #integrity
#pypi #sbom #cybersecurity #supplychainattack #integrity
#pypi #sbom #cybersecurity #supplychainattack #integrity | Luca Barba
🚨 Supply Chain attack are becoming endemic - Malicious #PyPI Packages Stole Cloud Tokens 💡 Remember that XKCD meme about open source? That one guy in…
buff.ly
March 24, 2025 at 6:22 PM
🚨 Supply Chain attack are becoming endemic - Malicious #PyPI Packages Stole Cloud Tokens 💡 Remember that XKCD meme about open source? That one guy in Nebraska ?
#pypi #sbom #cybersecurity #supplychainattack #integrity
#pypi #sbom #cybersecurity #supplychainattack #integrity
Must-Watch Cybersecurity TV Shows 🎯👨💻
Need some hacking inspiration or just love a good cyber-thriller?
🔥 Mr. Robot – The GOAT 🐐
🕵️♂️ Person of Interest – Predict future?
💥 Black Mirror – Every episode = existential crisis 😳
#CyberSecurity #Hacking #TechThriller #TVSeries
Need some hacking inspiration or just love a good cyber-thriller?
🔥 Mr. Robot – The GOAT 🐐
🕵️♂️ Person of Interest – Predict future?
💥 Black Mirror – Every episode = existential crisis 😳
#CyberSecurity #Hacking #TechThriller #TVSeries
March 21, 2025 at 12:33 PM
Must-Watch Cybersecurity TV Shows 🎯👨💻
Need some hacking inspiration or just love a good cyber-thriller?
🔥 Mr. Robot – The GOAT 🐐
🕵️♂️ Person of Interest – Predict future?
💥 Black Mirror – Every episode = existential crisis 😳
#CyberSecurity #Hacking #TechThriller #TVSeries
Need some hacking inspiration or just love a good cyber-thriller?
🔥 Mr. Robot – The GOAT 🐐
🕵️♂️ Person of Interest – Predict future?
💥 Black Mirror – Every episode = existential crisis 😳
#CyberSecurity #Hacking #TechThriller #TVSeries
Are you watching "Zero Day" ?
Ideal to bring your siblings, your mother, your friends and brag about your job, and it is also a lot of fun. 😉
#Cybersecurity #ZeroDay #CriticalInfrastructure #OTSecurity #InfoSec
Ideal to bring your siblings, your mother, your friends and brag about your job, and it is also a lot of fun. 😉
#Cybersecurity #ZeroDay #CriticalInfrastructure #OTSecurity #InfoSec
#cybersecurity #zeroday #criticalinfrastructure #otsecurity #infosec | Luca Barba
Are you watching "Zero Day" ? More Drama Than Reality, But Still Relevant 🤔 While Zero Day serves up a synchronized digital apocalypse, it's more Hollywood than real life. But it does spark a vital…
buff.ly
March 20, 2025 at 8:36 AM
Are you watching "Zero Day" ?
Ideal to bring your siblings, your mother, your friends and brag about your job, and it is also a lot of fun. 😉
#Cybersecurity #ZeroDay #CriticalInfrastructure #OTSecurity #InfoSec
Ideal to bring your siblings, your mother, your friends and brag about your job, and it is also a lot of fun. 😉
#Cybersecurity #ZeroDay #CriticalInfrastructure #OTSecurity #InfoSec
Cost of a Data Breach
In 2024, the average cost of a data breach reached an all-time high of $4.88 million
#cybersecurity #databreach #infosec #cyberresilience
buff.ly/xdE7A0N
In 2024, the average cost of a data breach reached an all-time high of $4.88 million
#cybersecurity #databreach #infosec #cyberresilience
buff.ly/xdE7A0N
March 19, 2025 at 4:25 PM
Cost of a Data Breach
In 2024, the average cost of a data breach reached an all-time high of $4.88 million
#cybersecurity #databreach #infosec #cyberresilience
buff.ly/xdE7A0N
In 2024, the average cost of a data breach reached an all-time high of $4.88 million
#cybersecurity #databreach #infosec #cyberresilience
buff.ly/xdE7A0N
600+ systems down. A hospital paralyzed.
