Nostr notes by Metacurity

"The vast majority, about 90%, of the more than 260,000 DHS ...

2026-03-14T13:09:49Z

"The vast majority, about 90%, of the more than 260,000 DHS employees are continuing to work without pay throughout the funding lapse, which began Feb. 14. Employees earlier this month received partial paychecks, compensated only for work hours they completed prior to the start of the shutdown."
https://federalnewsnetwork.com/government-shutdown/2026/03/many-dhs-employees-miss-first-full-paychecks-as-shutdown-continues/?readmore=1

A quiet but significant expansion of the US surveillance ...

2026-03-13T13:32:16Z

A quiet but significant expansion of the US surveillance apparatus is taking shape inside DHS — built from travel databases, biometric systems, location data markets, AI analytics, and tools like Palantir’s ELITE platform.

In this report, I trace how investigative reporting from Mother Jones, Wired, and 404 Media reveals the architecture of a system capable of tracking Americans’ movements, identities, and digital lives.

Available to Metacurity paid subscribers.
https://www.metacurity.com/the-homeland-security-surveillance-machine/

This is for Wynn Resorts. ShinyHunters demands $1.5M not to leak ...

2026-02-20T18:34:08Z

This is for Wynn Resorts.

ShinyHunters demands $1.5M not to leak Vegas casino and resort chain data
https://www.theregister.com/2026/02/20/shinyhunters_wynn_resorts/?utm_source=dlvr.it&utm_medium=bluesky

It's downright weird that McDonald's is leading a ...

2026-02-05T11:40:04Z

It's downright weird that McDonald's is leading a campaign to advise us to use more secure passwords.

McDonald's is not lovin' your bigmac, happymeal, and mcnuggets passwords
https://www.theregister.com/2026/02/02/mcdonalds_password_advice/

If I am reading this correctly, Northern Ireland police, who just ...

2026-02-04T12:05:29Z

If I am reading this correctly, Northern Ireland police, who just received compensation of £7,500 per officer for having their personal details published in error on the internet, were revictimized today when the Northern Ireland court system again published their personal details.
https://www.belfasttelegraph.co.uk/news/northern-ireland/it-defies-belief-names-of-psni-officers-published-on-court-website-in-new-breach/a122899735.html

ICE wants all the federal funding , all the government data, all ...

2026-01-28T13:09:45Z

ICE wants all the federal funding , all the government data, all the surveillance technology it can get its hands on. Now it wants to track people using data it can source from technology and advertising companies. It is a malignant black hole.

ICE knocks on ad tech’s data door to see what it knows about you

https://www.theregister.com/2026/01/27/ice_data_advertising_tech_firms/

Wow. “Booz Allen failed to implement adequate safeguards to ...

2026-01-26T15:26:27Z

Wow.

“Booz Allen failed to implement adequate safeguards to protect sensitive data, incl. the confidential taxpayer information it had access to through its contracts with the Internal Revenue Service.”

Treasury Cancels Contracts with Booz Allen Hamilton

https://home.treasury.gov/news/press-releases/sb0371

This piece makes the interesting case that accountants can be a ...

2026-01-20T11:35:44Z

This piece makes the interesting case that accountants can be a first line of defense against cyber threats.

Research reveals a surprising line of defence against cyber attacks: accountants
https://theconversation.com/research-reveals-a-surprising-line-of-defence-against-cyber-attacks-accountants-272428

Target's dev server offline after hackers claim to steal ...

2026-01-13T11:23:30Z

Target's dev server offline after hackers claim to steal source code

https://www.bleepingcomputer.com/news/security/targets-dev-server-offline-after-hackers-claim-to-steal-source-code/

Confusing, right? But that video shows total obliteration of one ...

2026-01-05T12:33:19Z

In reply to nevent1q…kdhd
_________________________

Confusing, right? But that video shows total obliteration of one of the substations -- why even bother with cyber if you're going to do that?

So Venezuela's energy ministry is saying the attack that ...

2026-01-05T11:26:20Z

So Venezuela's energy ministry is saying the attack that brought down the power grid in Caracas was a physical assault on substations and not a cyber attack.
https://mppee.gob.ve/?p=103279

This contradicts Trump's statement about the US having "expertise" and also the NYT's reporting that the attack "began with a cyberoperation that cut power to large swaths of Caracas." 2/2
https://www.nytimes.com/2026/01/03/us/politics/trump-capture-maduro-venezuela.html

Corpoelec's website is not only down for maintenance, it's not accessible at all today. https://corpoelec.gob.ve/

Nostr event nevent1qqsxdud9zzfswyl37ezk8y70t99t4kyhxs98727u0hl4q9ev7er0x0szypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665tu3cgv

2026-01-04T07:51:25Z

https://www.nytimes.com/2026/01/03/us/politics/trump-capture-maduro-venezuela.html

“Inside Venezuela, the effort began with a cyberoperation that cut power to large swaths of Caracas, shrouding the city in darkness to allow the planes, drones and helicopters to approach undetected.”

Good god “At least six career staffers at the Cybersecurity and ...

2025-12-22T09:17:44Z

Good god

“At least six career staffers at the Cybersecurity and Infrastructure Security Agency were suspended with pay this summer after organizing a polygraph test that the agency’s acting director, Madhu Gottumukkala, failed.”

https://www.politico.com/news/2025/12/21/cisa-acting-director-madhu-gottumukkala-polygraph-investigation-00701996?utm_source=dlvr.it&utm_medium=bluesky

South Korea’s government is mobilizing an all-hands response to ...

