@evandornbush.bsky.social
Reposted
Sources detail a leadership vacuum and staff cuts at the NSA, eroding morale among its analysts and weakening the agency's long-term cyber capabilities (David DiMolfetta/Nextgov/FCW)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
November 5, 2025 at 7:35 AM
Sources detail a leadership vacuum and staff cuts at the NSA, eroding morale among its analysts and weakening the agency's long-term cyber capabilities (David DiMolfetta/Nextgov/FCW)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
Reposted
If you’ve been laid off from a cyber threat intel position, and you want a ticket to CYBERWARCON, please reach out.
October 23, 2025 at 1:27 PM
If you’ve been laid off from a cyber threat intel position, and you want a ticket to CYBERWARCON, please reach out.
Malware that can tap tap taparoo... your phone.
'Happy Gilmore' Producer Buys Spyware Maker NSO Group www.wired.com/story/happy-...
'Happy Gilmore' Producer Buys Spyware Maker NSO Group
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.
www.wired.com
October 13, 2025 at 8:03 PM
Malware that can tap tap taparoo... your phone.
Reposted
We're streaming live to YouTube in ~20 mins. Come hang out with us www.youtube.com/watch?v=zjdh...
Three Buddy Problem (Episode 66)
YouTube video by Three Buddy Problem
www.youtube.com
October 3, 2025 at 2:40 PM
We're streaming live to YouTube in ~20 mins. Come hang out with us www.youtube.com/watch?v=zjdh...
Reposted
House Homeland marking up both CISA 2015 reauth AND state/local cyber grant program legislation tomorrow. docs.house.gov/Committee/Ca... Should we get used to calling CISA 2015 "WIMWIG?"
H.R. 1736, (Mr. Pfluger) the “Generative AI Terrorism Risk Assessment Act”; H.R. 2212, (Mr. Mackenzie) the “DHS Intelligence Rotational Assignment Program and Law Enforcement Support Act”; H.R. 2259...
docs.house.gov
September 2, 2025 at 4:15 PM
House Homeland marking up both CISA 2015 reauth AND state/local cyber grant program legislation tomorrow. docs.house.gov/Committee/Ca... Should we get used to calling CISA 2015 "WIMWIG?"
Reposted
🔥🔥WATCH: “Rappers are smarter than economists”👇🏽
@dossdiscourse.bsky.social explains more cops doesn’t lower crime it just means more money for private prisons— Addressing poverty/hunger/health care lowers crime… but Trump’s trillions transfer just made all that MUCH WORSE… meaning crime will rise.
@dossdiscourse.bsky.social explains more cops doesn’t lower crime it just means more money for private prisons— Addressing poverty/hunger/health care lowers crime… but Trump’s trillions transfer just made all that MUCH WORSE… meaning crime will rise.
August 17, 2025 at 6:52 PM
🔥🔥WATCH: “Rappers are smarter than economists”👇🏽
@dossdiscourse.bsky.social explains more cops doesn’t lower crime it just means more money for private prisons— Addressing poverty/hunger/health care lowers crime… but Trump’s trillions transfer just made all that MUCH WORSE… meaning crime will rise.
@dossdiscourse.bsky.social explains more cops doesn’t lower crime it just means more money for private prisons— Addressing poverty/hunger/health care lowers crime… but Trump’s trillions transfer just made all that MUCH WORSE… meaning crime will rise.
Reposted
Aug 10th 1988 - Zero Cool was in the New York Times for crashing 1,507 computer systems.
📽️📅 Hackers (1995)
📽️📅 Hackers (1995)
August 10, 2025 at 10:26 AM
Aug 10th 1988 - Zero Cool was in the New York Times for crashing 1,507 computer systems.
📽️📅 Hackers (1995)
📽️📅 Hackers (1995)
Reposted
Researchers at Defcon just showed they can crack the Securam ProLogic locks used on high-security safes to protect guns, cash, and narcotics in pharmacies.
When they told Securam last year, it sent them legal threats—and didn't fix the flaws.
www.wired.com/story/secura...
When they told Securam last year, it sent them legal threats—and didn't fix the flaws.
www.wired.com/story/secura...
Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds
Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics—that are sold with Securam Prologic locks.
www.wired.com
August 8, 2025 at 8:24 PM
Researchers at Defcon just showed they can crack the Securam ProLogic locks used on high-security safes to protect guns, cash, and narcotics in pharmacies.
When they told Securam last year, it sent them legal threats—and didn't fix the flaws.
www.wired.com/story/secura...
When they told Securam last year, it sent them legal threats—and didn't fix the flaws.
www.wired.com/story/secura...
Reposted
Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!
August 2, 2025 at 12:52 AM
Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!
Reposted
🚨 NEW PAPER on the 0day Supply Chain 🚨:
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.
key findings below ⬇️- 0/🧵 www.atlanticcouncil.org/in-depth-res...
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.
key findings below ⬇️- 0/🧵 www.atlanticcouncil.org/in-depth-res...
Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace
If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.
www.atlanticcouncil.org
June 25, 2025 at 1:11 PM
🚨 NEW PAPER on the 0day Supply Chain 🚨:
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.
key findings below ⬇️- 0/🧵 www.atlanticcouncil.org/in-depth-res...
I gathered open source data & interviewed Gov employees, VR and china researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China.
key findings below ⬇️- 0/🧵 www.atlanticcouncil.org/in-depth-res...
Reposted
Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage.
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach...
therecord.media
May 16, 2025 at 1:35 PM
Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage.
As a THOTCON sponsor, I received a handful of tickets.
If you'd like one of them, all you need to do is follow @desiredeffect.io to be entered into a raffle!
If you'd like one of them, all you need to do is follow @desiredeffect.io to be entered into a raffle!
