Lightnews — Scholar-powered news

Reposted by Dave Aitel

DEF CON @defcon.defcon.social.ap.brid.gy · 5h

Good thing there's a weekend coming up - the #defcon Youtube channel has dropped a few hundred #defcon33 videos for your leisurely perusal. Clear your schedule and let the #dc33 Main Stage and Creator Stage Talks wash over your thirsty brain […]

[Original post on defcon.social]

4 5

Reposted by Dave Aitel

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 12h

SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.

Spyware maker NSO Group confirms acquisition by US investors | TechCrunch

NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.

techcrunch.com

2 66 76

Dave Aitel @daveaitel.bsky.social · 4d

#offensiveaicon

1 4

Dave Aitel @daveaitel.bsky.social · 4d

#offensiveaicon opens up with Joshua saxe keynote

1

Dave Aitel @daveaitel.bsky.social · 6d

Who else is going to #offensiveAICon tomorrow ?

2 1 3

Reposted by Dave Aitel

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 10d

NEW: A cyberattack has forced Japan's beer maker Asahi to suspend operations at its plants in the country since Monday.

For now, the company said it's experiencing a "system failure" but did not confirm "leakage of personal information or customer data to external parties."

Japan's beer-making giant Asahi stops production after cyberattack | TechCrunch

A day after one of Japan's biggest brewers, Asahi Group, announced it suspended production due to a cyberattack, the company said it has no timeline for its recovery.

techcrunch.com

1 9 13

Dave Aitel @daveaitel.bsky.social · 10d

sora.chatgpt.com/p/s_68dc11f0...

Reposted by Dave Aitel

TechCrunch @techcrunch.com · 10d

Known for its blazing fast internet and home to some of the world’s biggest tech giants, South Korea has also faced a string of data breaches and cybersecurity lapses that has struggled to match the pace of its digital ambitions.

A breach every month raises doubts about South Korea's digital defenses | TechCrunch

Known for its blazing fast internet and home to some of the world’s biggest tech giants, South Korea has also faced a string of data breaches and cybersecurity lapses that has struggled to match the pace of its digital ambitions.

techcrunch.com

1 4 14

Reposted by Dave Aitel

Catalin Cimpanu @campuscodi.risky.biz · 10d

A team of academics has published a paper on Iranian cyber operations targeting ports and maritime infrastructure in the Middle East over the past three years.

pure.royalholloway.ac.uk/en/publicati...

Image of text that reads: on Iranian cyber operations targeting ports and maritime infrastructure in the Middle East over the past three years.
"The research demonstrates that Iranian cyber campaigns combine sophisticated technical approaches—including custom malware deployment, spear-phishing, and SCADA system exploitation—with influence operations to achieve immediate disruption and longer-term strategic goals. [...] Our findings suggest that, though technically sophisticated, Iran's cyber operations targeting maritime infrastructure may ultimately undermine China's BRI objectives of stable trade routes and regional economic integration."

7 11

Reposted by Dave Aitel

Taggart @taggart-tech.com · 11d

If you haven't been following the Ruby drama, this is a solid report sourced from those on the inside. But more importantly, this is a cautionary tale for open source projects to establish clear lines of delineation when corporate entities get involved.

How Ruby Went Off the Rails

What happened to RubyGems, Bundler, and the Open Source drama that controls the internet infrastructure.

www.404media.co

1 1

Reposted by Dave Aitel

Joseph Lorenzo Hall, PhD @josephhall.org · 13d

This new preprint could be a game-changer for image forensics. It shows that every camera has a unique "blur fingerprint" that acts like a smoking gun, allowing identification of the specific device used—even between two identical phone models.
blur-fields.github.io

Learning Lens Blur Fields

The lens blur field is a neural representation for modelling optical blur.

blur-fields.github.io

1 6 7

Reposted by Dave Aitel

Silas Cutler @silascutler.bsky.social · 13d

CFP for #DistrictCon closes tomorrow https://www.districtcon.org/cfp . Speakers set be announced on 20 October 2025

2 3

Reposted by Dave Aitel

Eric Geller @ericjgeller.com · 15d

Breaking: CISA orders agencies to analyze and patch Cisco networking equipment following the discovery of critical vulnerabilities being exploited by "an advanced threat actor." www.cisa.gov/news-events/...

Cisco alert: sec.cloudapps.cisco.com/security/cen...

4 39 110

Reposted by Dave Aitel

Eric Geller @ericjgeller.com · 15d

These attacks on Cisco security appliances are a continuation of the ArcaneDoor campaign that Cisco announced in April 2024. blog.talosintelligence.com/arcanedoor-n...

