banner
gregotto.bsky.social
Greg Otto
@gregotto.bsky.social
5.3K followers 400 following 560 posts
@gregotto from twitter, now on bluesky. Editor-in-Chief at CyberScoop. Host of Safe Mode. Better with words than I am with code.
Posts Media Videos Starter Packs
Pinned
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · Feb 18
Our reporting at @cyberscoop.bsky.social doesn’t happen without our sources’ insights. If you have information that you would like to share, scan the code below to contact me via signal:
A QR code that will open the Signal messaging app, allowing you to contact Greg Otto
2 4
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2h
Voting rights groups are asking a court to block an ongoing Trump administration effort to merge disparate federal and state voter data into a massive citizenship and voter fraud database. cyberscoop.com/voting-right...
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal d...
cyberscoop.com
1 1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
🤭🫣💀

www.flawtinet.com
Flawtinet - Your Most Trusted Vulnerable Product
www.flawtinet.com
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
Who said there is no cybersecurity knowledge exchange on this app????
3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
Every day we stray further from god's light 😔
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
I said the same thing but we couldn’t challenge it bc we burned it earlier in the game
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
1 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
The teenagers are making fun of CrowdStrike in their super secret telegram clubhouse
1 5
Reposted by Greg Otto
cyberscoop.bsky.social
CyberScoop @cyberscoop.bsky.social · 2d
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem. via @mattkapko.com cyberscoop.com/okta-zscaler...
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.
cyberscoop.com
1 7 8
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
I get that enterprise patch/vuln management is more than just clicking "update now" but 2010???? Do better, everyone
List of CVEs from CISA KEV list, starting with two from 2010, two from 2011, and one from 2013
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
170,000 x $80/yr = $13.6m in revenue. But worth $150m. Sure sure.
maxtani.bsky.social
max tani @maxtani.bsky.social · 2d
David Ellison’s note to staff on Paramount’s acquisition of the Free Press
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 5d
I went to find the article and was shocked it wasn’t a Issac Chotiner interview. Thought Remnick was his boy!
1 4
Reposted by Greg Otto
couts.bsky.social
Andrew Couts @couts.bsky.social · 5d
NEW: ICE is planning to hire a team of nearly 30 people to surveil social media 24/7, build dossiers on people, and flag them for arrest and deportation. @dell.bsky.social has the scoop: www.wired.com/story/ice-so...
ICE Wants to Build Out a 24/7 Social Media Surveillance Team
Documents show ICE plans to hire dozens of contractors to scan X, Facebook, TikTok, and other platforms to target people for deportation.
www.wired.com
800 4.9K 6.5K
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 5d
Anyone who says someone is "asymmetric in sympathy and generosity" needs to be shoved into a locker forever. Big Seth Milchick hours
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 5d
The cyber girlies are fighting in the chats
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Red Hat confirms breach of GitLab instance, which stored company’s consulting data cyberscoop.com/red-hat-gitl...
Red Hat confirms breach of GitLab instance, which stored company’s consulting data
The open-source software company said exposure is limited to consulting engagements, adding that it hasn’t found evidence of personal or sensitive data theft.
cyberscoop.com
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Oracle confirmed it’s aware some customers have received extortion emails.

“Our ongoing investigation has found the potential use of previously identified vulnerabilities that are addressed in the July 2025 critical patch update,” Rob Duhart, CSO at Oracle Security, said in a blog post.
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
NEW: @mattkapko.com got his hands on the email being sent to oracle customers. Lots of broken english and pressure applied to pay up or see data leaked cyberscoop.com/extortion-em...
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.
cyberscoop.com
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
George Cheeks
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
NEW: @mattkapko.com got his hands on the email being sent to oracle customers. Lots of broken english and pressure applied to pay up or see data leaked cyberscoop.com/extortion-em...
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.
cyberscoop.com
2 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
🤔🤔🤔
CISA KEV email that has CVEs from 2015 and 2017.
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
CyberScoop will have more on this phenomenon soon. 👀
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Nearly every industry has been duped into hiring North Koreans in violation of sanctions, as technology companies represent only half of all targeted victims, threat researchers at Okta said in a report this week. cyberscoop.com/north-korea-...
North Korea IT worker scheme swells beyond US companies
Okta Threat Intelligence uncovered a large-scale and sustained operation, reflecting the North Korean regime’s pursuit of any opportunity that allows for remote employment.
cyberscoop.com
1 1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Nearly every industry has been duped into hiring North Koreans in violation of sanctions, as technology companies represent only half of all targeted victims, threat researchers at Okta said in a report this week. cyberscoop.com/north-korea-...
North Korea IT worker scheme swells beyond US companies
Okta Threat Intelligence uncovered a large-scale and sustained operation, reflecting the North Korean regime’s pursuit of any opportunity that allows for remote employment.
cyberscoop.com
8 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
If you have these emails, we would love to read them and further this story! Signal is in the bio or even email me - [email protected]
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
For those who missed it last night: attackers appearing to be aligned with Clop have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite, according to researchers who spoke with CyberScoop. cyberscoop.com/clop-claims-...
Oracle customers being bombarded with emails claiming widespread data theft
Researchers tell CyberScoop that notorious ransomware group Clop may be behind the email barrage.
cyberscoop.com
1 4 2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
CYBERSCOOP AFTER DARK: Attackers appearing to be aligned with the Clop ransomware group have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite. Early signs point to it being legit cyberscoop.com/clop-claims-...
Oracle customers being bombarded with emails claiming widespread data theft
Researchers tell CyberScoop that notorious ransomware group Clop may be behind the email barrage.
cyberscoop.com
2 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Yeah that tracks (sorry man)
1