2025-12-18T12:18:51Z

South Korea’s government is mobilizing an all-hands response to a data breach at e-commerce giant Coupang. The CEO was forced to resign and might face charges.

When has any US company or CEO been held to this level of accountability for a breach?
https://www.koreaherald.com/article/10639379

A Singaporean man was sentenced to prison and fined for teaching ...

2025-12-11T12:52:45Z

A Singaporean man was sentenced to prison and fined for teaching others how to use malware, the first known conviction for teaching malware tutorials.

Man gets jail for filming malware tutorials for syndicate; 129 Singapore victims lost S$3.2m
https://www.channelnewsasia.com/singapore/malaysian-malware-android-phones-129-victims-singapore-32-million-5569846

Nostr event nevent1qqs90sgg3upanjq50fu4ms6cd3ghs8eu5h3xlknecra74nhs5k6amfgzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665d7w0nf

2025-12-09T06:54:16Z

https://www.koreatimes.co.kr/business/companies/20251209/police-raid-coupang-over-massive-data-breach
This is what happens when you do bad cybersecurity.

Police reportedly seek to check for possible lapses in Coupang's security, while tracking down the suspect behind the leak. cybersecurity.

Nostr event nevent1qqs89hawg6mp5d8wfyswtckasnuhaah53z564xshemcrjc8wt0hfp0gzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665kmqm55

2025-11-25T00:06:55Z

https://www.clickondetroit.com/news/local/2025/11/22/campbell-soup-exec-caught-on-secret-recording-slamming-product-people-who-buy-it/
The exec caught on the recording was Campbell’s CISO.

Nostr event nevent1qqsfclskkkgls9936qjltammz0vlpqtp2m7rk8c9f4ypd7n3whwtruszypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665d83hc4

2025-11-24T09:18:50Z

https://www.theguardian.com/technology/2025/nov/24/civil-liberties-groups-call-for-inquiry-into-uk-data-protection-watchdog

Dozens of civil liberties campaigners and legal professionals are calling for an inquiry into the UK’s data protection watchdog, after what they describe as “a collapse in enforcement activity” after the scandal of the Afghan data breach.

The US and the UK are going after bulletproof hosting companies. ...

2025-11-19T14:05:39Z

The US and the UK are going after bulletproof hosting companies.

United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware
https://home.treasury.gov/news/press-releases/sb0319

All those allegations that China is using TP-Link routers to spy ...

2025-11-19T11:08:21Z

All those allegations that China is using TP-Link routers to spy or to lay the groundworks for attacks or whatever have cost the California-based but Chinese-owned company $1 billion, according to a lawsuit filed by TP-Link against Netgear.

Fwiw, the allegations began in Washington and were wholly unfounded, but that hasn't slowed the drumbeat to ban TP-Link.

https://www.csoonline.com/article/3504775/no-evidence-that-tp-link-routers-are-a-chinese-security-threat.html

https://www.bloomberg.com/news/articles/2025-11-19/netgear-accused-by-rival-of-china-smear-to-stoke-security-fear

Nostr event nevent1qqsfzdaf06355dmrdsn63yvk7z87kmqsyxjh3pf3czumaawlsmkykcczypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665wclt0z

2025-11-19T06:04:39Z

https://world.kbs.co.kr/service/news_view.htm?lang=e&Seq_Code=197518
Crazy times in South Korean cyber.

There has been an insane amount of high-profile cybersecuriy ...

2025-11-17T13:43:24Z

There has been an insane amount of high-profile cybersecuriy developments since Friday morning, so check out today's Metacurity for what you might have missed over the weekend, including

--US issues seizure warrants for Starlink terminals in Myanmar cyberscam compounds,
--US citizens plead guilty to aiding DPRK IT worker fraud,
--$28B tied to cybercrime activity over the last two years,
--Princeton got hit by a data-stealing cyberattack,
--Anthropic's report of autonomous AI Chinese hacks hits pushback,
--Cybercom invests in cyberwarfare AI agents,
--German legislature approves ban on selected Chinese kit,
--Taiwan warns of security flaws and misinformation in Chinese LLMs,
--Dutch police seize thousands of bulletproof hosting servers,
--UK prosecutors seize $5.4m from Twitter hacker,
--Russian man busted in Phuket could be Russian intel officer wanted by FBI,
--Breach of Somalia's electronic visa platform has wide implications,
--Hacked CCTV videos from Indian maternity ward sold on Telegram,
--Husband of the founder of Korean sportswear brand Andar sentenced for helping DPRK hackers,
--Critical FortiWeb flaw patched,
--Logitech confirms Clop attack,
--AIPAC breach affects 810 people,
--FBI is trying to unmask Archive[dot]is operator,
--Security pros agree senior management is responsible for security compliance,
--Crypto ATMs outnumber Wells Fargo ATMs,
--Devices for stealing keyless cars fetch $20k
https://www.metacurity.com/us-issues-seizure-warrants-for-starlink-terminals-in-myanmar-cyberscam-compounds/

"Twenty’s contracts are a rare case of an AI offensive ...