#CyberSecurity #Ransomware #HealthcareSecurity #ThreatIntel #IoMTSecurity
buff.ly/qT46Pxl
#CyberSecurity #Ransomware #HealthcareSecurity #ThreatIntel #IoMTSecurity
buff.ly/qT46Pxl
March 18, 2025 at 4:25 PM
600+ systems down. A hospital paralyzed.
#CyberSecurity #Ransomware #HealthcareSecurity #ThreatIntel #IoMTSecurity
buff.ly/qT46Pxl
#CyberSecurity #Ransomware #HealthcareSecurity #ThreatIntel #IoMTSecurity
buff.ly/qT46Pxl
🔎 Solar Panels: The New Frontline in Cyber Warfare
Hackers have found a new way to target critical infrastructure—through your solar panels.
#Cybersecurity #RenewableEnergy #CriticalInfrastructure #OTSecurity
buff.ly/zkVTF2X
Hackers have found a new way to target critical infrastructure—through your solar panels.
#Cybersecurity #RenewableEnergy #CriticalInfrastructure #OTSecurity
buff.ly/zkVTF2X
March 18, 2025 at 8:36 AM
🔎 Solar Panels: The New Frontline in Cyber Warfare
Hackers have found a new way to target critical infrastructure—through your solar panels.
#Cybersecurity #RenewableEnergy #CriticalInfrastructure #OTSecurity
buff.ly/zkVTF2X
Hackers have found a new way to target critical infrastructure—through your solar panels.
#Cybersecurity #RenewableEnergy #CriticalInfrastructure #OTSecurity
buff.ly/zkVTF2X
IT vs. OT Cybersecurity Champions
🎯 IT: Certified to the moon 🌙 – CISA, CISSP, CCNA, ITIL…
🔫 OT: Just give me IEC 62443, SANS, and a wrench.
#CyberSecurity #OTSecurity #ITvsOT #ICS #IndustrialSecurity #CyberChampion
🎯 IT: Certified to the moon 🌙 – CISA, CISSP, CCNA, ITIL…
🔫 OT: Just give me IEC 62443, SANS, and a wrench.
#CyberSecurity #OTSecurity #ITvsOT #ICS #IndustrialSecurity #CyberChampion
March 17, 2025 at 4:25 PM
IT vs. OT Cybersecurity Champions
🎯 IT: Certified to the moon 🌙 – CISA, CISSP, CCNA, ITIL…
🔫 OT: Just give me IEC 62443, SANS, and a wrench.
#CyberSecurity #OTSecurity #ITvsOT #ICS #IndustrialSecurity #CyberChampion
🎯 IT: Certified to the moon 🌙 – CISA, CISSP, CCNA, ITIL…
🔫 OT: Just give me IEC 62443, SANS, and a wrench.
#CyberSecurity #OTSecurity #ITvsOT #ICS #IndustrialSecurity #CyberChampion
2024 saw an 87% rise in ransomware attacks targeting OT and two new ICS-specific malware
#otsecurity #ics #cyberthreats #ransomware
#otsecurity #ics #cyberthreats #ransomware
#otsecurity #ics #cyberthreats #ransomware #industrialcybersecurity… | Luca Barba
🔴 OT security isn’t a niche problem anymore—it’s a battlefield. 2024 saw an 87% rise in ransomware attacks targeting OT and two new ICS-specific malware…
buff.ly
March 14, 2025 at 4:25 PM
2024 saw an 87% rise in ransomware attacks targeting OT and two new ICS-specific malware
#otsecurity #ics #cyberthreats #ransomware
#otsecurity #ics #cyberthreats #ransomware
eyeInspect is a robust solution designed to safeguard operational technology (OT) and Internet of Things (IoT) environments.