🚨 We have THOTCON tickets to give away!!!!
All you need to do is follow this page.
We'll choose a few lucky folk on 19 May.
All you need to do is follow this page.
We'll choose a few lucky folk on 19 May.
May 12, 2025 at 9:24 PM
As a THOTCON sponsor, I received a handful of tickets.
If you'd like one of them, all you need to do is follow @desiredeffect.io to be entered into a raffle!
If you'd like one of them, all you need to do is follow @desiredeffect.io to be entered into a raffle!
What's more important than setting up your company social media page?
Sponsoring THOTCON.
And giving away tickets to new friends!
Sponsoring THOTCON.
And giving away tickets to new friends!
Desired Effect is a proud sponsor of THOTCON.
Tickets are hard to come by, and... we may have yours!
Follow us on BSky and we'll pick a few winners on 19 May 2025
Tickets are hard to come by, and... we may have yours!
Follow us on BSky and we'll pick a few winners on 19 May 2025
May 9, 2025 at 3:46 PM
What's more important than setting up your company social media page?
Sponsoring THOTCON.
And giving away tickets to new friends!
Sponsoring THOTCON.
And giving away tickets to new friends!
"While we are seen as making vulnerabilities, our true job is on identifying them to protect consumers.
[Industry criticism of vuln mgmt community] 'All you do is introduce risks.' If we cannot describe it, then what are we doing? The shepherds of the vulns need to find a way forward"
#vulncon2025
[Industry criticism of vuln mgmt community] 'All you do is introduce risks.' If we cannot describe it, then what are we doing? The shepherds of the vulns need to find a way forward"
#vulncon2025
April 7, 2025 at 2:26 PM
"While we are seen as making vulnerabilities, our true job is on identifying them to protect consumers.
[Industry criticism of vuln mgmt community] 'All you do is introduce risks.' If we cannot describe it, then what are we doing? The shepherds of the vulns need to find a way forward"
#vulncon2025
[Industry criticism of vuln mgmt community] 'All you do is introduce risks.' If we cannot describe it, then what are we doing? The shepherds of the vulns need to find a way forward"
#vulncon2025
Reposted
A joint diplomatic initiative by the French and British governments to tackle “the proliferation and irresponsible use” of commercial hacking tools is hoping to announce its participants have agreed new rules on the technologies involved in Paris this week.
Paris set to host difficult negotiations on tackling commercial hacking tools
This week in Paris, the diplomatic initiative formerly known as the Pall Mall Process will continue to look for international agreement on thorny issues related to hacking tools known as commercial cy...
therecord.media
April 2, 2025 at 1:05 PM
A joint diplomatic initiative by the French and British governments to tackle “the proliferation and irresponsible use” of commercial hacking tools is hoping to announce its participants have agreed new rules on the technologies involved in Paris this week.
Reposted
Top cyber Democrat on House Homeland Security Committee Eric Swalwell suggests government contractors could be deployed to conduct offensive cyber operations against foreign adversaries:
www.nextgov.com/cybersecurit...
www.nextgov.com/cybersecurit...
Contractors could hack back against adversaries, top cyber Democrat says
Rep. Eric Swalwell, D-Calif., said the federal government can’t protect everyone and the concept of asking private sector security companies to conduct offensive cyber operations is worth exploring.
www.nextgov.com
April 2, 2025 at 5:50 PM
Top cyber Democrat on House Homeland Security Committee Eric Swalwell suggests government contractors could be deployed to conduct offensive cyber operations against foreign adversaries:
www.nextgov.com/cybersecurit...
www.nextgov.com/cybersecurit...
Worth the read. Deeply.
Dig through this timeline and you'll figure out what I'm here to do. I spoke to a commercial leader in the offensive security space last year. My words: you're fucking it up.
What I didn't say: I feel compelled, even though I DON'T want the bullshit, to try and fix it.
What does all of this mean?
What I didn't say: I feel compelled, even though I DON'T want the bullshit, to try and fix it.
What does all of this mean?
March 15, 2025 at 6:32 PM
Worth the read. Deeply.
❤️
March 11, 2025 at 2:43 PM
❤️
Reposted
Have some hackademic research you'd love to see published as a paper? Submit it to WOOT 📝
Looking forward to your submissions!
Looking forward to your submissions!
Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...
March 9, 2025 at 3:04 PM
Have some hackademic research you'd love to see published as a paper? Submit it to WOOT 📝
Looking forward to your submissions!
Looking forward to your submissions!
Reposted
The number of companies providing vulnerabilities to China’s MSS has ballooned to 324, up from 151 in 2023! Most new companies are currently Tier 3. China’s ecosystem of vuln suppliers is frothy.
March 3, 2025 at 9:42 PM
The number of companies providing vulnerabilities to China’s MSS has ballooned to 324, up from 151 in 2023! Most new companies are currently Tier 3. China’s ecosystem of vuln suppliers is frothy.
March 3, 2025 at 10:40 PM
Reposted
Cybercrime evolving into national security threat: Google https://buff.ly/4hYFhbr
Cybercrime evolving into national security threat: Google
“The vast cybercriminal ecosystem has acted as an accelerant for state-sponsored hacking, providing malware, vulnerabilities, and in some cases full-spectrum operations to states,” said Ben Read of…
buff.ly
February 22, 2025 at 10:12 AM
Cybercrime evolving into national security threat: Google https://buff.ly/4hYFhbr
👀
February 18, 2025 at 2:35 AM
👀
Reposted
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
A research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure.
buff.ly
January 12, 2025 at 10:42 AM
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
Oh, and don't bother calling 911 any more... here's the real number.
December 17, 2024 at 10:02 AM
Oh, and don't bother calling 911 any more... here's the real number.