2025-11-17T12:36:14Z

"Twenty’s contracts are a rare case of an AI offensive cyber company with VC backing landing Cyber Command work; typically cyber contracts have gone to either small bespoke companies or to the old guard of defense contracting like Booz Allen Hamilton or L3Harris."

The Pentagon Is Spending Millions On AI Hackers
https://www.forbes.com/sites/thomasbrewster/2025/11/15/pentagon-spends-millions-on-ai-hackers/

"Dutch government bodies were unpleasantly surprised by news ...

2025-11-12T10:24:09Z

"Dutch government bodies were unpleasantly surprised by news that an American tech firm has acquired the Dutch cloud company Solvinity, the Financieele Dagblad reported.

Several governments opted for working with Solvinity precisely to reduce dependence on American technology firms"
https://nltimes.nl/2025/11/12/dutch-governments-caught-guard-american-tech-firm-buying-dutch-cloud-company?utm_source=dlvr.it&utm_medium=bluesky

Omfg "NSO’s new executive chairman, David Friedman, a ...

2025-11-10T12:26:14Z

Omfg

"NSO’s new executive chairman, David Friedman, a former U.S. ambassador to Israel and onetime bankruptcy lawyer for President Trump, said he wants to use his ties to the Trump administration to help rebuild the company’s spyware business in the U.S."

Israeli Spyware Maker NSO Gets New Owners, Leadership and Seeks to Mend Reputation
https://www.wsj.com/tech/israeli-spyware-maker-nso-gets-new-owners-leadership-and-seeks-to-mend-reputation-166ac50e?gaa_at=eafs&gaa_n=AWEtsqeTjThMB1_h1W1ewQnjnyji8Htzivc14xAyjmLD1jhojtWHS59ZMrQZW_ozWhc%3D&gaa_ts=6911d050&gaa_sig=bi4oz-fCkxtxpjHUj04ELh9BhkSPKU3Napkc4HbMWl5aa923Ah-Y4oBjTZW_Nsdg2DxfRCpo4QqTPBBI_MEqpA%3D%3D

"Donald Trump's clampdown on the U.S. Consumer Financial ...

2025-11-03T22:02:53Z

"Donald Trump's clampdown on the U.S. Consumer Financial Protection Bureau earlier this year has compounded IT security lapses at the agency through the cancellation of contracts"

US CFPB data security 'not effective' after Trump clampdown, watchdog report says
https://www.reuters.com/sustainability/boards-policy-regulation/us-cfpb-data-security-not-effective-after-trump-clampdown-watchdog-report-says-2025-11-03/

Kevin, I have to reiterate, MIT did not talk to me. You need to ...

2025-11-03T18:48:25Z

In reply to nevent1q…2l4j
_________________________

Kevin, I have to reiterate, MIT did not talk to me. You need to correct your piece.

Open-source security group pulls out of U.S. grant, citing DEI ...

2025-10-29T20:50:59Z

Open-source security group pulls out of U.S. grant, citing DEI restrictions
https://cyberscoop.com/python-software-foundation-rejects-federal-grant-funding-citing-dei-restrictions/

There is never a let-up in crucial infosec news, so check out ...

2025-10-16T13:13:00Z

There is never a let-up in crucial infosec news, so check out today's Metacurity for the developments you should know, including

--CISA warns agencies to update F5 appliances after breach disclosure,
--Sources say China hacked classified UK systems for over a decade,
--Some observers think a secret US cybercrime-fighting group doxxed a Russian ransomware kingpin,
--Microsoft is moving Surface manufacturing out of China,
--Pro-Palestine activists hacked four N. American PA systems,
--Dota 2 YouTube channel was hijacked to promote fraud,
--Criminals behind Bittensor hack laundered funds with anime NFTs,
--Cyberespionage group Mysterious Elephant is growing more sophisticated,
--German spyware victims sue Viktor Orbán,
--Vendor to Spanish retailer Mango experienced unauthorized access,
--Using AI to cover up AI usage,
--Man blames public Wi-Fi for getting totally pwned
https://www.metacurity.com/cisa-warns-agencies-to-update-f5-appliances-after-breach-disclosure/

Wow, a lot happened in the cybersecurity world over the weekend, ...

2025-10-13T12:08:30Z

Wow, a lot happened in the cybersecurity world over the weekend, so check out today's Metacurity for the most critical infosec developments you might have missed, including

--The White House fired 176 CISA employees on Friday, with more layoffs feared,
--Scattered Lapsus$ Hunters leaked 5m Qantas, 23m Vietnam Air customers' records,
--Spanish cops dismantle GXC Team,
--Dutch gov't warns of China's Nexperia security risks,
--Breach of crypto betting platform Shuffle exposes user data,
--FCC chair says sites have removed barred Chinese electronics
--N. Korean scammers now posing as architects,
--Korean government launches KT Telecom probe related to breach,
--OTA updates leave Jeeps bricked,
--CEO of UniCredit bank was targeted with Graphite spyware,
--NIH uses sensitive medical equipment from Chinese company with espionage track record,
--Trump withdraws nomination of Gen. William Hartman,
--Criminals are scamming driver's license seekers,
--World's biggest botnet is drawing power from telco-hosted IoT devices,
--Apple ups bug payouts for spyware to $2m,
--Hackers stole data from UK top screen industry union Bectu,
--Hackers stole massive amounts of data from Banco Hipotecario del Uruguay,
--A cyber incident hit Sugar Land, TX,
--Michigan City, IN hit by a ransomware attack,
--Resistant AI raised $25m in Series B,
--1Password sells $75m stake to Utah Jazz owners,
--Google's OSV database fixes undercount,
--AI might kill us with pathogens
https://www.metacurity.com/the-white-house-fired-176-cisa-employees-on-friday-with-more-layoffs-feared/

Yeah, I read that - it had to have been labeled that under a ...