Continuous updates are critical to keep the defense
buff.ly/RAzHrB1
#OTSecurity #Cybersecurity #Forescout #ITOT
Continuous updates are critical to keep the defense
buff.ly/RAzHrB1
#OTSecurity #Cybersecurity #Forescout #ITOT
March 13, 2025 at 4:25 PM
eyeInspect is a robust solution designed to safeguard operational technology (OT) and Internet of Things (IoT) environments.
Continuous updates are critical to keep the defense
buff.ly/RAzHrB1
#OTSecurity #Cybersecurity #Forescout #ITOT
Continuous updates are critical to keep the defense
buff.ly/RAzHrB1
#OTSecurity #Cybersecurity #Forescout #ITOT
Manufacturing’s Silent Cyber Crisis: 75% of cyber incidents in manufacturing last year hit converged IT/OT environments
#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement
#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement
#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement | Luca Barba
🔴 Manufacturing’s Silent Cyber Crisis: IT/OT Convergence Under Attack 75% of cyber incidents in manufacturing last year hit converged IT/OT environments—and…
buff.ly
March 13, 2025 at 1:33 PM
Manufacturing’s Silent Cyber Crisis: 75% of cyber incidents in manufacturing last year hit converged IT/OT environments
#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement
#cybersecurity #otsecurity #itotconvergence #manufacturing #riskmanagement
Luca: "Let's experiment with GitHub Copilot for a quick script."
Also Luca: "Add code to line 76 to strip away all \n and \s from the variable named value and substitute them with a whitespace."
#GitHubCopilot #DeveloperHumor #AI #Programming
👉 Copilot: [see pic😂]
Also Luca: "Add code to line 76 to strip away all \n and \s from the variable named value and substitute them with a whitespace."
#GitHubCopilot #DeveloperHumor #AI #Programming
👉 Copilot: [see pic😂]
March 13, 2025 at 8:36 AM
Luca: "Let's experiment with GitHub Copilot for a quick script."
Also Luca: "Add code to line 76 to strip away all \n and \s from the variable named value and substitute them with a whitespace."
#GitHubCopilot #DeveloperHumor #AI #Programming
👉 Copilot: [see pic😂]
Also Luca: "Add code to line 76 to strip away all \n and \s from the variable named value and substitute them with a whitespace."
#GitHubCopilot #DeveloperHumor #AI #Programming
👉 Copilot: [see pic😂]
10 countries account for 78% of malicious traffic
Top Cybersecurity Trends from Vedere Labs
Top Cybersecurity Trends from Vedere Labs
Luca Barba on LinkedIn: 2024 Threat Roundup from Forescout Vedere Labs
2024 Threat Roundup from Forescout Vedere Labs
buff.ly
March 12, 2025 at 4:25 PM
10 countries account for 78% of malicious traffic
Top Cybersecurity Trends from Vedere Labs
Top Cybersecurity Trends from Vedere Labs
🔐 Schneider Electric’s SCADAPack 470i & 474i take a different approach: baking IT-grade security into rugged OT devices without disrupting operations.
buff.ly/VcZz5YF
#OTSecurity #ICS #SCADA #CyberSecurity #ITOT
buff.ly/VcZz5YF
#OTSecurity #ICS #SCADA #CyberSecurity #ITOT
#otsecurity #ics #scada #cybersecurity #itot | Luca Barba
🔐 Schneider’s Move on RTU Cybersecurity Here’s the reality: Remote sites—whether in water treatment, pipelines, or energy—are prime targets for cyber…
buff.ly
March 12, 2025 at 8:36 AM
🔐 Schneider Electric’s SCADAPack 470i & 474i take a different approach: baking IT-grade security into rugged OT devices without disrupting operations.
buff.ly/VcZz5YF
#OTSecurity #ICS #SCADA #CyberSecurity #ITOT
buff.ly/VcZz5YF
#OTSecurity #ICS #SCADA #CyberSecurity #ITOT