🚨🚨🚨 Google released a report on "Brickstorm" this morning — a next-level, suspected China-linked campaign targeting U.S. firms. Ultra-stealthy, 400+ day dwell times, focus on stealing IP, finding zero-days, and focused on long-term cyberespionage. cyberscoop.com/chinese-cybe...

We are expecting several organizations who use this tool and actively hunt for this threat will find that this actor has been active in their networks for some time.

We are releasing details on BRICKSTORM malware activity, a China-based threat hitting US tech to potentially target downstream customers and hunt for data on vulnerabilities in products. This actor is stealthy, and we've provided a tool to hunt for them. cloud.google.com/blog/topics/...

This is unironically one of the wildest photos ever taken.

Last week to get your @CYBERWARCON submissions in! Don’t miss out!

We've got some good submissions flowing into the @CYBERWARCON CFP, but there's still time for more. If you have good content, and you're worried the honorarium won't cover your travel, please submit, and we'll work it out. We do this because we believe this research matters.

Finland is so small that I once visited and Mikko found me in a bookstore.

PAPERS PLEASE!
#BSidesPyongyang2025 🇰🇵

Submit your CFP now:
https://forms.gle/y6QRMeYuJPYXZi1k9

Tech startup idea: instead of starting your car with your key, you get in, turn on the display panel, enter your password, get your phone out, open the authenticator app, enter your pin, enter the timed passcode, then open the start menu, then helpdesk, then "request engine start", then submit a tic

Yo! #CYBERWARCON CFP & Reg is LIVE! You know what to do. AI can't do it for you...or wear these socks.

@hultquist.bsky.social @cyberwarcon.bsky.social

Major Update: We now believe this incident impacts other Salesloft Drift integrations, not just Salesforce. We’re advising Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised.

Wait til they see the socks!

NEW: Google's Threat Intelligence Group has found the Salesloft issue impacting Salesforce actually impacts *all* Salesloft integrations, including those with Google Workspace. @mattkapko.com has it all (and will have more as this is developing) cyberscoop.com/salesloft-dr...

it's that time!!! @cyberwarcon.bsky.social tickets are on sale!!
Get one before they sell out!!

www.cyberwarcon.com/registration

#CYBERWARCON #sockarmy

CYBERWARCON is coming!!! Registration and CFP are now open for this year's #CYBERWARCON! This year's keynote speaker will be @dmitri.silverado.org!!
We are back in Arlington, VA this year on November 19th.

www.cyberwarcon.com

No known relation at this time. Still investigating motives.

An actor we are tracking as UNC6395 is targeting Salesforce customer instances through compromised OAuth tokens associated with the Salesloft Drift third-party application. This is ongoing and widespread. cloud.google.com/blog/topics/...

For anyone that is on their way to Vegas for Black Hat — if you have respiratory problems, prepare. Wildfires in Santa Barbara have smoke moving through the city. Here is a picture from a hotel room, I could see the mountains clearly yesterday. You see any 🏔️ in this pic?

Hot wasps have good jeans.

Just now: Sean Cairncross confirmed to be national cyber director in a 59-35 vote.

Look uh this shit is hilarious

when they close it all up, I do believe this will go down as the funniest video on the internet

#PublicAttribution of cyber activities is #China’s latest technique for pressuring #Taiwan and shaping the international dialogue around #cybersecurity. @benread.bsky.social digs into the details on Binding Hook: bindinghook.com/articles-hoo...