2025-10-08T10:47:26Z

In reply to nevent1q…smre
_________________________

Yeah, I read that - it had to have been labeled that under a previous government. So, I guess it's that simple.

This is hard for me to understand. I mean, why not label China as ...

2025-10-08T10:44:07Z

This is hard for me to understand. I mean, why not label China as a security threat?

I understand that China is a powerful economic partner, but I'm missing something here.

China spy case collapse due to Labour government, prosecutors say
https://www.cityam.com/china-spy-case-collapse-due-to-labour-government-prosecutors-say/?mid=1#cid=3153100

Employees regularly paste company secrets into ChatGPT ...

2025-10-08T09:16:25Z

Employees regularly paste company secrets into ChatGPT
https://www.theregister.com/2025/10/07/gen_ai_shadow_it_secrets/

Asahi ships beer using paper and fax after ransomware attack ...

2025-10-04T10:52:21Z

Asahi ships beer using paper and fax after ransomware attack
https://www.japantimes.co.jp/business/2025/10/04/asahi-paper-fax-orders/

"If you think you might be burning out, you're already on ...

2025-09-30T08:47:59Z

"If you think you might be burning out, you're already on your way there," says Andrew Tillman, former head of cyber risk and assurance for the UK's Health Security Agency.

Why burnout is a growing problem in cybersecurity
https://www.bbc.com/news/articles/cgqn8e4e700o

Wow. The UK government is thinking of bailing out JLR. What a ...

2025-09-25T09:13:10Z

Wow. The UK government is thinking of bailing out JLR. What a case study on how absolutely critical cybersecurity risk management is.

Government considers financial support for JLR suppliers
https://www.bbc.com/news/articles/c62nv0xx32go

Nostr event nevent1qqst64uq82r7y8gkad8mf9zzllwyrmcc7d65g4dvf03cpfqtstslvvszypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665kct6ve

2025-09-23T18:22:21Z

https://www.wired.com/story/sim-farm-new-york-threatened-us-infrastructure-feds-say/

“Despite speculation in some reporting about SIM farm operation that suggests it was created by a foreign state such as Russia or China and used for espionage, it’s far more likely that the operation’s central focus was scams and other profit-motivated forms of cybercrime”

Thanks @npub1qax…dr3u @npub1vc3…axsh, neutrality is not an ...

2025-09-21T15:50:31Z

In reply to nevent1q…jukc
_________________________

Thanks Sam Bowne :donor: (npub1qax…dr3u)
BrianKrebs (npub1vc3…axsh), neutrality is not an option anymore. I do my spouting off over at bluesky for the most part.

"Noah Urban’s role in the notorious Scattered Spider gang ...

2025-09-19T11:48:59Z

"Noah Urban’s role in the notorious Scattered Spider gang was talking people into unwittingly giving criminals access to sensitive computer systems."

‘I Was a Weird Kid’: Jailhouse Confessions of a Teen Hacker
https://www.bloomberg.com/news/features/2025-09-19/multimillion-dollar-hacking-spree-scattered-spider-teen-s-jailhouse-confessions

I am begging...does anybody know how to stop Microsoft from ...

2025-09-10T09:52:32Z

I am begging...does anybody know how to stop Microsoft from automatically shutting down my laptop, ever? There is supposedly a setting to disable this but I can't find it. This is the fourth or fifth time it's happened that has set me back in terms of things I'm working on.

The Untold Saga of What Happened When DOGE Stormed Social ...

2025-09-08T11:41:24Z

The Untold Saga of What Happened When DOGE Stormed Social Security
https://www.propublica.org/article/inside-doge-social-security-takeover-leland-dudek

Euro banks block billions in rogue PayPal direct debits after ...

2025-08-28T12:21:24Z

Euro banks block billions in rogue PayPal direct debits after fraud glitch
https://www.theregister.com/2025/08/28/euro_banks_block_paypal_direct_debits/

I asked Sherrod, and she said all they know is that they are a ...

2025-08-27T18:45:07Z

In reply to nevent1q…pznq
_________________________

I asked Sherrod, and she said all they know is that they are a financially motivated threat actor but aren't capable of much attribution beyond that.

Microsoft issued a blog post today on a new hellacious ransomware ...

2025-08-27T18:05:56Z

Microsoft issued a blog post today on a new hellacious ransomware attack by Storm-0501 that hops from on-prem assets to the cloud and then deletes everything it can, including backups, while encrypting everything else.

Thanks to [@sherrod_im](https://twtr.plus/users/sherrod_im ) DiGrippo for sharing her thoughts with me on this brutal new attack chain.
https://www.csoonline.com/article/4046438/storm-0501-debuts-a-brutal-hybrid-ransomware-attack-chain.html

This is just sensationally bad: Microsoft struck a deal with the ...

