Nate Hess
@nateahess.bsky.social
Information Security Analyst | Identity • Cloud Security | Dad
https://nateahess.medium.com/
https://github.com/nateahess
https://nateahess.medium.com/
https://github.com/nateahess
Reposted by Nate Hess
OpenAI announced they'll now have ads in ChatGPT
It's slop inside of slop. It's recursive slop. Slopception.
It's slop inside of slop. It's recursive slop. Slopception.
December 5, 2025 at 1:24 AM
OpenAI announced they'll now have ads in ChatGPT
It's slop inside of slop. It's recursive slop. Slopception.
It's slop inside of slop. It's recursive slop. Slopception.
Reposted by Nate Hess
Study concludes cybersecurity training doesn’t work
A UC San Diego study reveals that cybersecurity training is ineffective in preventing phishing attacks, suggesting companies should seek alternative methods to safeguard their digital assets.
A UC San Diego study reveals that cybersecurity training is ineffective in preventing phishing attacks, suggesting companies should seek alternative methods to safeguard their digital assets.
Study concludes cybersecurity training doesn’t work
A lot of companies use cybersecurity training to prevent phishing attacks. A UC San Diego study says they should find a better way to protect their digital assets.
www.kpbs.org
November 1, 2025 at 12:03 AM
Study concludes cybersecurity training doesn’t work
A UC San Diego study reveals that cybersecurity training is ineffective in preventing phishing attacks, suggesting companies should seek alternative methods to safeguard their digital assets.
A UC San Diego study reveals that cybersecurity training is ineffective in preventing phishing attacks, suggesting companies should seek alternative methods to safeguard their digital assets.
Shoutout to @trustedsec.com for the free shirt! 🤙 love it!
August 21, 2025 at 5:48 PM
Shoutout to @trustedsec.com for the free shirt! 🤙 love it!
Reposted by Nate Hess
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
17K+ SharePoint Servers Exposed to Internet - 840 Servers Vulnerable to 0-Day Attacks
A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE-2025-53770, according to new findings from Shadowserver Foundation.
cybersecuritynews.com
July 31, 2025 at 3:48 PM
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
Reposted by Nate Hess
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs.
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs.
www.bleepingcomputer.com
July 28, 2025 at 7:41 PM
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs.
Reposted by Nate Hess
Mandating that orgs declare to Gov they paid a ransom isn’t the silver bullet some paint it as. Loopholes will be found or worse it will make paying potentially more socially acceptable. Governments are avoiding tackling the hard issues imo - one of those is more transparency in the crypto space.
July 22, 2025 at 8:39 AM
Mandating that orgs declare to Gov they paid a ransom isn’t the silver bullet some paint it as. Loopholes will be found or worse it will make paying potentially more socially acceptable. Governments are avoiding tackling the hard issues imo - one of those is more transparency in the crypto space.
Always check your sources. The recently registered putty[.]network drops a botnet/c2.
app.any.run/tasks/8d1d72...
app.any.run/tasks/8d1d72...
Analysis PuTTY-setup.exe (MD5: BB50383EAC05377D7FEAE5B9C3024550) Malicious activity - Interactive analysis ANY.RUN
Interactive malware hunting service. Live testing of most type of threats in any environments. No installation and no waiting necessary.
app.any.run
July 18, 2025 at 8:06 PM
Always check your sources. The recently registered putty[.]network drops a botnet/c2.
app.any.run/tasks/8d1d72...
app.any.run/tasks/8d1d72...
Reposted by Nate Hess
AI Creates Realistic Honeypots for Cybersecurity | EdTech Magazine edtechmagazine.com/higher/artic...
AI Creates Realistic Honeypots for Cybersecurity
Trapping cybercriminals in artificial intelligence–enhanced honeypots can improve higher education institutions’ security posture.
edtechmagazine.com
July 12, 2025 at 10:39 AM
AI Creates Realistic Honeypots for Cybersecurity | EdTech Magazine edtechmagazine.com/higher/artic...
Reposted by Nate Hess
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
June 26, 2025 at 8:10 AM
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
Reposted by Nate Hess
More than 16 billion login credentials for Google, Facebook, Apple and other platforms have been exposed in one of the largest databases of cybersecurity breaches of all time, according to a Cybernews report.
www.axios.com/2025/06/20/d...
www.axios.com/2025/06/20/d...
16 billion passwords for Google, Apple, Facebook leaked in massive data dump, report says
It's one of the largest ever compilations of compromised passwords, Cybernews reports.
www.axios.com
June 21, 2025 at 6:07 AM
More than 16 billion login credentials for Google, Facebook, Apple and other platforms have been exposed in one of the largest databases of cybersecurity breaches of all time, according to a Cybernews report.
www.axios.com/2025/06/20/d...
www.axios.com/2025/06/20/d...
Reposted by Nate Hess
June 21, 2025 at 3:50 AM
Yelp was way ahead of Apple on this new design language. #liquidglass
June 18, 2025 at 9:28 PM
Yelp was way ahead of Apple on this new design language. #liquidglass
Excitement in my 30’s is opening the dishwasher and realizing it hasn’t been ran yet, so I can add to it without emptying it first.
June 1, 2025 at 2:06 AM
Excitement in my 30’s is opening the dishwasher and realizing it hasn’t been ran yet, so I can add to it without emptying it first.
If your article starts with something like “in today’s fast growing technological landscape” then I’m skipping it.
May 27, 2025 at 2:13 AM
If your article starts with something like “in today’s fast growing technological landscape” then I’m skipping it.
Reposted by Nate Hess
Security Firm @SophosXOps published another report, this one on incidents at small and medium-sized businesses by @thepacketrat and Anna Szalay. One of the things I always look for in these reports are easy #cybersecurity wins -- and this report has a bunch […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
April 17, 2025 at 1:10 AM
Security Firm @SophosXOps published another report, this one on incidents at small and medium-sized businesses by @thepacketrat and Anna Szalay. One of the things I always look for in these reports are easy #cybersecurity wins -- and this report has a bunch […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
Reposted by Nate Hess
It’s not snow unless it sticks
April 7, 2025 at 4:50 PM
It’s not snow unless it sticks
I’m learning that a cybersecurity Masters degree is just the daily research I do for my job, but now I’m putting it in APA format and expanding it to 10-15 pages.
February 15, 2025 at 8:56 PM
I’m learning that a cybersecurity Masters degree is just the daily research I do for my job, but now I’m putting it in APA format and expanding it to 10-15 pages.
Interesting take. Should probably say “don’t use your email as your 2FA method” instead.
apple.news/APSL1kjBETSW...
apple.news/APSL1kjBETSW...
Stop saving your email login info in your password manager! — PCWorld
Memorize your email password separately to avoid account lockouts. Senior Editor, PCWorld | Feb 5, 2025 8:00 am PST Bitwarden is a beloved password manager for good reason—it’s feature-rich and its pa...
apple.news
February 11, 2025 at 2:24 PM
Interesting take. Should probably say “don’t use your email as your 2FA method” instead.
apple.news/APSL1kjBETSW...
apple.news/APSL1kjBETSW...