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

Cisco is aware of new activity targeting certain Cisco Adaptive Security Appliances (ASA) 5500-X Series and has released three CVEs related to the event. We assess with high confidence this activity i...

blog.talosintelligence.com

1 2 10

Dave Aitel @daveaitel.bsky.social · 15d

youtu.be/CLLCcfqsuD4?...

Reposted by Dave Aitel

Martin @mshelton.bsky.social · 16d

In which I get way too excited about Apple's new Memory Integrity Enforcement features, which will make mercenary spyware that much harder to deploy on new iPhones. (Subscribe!) freedom.press/digisec/blog...

iPhone 17’s killer feature: Memory safety

Apple’s new phone series has a secret superpower that will make mercenary spyware much harder to deploy

freedom.press

1 8 16

Reposted by Dave Aitel

Cynthia Brumfield @metacurity.com · 16d

Incredible must-read analysis of the Collins Aerospace incident by Günter Born (which relies heavily on work by @doublepulsar.com). It concludes by pointing to Cyfirma's assessment that Alixsec, Scattered Spider, and the Rhysida ransomware were the culprits

www.borncity.com/blog/2025/09...

Nachlese Sicherheitsvorfall bei Collins Aerospace, der Flughäfen lahm legte

In den Abendstunden des 19. September 2025 (Freitag) gab es einen Ransomware-Angriff auf den Dienstleister Collins Aerospace, der für europäische Flughäfen u.a. die Check-In-Systeme betreibt.

www.borncity.com

1 3 2

Reposted by Dave Aitel

Greg Otto @gregotto.bsky.social · 16d

🚨🚨🚨 Google released a report on "Brickstorm" this morning — a next-level, suspected China-linked campaign targeting U.S. firms. Ultra-stealthy, 400+ day dwell times, focus on stealing IP, finding zero-days, and focused on long-term cyberespionage. cyberscoop.com/chinese-cybe...

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign

Mandiant and Google have identified “Brickstorm,” a sophisticated, suspected China-linked hacking campaign targeting U.S. tech firms, legal organizations, and BPOs. The operation often goes undetected...

cyberscoop.com

9 48 69

Reposted by Dave Aitel

Patch Thompson @patchthompson.bsky.social · 16d

Anyway, here is some actually incredible news

www.bbc.co.uk/news/article...

Huntington's disease successfully treated for first time

One of the most devastating diseases finally has a treatment that can slow its progression and transform lives, tearful doctors tell BBC.

www.bbc.co.uk

8 210 560

Reposted by Dave Aitel

Matthew Stiegler @matthewstiegler.bsky.social · 18d

Let me let you in on a secret, most federal judges don't believe that other federal judges higher up the food chain are one bit smarter, or any more faithful to the law, than they are. And yet, by and large, they fully accept the legitimacy of review and potential reversal of their decisions.

Why?

3 33 130

Reposted by Dave Aitel

InfoSec @infosec.skyfleet.blue · 18d

Iran-Linked Hackers Target Europe With New Malware

"Nimbus Manticore" is back at it, this time with improved variants of its flagship malware and targets that are outside its usual focus area.

www.darkreading.com

7 23

Reposted by Dave Aitel

TechCrunch @techcrunch.com · 18d

OpenAI and Nvidia agreed to deploy 10 gigawatts worth AI chips to power the next generation of ChatGPT.

Nvidia plans to invest up to $100B in OpenAI | TechCrunch

OpenAI and Nvidia agreed to deploy 10 gigawatts worth AI chips to power the next generation of ChatGPT.

techcrunch.com

4 2 10

Reposted by Dave Aitel

Zack Whittaker @zackwhittaker.com · 18d

For TechCrunch, I wrote about Unit 221B, a cybersecurity company that's recently made a name for itself by tracking today's top English-speaking hacking groups, including Scattered Spider, and helping to disrupt their operations.

Now the company has raised $5 million to focus on the threat.

Unit 221B raises $5 million to help track and disrupt today’s top hacking groups | TechCrunch

The seed funding raise will help Unit 221B expand its threat intelligence platform, which tracks the English-speaking youth hacking phenomenon.

techcrunch.com

1 14 30

Dave Aitel @daveaitel.bsky.social · 18d

Great article!

Reposted by Dave Aitel

Margi Murphy @margimurphy.bsky.social · 21d

For more than a year I’ve spoken with Scattered Spider “caller” Noah Urban from a Florida jail. I wanted to know how they chose victims, their methods and how Noah became entangled in a virtually and physically violent world.

We’re publishing his story today: www.bloomberg.com/news/feature...

‘I Was a Weird Kid’: Jailhouse Confessions of a Teen Hacker

Noah Urban’s role in the notorious Scattered Spider gang was talking people into unwittingly giving criminals access to sensitive computer systems.

www.bloomberg.com

2 18 36