2025-08-06T12:27:52Z

This is just sensationally bad: Microsoft struck a deal with the Israeli secret intelligence arm Unit 8200 that allowed it to build a powerful new mass surveillance tool that collects and stores recordings of millions of mobile phone calls made each day by Palestinians in Gaza and the West Bank.

‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians
https://www.theguardian.com/world/2025/aug/06/microsoft-israeli-military-palestinian-phone-calls-cloud

27 Behind the Scenes Polaroid Snapshots From the Making of the ...

2025-08-03T21:09:17Z

27 Behind the Scenes Polaroid Snapshots From the Making of the 1995 Cult Classic “Hackers”
https://www.vintag.es/2025/07/hackers-polaroids.html

Nostr event nevent1qqs2ux7lz2j7luvv47fzkkc8z62hrdpykq0gpqfmqa6a2dtpqzxqhvgzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t66535z80l

2025-08-03T08:21:35Z

https://www.tomshardware.com/tech-industry/cyber-security/leading-phone-repair-and-insurance-firm-collapses-after-paying-crippling-ransomware-demand-cutting-100-employees-to-just-eight-wasnt-enough

Leading phone repair and insurance firm collapses after paying crippling ransomware demand — Cutting 100+ employees to just eight wasn’t enough

OMFG "A hacker compromised a version of Amazon’s popular AI ...

2025-07-23T13:55:47Z

OMFG

"A hacker compromised a version of Amazon’s popular AI coding assistant ‘Q’, added commands that told the software to wipe users’ computers, and then Amazon included the unauthorized update in a public release of the assistant this month"
https://www.404media.co/hacker-plants-computer-wiping-commands-in-amazons-ai-coding-agent/?ref=daily-stories-newsletter

"Cognizant was not duped by any elaborate ploy or ...

2025-07-22T19:46:44Z

In reply to nevent1q…nkpr
_________________________

"Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques," according to a copy of the lawsuit reviewed by Reuters. "The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox's network, and Cognizant handed the credentials right over."

Lawsuit says Clorox hackers got passwords simply by asking ...

2025-07-22T19:44:58Z

Lawsuit says Clorox hackers got passwords simply by asking
https://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/

We are on our own now. The mainstream press has abandoned us.

2025-07-15T12:07:25Z

In reply to nevent1q…uuz8
_________________________

We are on our own now. The mainstream press has abandoned us.

Senate strikes AI provision from GOP bill after uproar from the ...

2025-07-01T18:10:24Z

Senate strikes AI provision from GOP bill after uproar from the states
https://apnews.com/article/congress-ai-provision-moratorium-states-20beeeb6967057be5fe64678f72f6ab0

Yeah, it's just part of the game, I guess. But when I talk to ...

2025-06-30T11:54:44Z

In reply to nevent1q…gkqe
_________________________

Yeah, it's just part of the game, I guess. But when I talk to cyber threat intel analysts about what foreign threat actors do to the US, I frequently ask the question: Do we not do the same thing? Like, haven't we hacked China's telecom infrastructure too?

A website developed for the UK Home Office's 2022 ...

2025-06-25T11:25:07Z

A website developed for the UK Home Office's 2022 "flop" anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.
https://www.theregister.com/2025/06/25/home_office_antiencryption_campaign_website/?mid=1#cid=2936061

Don't head out for the weekend until you've checked out ...

2025-06-20T13:40:27Z

Don't head out for the weekend until you've checked out today's Metacurity for the most critical infosec developments you should know, including

--Report of 16 billion credential breach debunked,
--Hegseth is under pressure to find Haugh's replacement,
--Israeli hackers released Nobitex source code,
--Czech president says China and Russia are hacking equals,
--China has repeatedly hacked Russia,
--Ryuk suspect extradited to US,
--Korean megachurch hacked to display DPRK flag,
--Oz kiddie social media ban nears reality,
--Krispy Kreme confirms 160K customers' data stolen,
--Oxford City Council hit by cyber incident,
--Taiwan's Feng Chia University hit by ransomware,
--X account of Andreessen Horowitz hijacked,
--New AI agent protocol can create malicious tickets,
--Banana Squad exploits GitHub to spread malware,
--Reputation-related cyber incidents cost shareholders 27%,
--Tadaweb raises $20m,
--France’s Gendarmerie has 100K Linux machines,
--Cloudflare blocked 7.3 Tbps attack,
--Poverty-stricken workers fired for susceptibility to hacker bribes
https://www.metacurity.com/report-of-16-billion-credentials-breach-debunked/

https://www.bbc.com/news/articles/cvg85r4yr5jo Your most ...

2025-06-18T08:50:33Z

https://www.bbc.com/news/articles/cvg85r4yr5jo
Your most sensitive data is apparently worth £10 but only if you spend £40.

Um, yeah... White House security staff warned Musk’s Starlink ...

2025-06-07T15:05:07Z

Um, yeah...

White House security staff warned Musk’s Starlink is a security risk
https://wapo.st/459sFuR

Exclusive: Legal Practice Board of Western Australia confirms ...

2025-05-28T08:59:49Z

Exclusive: Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack
https://www.cyberdaily.au/security/12158-exclusive-legal-practice-board-of-western-australia-confirms-dire-wolf-ransomware-attack

Good lord. "The brief attack appears to have been a test run ...

2025-05-20T21:44:38Z

In reply to nevent1q…ew96
_________________________

Good lord. "The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand."

This should be much bigger news. CrowdStrike discovered that ...

2025-05-16T12:34:34Z

This should be much bigger news.

CrowdStrike discovered that state officials in Rhode Island had been unaware for more than five months that its VPN system, managed by Deloitte, had been hacked. Deloitte didn't know until the hackers asked for a ransom.

Now, it looks like RI will sue Deloitte.

https://www.bostonglobe.com/2025/05/15/metro/ribridges-vpn-hack-ri-breach-personal-data-investigation-findings/

Here is the CrowdStrike report.
https://admin.ri.gov/sites/g/files/xkgbur536/files/2025-05/RIBridges%20Investigation%20Summary%20FINAL%20-%20External%20Release.pdf

The Coinbase hack is expected to cost the company up to $400 ...

2025-05-15T11:40:16Z

The Coinbase hack is expected to cost the company up to $400 million, and the company has launched a $20 million reward fund for information leading to the attackers’ arrest and conviction.
https://www.investing.com/news/stock-market-news/coinbase-discloses-security-breach-expects-impact-of-up-to-400m-4047654

"Looking back now on the flag-planting internet movies of ...

2025-05-11T21:39:31Z

"Looking back now on the flag-planting internet movies of 1995, it’s incredible how well they predicted the possibilities and horrors on the horizon."
https://www.fastcompany.com/91330930/30-years-hackers-the-net-predicted-possibilities-horrors-internet-culture-90s

Oh goodie... Generative AI will surpass cybersecurity in many ...

2025-05-07T13:07:54Z

Oh goodie...

Generative AI will surpass cybersecurity in many corporate tech budgets this year

https://www.geekwire.com/2025/generative-ai-tops-cybersecurity-in-2025-tech-budget-priorities-new-aws-study-finds/

What the actual f? "On Wednesday afternoon, Krebs received an ...

2025-05-01T14:48:07Z

What the actual f?

"On Wednesday afternoon, Krebs received an email saying that his Trusted Traveler Program status had changed. He logged into the program and learned his Global Entry program membership had been revoked."

https://www.cnn.com/2025/04/30/politics/chris-krebs-cbp-global-entry-revoked

Oracle engineers caused days-long software outage at U.S. ...

2025-04-29T11:06:23Z

Oracle engineers caused days-long software outage at U.S. hospitals
https://www.cnbc.com/2025/04/28/oracle-engineers-caused-days-long-software-outage-at-us-hospitals.html

Dozens of mobile providers across 35 countries are routing mobile ...

2025-04-18T12:24:53Z

Dozens of mobile providers across 35 countries are routing mobile traffic through major Chinese interconnect providers such as China Mobile International, China Telecom Global and China Unicom Global, allowing the Chinese telcos to conduct MITM attacks, track device locations in real time, intercept SMS and voice communications and "silently push spyware or malware onto target devices using signaling-level attacks."

https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/external/iverify-abusing-data-in-the-middle.pdf

Check out today's Metacurity for the most crucial infosec ...

2025-04-17T13:48:57Z

Check out today's Metacurity for the most crucial infosec developments you should know, including

--Krebs quits SentinelOne to fight Trump's punitive order
--Third parties step forward to insulate vulnerability reporting from US government whims,
--State Department shutters foreign disinformation monitoring office,
--Fraudulent bot students steal aid funding,
--DOGE returns to NLRB,
--UK minister's X account hacked,
--Apple issues emergency patches,
--much more
https://www.metacurity.com/krebs-quits-sentinelone-to-fight-trumps-punitive-order/

Oh wow. This just in from a CISA spokesperson: “The CVE Program ...

2025-04-16T11:44:47Z

Oh wow. This just in from a CISA spokesperson:

“The CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.”

I haven't listened yet, but folks I admire say that this TED ...

2025-04-14T11:57:54Z

I haven't listened yet, but folks I admire say that this TED talk is a killer.
https://www.youtube.com/watch?v=TZOoT8AbkNE&ab_channel=TED

Mandatory short duration TLS certificates are probably coming ...

2025-04-14T11:06:33Z

Mandatory short duration TLS certificates are probably coming soon
https://utcc.utoronto.ca/~cks/space/blog/web/ShortTLSCertificatesComing

Traders have climbed off their temporary euphoria of yesterday ...

2025-04-10T15:22:50Z

In reply to nevent1q…t4kp
_________________________

Traders have climbed off their temporary euphoria of yesterday and realized that Trump's tariffs have pushed other nations to flee the US as a reliable trading partners, and significantly raised the cost of Chinese imports, including components that all tech service providers, including cybersecurity companies, need.

Just g-damn. ...

2025-04-10T15:18:32Z

Just g-damn.

Chris Krebs and SentinelOne face a long slog to redress ...

2025-04-10T13:00:53Z

Chris Krebs and SentinelOne face a long slog to redress Trump's EO stripping them of their security clearances.

This is the latest in a string of similar punitive actions against a host of Trump "enemies." As one legal expert told me, “We might as well live in Stalin’s Soviet Union.”

Check out my latest piece in CSO.

Trump revokes security clearances for Chris Krebs, SentinelOne in problematic precedent for security vendors

https://www.csoonline.com/article/3958808/trump-revokes-security-clearances-for-chris-krebs-sentinelone-in-problematic-precedent-for-security-vendors.html

Exclusive: DOGE staffer, 'Big Balls', provided tech ...

2025-03-26T12:11:44Z

Exclusive: DOGE staffer, 'Big Balls', provided tech support to cybercrime ring, records show
https://www.reuters.com/world/us/doge-staffer-big-balls-provided-tech-support-cybercrime-ring-records-show-2025-03-26/

CEO of AI ad-tech firm pledging “world free of fraud” ...

2025-03-23T15:41:10Z

CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud
https://arstechnica.com/gadgets/2025/03/ceo-of-ai-ad-tech-firm-pledging-world-free-of-fraud-sentenced-for-fraud/

The greatest thing of the day - when Microsoft needlessly ...

2025-03-17T11:13:45Z

The greatest thing of the day - when Microsoft needlessly demanded a PoC video for a vulnerability that analyst Will Dormann discovered and was well-documented, he submitted a 15-minute video that contained a clip from Zoolander, in which the protagonist unveils the "Center for Kids Who Can't Read Good," as well as a punchy techno backing track while wasting the reviewer's time with approximately 14 minutes of inactivity.
https://www.theregister.com/2025/03/17/microsoft_bug_report_troll/

Exclusive: Fired US government workers with top security ...

2025-03-04T17:19:30Z

Exclusive: Fired US government workers with top security clearances were not given exit briefings, sources say
https://www.reuters.com/world/us/fired-us-government-workers-with-top-security-clearances-were-not-given-exit-2025-03-04/

Nostr event nevent1qqstn7ly90j5aphzm3dcj4rdu57kfw7w7grq6ysckx6n60ctmpcevqszypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665q7c3yx

2025-03-02T11:28:50Z

https://www.cnn.com/2025/02/28/politics/us-intel-russia-china-attempt-recruit-disgruntled-federal-employees/index.html

Exclusive: US intel shows Russia and China are attempting to recruit disgruntled federal employees, sources say

Penetration Testers Arrested During Approved Physical Penetration ...

2025-02-10T12:24:09Z

Penetration Testers Arrested During Approved Physical Penetration Testing
https://gbhackers.com/penetration-testers-arrested-during-approved-physical-penetration-testing/

Nostr event nevent1qqstr622z9zsy5g50ryha9clgs75s2vtlmczudmmjw5uyzrtptzvrmczypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t6650sllw0

2025-02-06T08:22:40Z

https://www.wired.com/story/edward-coristine-tesla-sexy-path-networks-doge/

DOGE’s Mr. Big Balls owns dozens of Russian domains, one active Russian website, tried to buy powerful DDoS capability and so much more.

And yes, he’s still a teenager.

“If I was doing the background investigation on him, I would probably have recommended against hiring him for the work he’s doing,” says EJ Hilbert, a former FBI agent who also briefly served as the CEO of Path Network prior to Coristine’s employment there.

"The DOGE personnel demanded to be let in and threatened to ...

2025-02-02T17:46:53Z

"The DOGE personnel demanded to be let in and threatened to call US Marshals to be allowed access, two of the sources said.

Three of the sources said the DOGE personnel wanted to gain access to security systems and personnel files. Two of those sources said also they wanted access to classified information."

Senior USAID security officials put on leave after refusing Musk’s DOGE access to agency systems
https://www.cnn.com/2025/02/02/politics/usaid-officials-leave-musk-doge/index.html?cid=ios_app

Musk has locked OPM workers out of their computer systems. ...

2025-01-31T21:09:54Z

Musk has locked OPM workers out of their computer systems.

Exclusive: Musk aides lock government workers out of computer systems at US agency, sources say
https://www.reuters.com/world/us/musk-aides-lock-government-workers-out-computer-systems-us-agency-sources-say-2025-01-31/

Folks, I haven't been posting on Facebook or Instagram for at ...

2025-01-24T11:09:18Z

Folks, I haven't been posting on Facebook or Instagram for at least a week and don't intend ever to post there again.

But with X and Threads out of the question, the only social media outlets I have to help boost the circulation of Metacurity are this one and one over at BlueSky.

So, if you can, please help me keep Metacurity growing by boosting my posts here or passing on the site to your colleagues. Thank you.

Instagram and Facebook Blocked and Hid Abortion Pill Providers’ Posts

https://www.nytimes.com/2025/01/23/technology/instagram-facebook-abortion-pill-providers.html?smid=nytcore-ios-share&referringSource=articleShare

"Norway is sounding the alarm after discovering that Russia ...

2025-01-18T14:48:51Z

"Norway is sounding the alarm after discovering that Russia is no longer only disrupting the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation."

"We were spoofed on approaching Kirkenes today”
https://www.thebarentsobserver.com/news/we-were-spoofed-on-approaching-kirkenes-today/423323

that’s weird. When I click on it I don’t have the same issue.

2024-12-28T12:29:05Z

In reply to nevent1q…f3r2
_________________________

that’s weird. When I click on it I don’t have the same issue.

Nostr event nevent1qqs8xdp7mzmdhe840cwh5hsyyhsaj3lw37k4fjxpujqwwtkq75qw8hgzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665zh2nqc

2024-12-28T11:50:49Z

https://www.nicholsonstudentmedia.com/news/hackers-steal-more-than-100k-from-ucf/article_1c9ae4a4-bd07-11ef-b191-135f176344d2.html

This is interesting. A BEC scammer flooded the University of Central Florida’s inbox with spam to prevent the school from reading an email from a vendor who denied the veracity of a fake invoice.

“However, due to what the audit described as an email bomb, or an intentional influx of emails sent in an attempt to cover up a scam, responses were delayed because of the amount of spam in the university's inboxes.”

Nostr event nevent1qqswlh4gzu63lmzsjdmvda7djfp3pd8mr6my568y3stvr7v65t9yy0gzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665n7s6qz

2024-12-14T11:03:16Z

https://www.golocalprov.com/news/ri-massive-hack-hundreds-of-thousands-ss-banking-information-names-dob

Right before Christmas, RI is forced to close its SNAP food and Medicaid systems due to what sounds like a ransomware attack.

“At an unprecedented Friday night press conference held by Governor Dan McKee, he claimed that the State of Rhode Island was first notified on December 5 of a potential major massive cyberattack.

McKee disclosed late on Friday that the state’s system to support everything from SNAP benefits to Medicaid to HealthsourceRI are all now closed.”

Nostr event nevent1qqsr0sy2dasrnnmpat4l8z7xw0eynrx30ag5zl2ktcc94kwagjdp0egzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t6654cr4ax

2024-12-08T10:37:27Z

https://www.timesofisrael.com/liveblog_entry/syrian-sources-say-assad-may-have-been-killed-in-plane-crash-during-escape/
Reuters hasn’t confirmed it but reports are that Assad was killed in a plane crash.

Not a good month for telecoms! Scattered Spider Teen Hacked ...

2024-12-04T22:59:29Z

Not a good month for telecoms!

Scattered Spider Teen Hacked Telecoms to Spam Victims, US Says
https://www.bloomberg.com/news/articles/2024-12-04/scattered-spider-teen-hacked-telecoms-to-spam-victims-us-says

Interesting. Why would they be filtering some networks?

2024-12-04T13:20:05Z

In reply to nevent1q…l4rd
_________________________

Interesting. Why would they be filtering some networks?

The German Federal Police (BKA) website has been offline for ...

2024-12-04T13:09:39Z

The German Federal Police (BKA) website has been offline for quite a while this morning.

I'm not saying there is a connection, but yesterday, news broke that the BKA helped take down the cybercrime marketplace Crimenetwork and I've been trying to read the BKA's statement for about an hour.

Nostr event nevent1qqszrdx2rz2cunv2r3y6chp0sneptewkynmtkxlgt5pkd5c740w79sqzypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665gj5pv7

2024-11-29T19:56:21Z

https://www.nytimes.com/2024/11/29/world/canada/canada-openai-lawsuit-copyright.html

Major Canadian News Outlets Sue OpenAI in New Copyright Case

I can see how the writer interpreted the small MSP space ...

2024-11-27T19:01:23Z

In reply to nevent1q…fzmg
_________________________

I can see how the writer interpreted the small MSP space "really doesn't matter" as "won't be missed."

But I will delete my toot that quoted the article directly to not create any confusion.

Same and I’ve been this way for nearly two weeks for some ...

2024-11-18T20:26:58Z

In reply to nevent1q…mmh5
_________________________

Same and I’ve been this way for nearly two weeks for some reason.

Check out today's Metacurity for the most critical infosec ...

2024-11-18T13:53:24Z

Check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including

--T-Mobile hacked yet again, this time by China's Salt Typhoon
--Rand Paul guns for CISA,
--Trump wants relaxed cyber rules,
--Easterly to leave CISA on 1/20,
--Library of Congress emails hacked,
--Turkey fines Twitch for breach,
--Pro-Russian hackers breached German stats agency,
--Hacker returns $25M to Thala Labs,
--Hacker steals $12M from Polter Finance,
--much more
https://www.metacurity.com/t-mobile-hacked-yet-again-this-time-by-chinas-salt-typhoon/

"sex trafficking drug addicted piece of shit" 😂

2024-11-14T20:07:57Z

In reply to nevent1q…rnwu
_________________________

"sex trafficking drug addicted piece of shit" 😂

It's funny, but the tiniest blip of news results in a cascade ...

2024-11-11T22:12:07Z

It's funny, but the tiniest blip of news results in a cascade of emails from PR folks pushing their experts for commentary.

After last week's election earthquake, I have received precisely zero emails from folks offering up their experts for comment.

State Department Division That Battles Foreign Disinformation ...

2024-11-10T16:02:25Z

State Department Division That Battles Foreign Disinformation Faces Closure
https://www.wsj.com/politics/national-security/state-department-division-that-battles-foreign-disinformation-faces-closure-315e58b7

I deleted mine yesterday after not posting there for over two ...

2024-11-07T15:12:06Z

In reply to nevent1q…2xzh
_________________________

I deleted mine yesterday after not posting there for over two years.

Nostr event nevent1qqsfazrt466m2r04hgeett2k2c78ukquvm2m4gnmymgnplpxj8ymmzszypagmrtw4apcck4kanpx6xj8h7e3xrwegu070j3ulddxtakv6t665nqechl

2024-11-06T08:09:03Z