The most frustrating thing about this book is that it stops in the past, rather than continuing to narrate this history right up to the present, then predicting what happens next.

Robertson Dean narrates engagingly.

#DavidESanger #RobertsonDean #ThePerfectWeapon #Book #Audiobook #NewYorkTimes #CyberWar #CyberWeapons #CyberSecurity #InformationSecurity #ElectionSecurity #NationalSecurity #Stuxnet #OperationOlympicGames #USGovernment #NationalSecurityAgency #NSA #CentralIntelligenceAgency #CIA #USCyberCommand #USCYBERCOM

It's been a mixed bag of cyber news over the last 24 hours, with a significant update on a high-profile hacker's sentencing, a concerning widespread compromise of VPNs, and some intriguing insights into how threat actors are weaponising legitimate tools. Let's dive in:

High-Profile Hacker Faces Prison, SonicWall VPNs Compromised ⚠️

- A 19-year-old hacker, Matthew Lane, is facing a seven-year prison sentence for breaching PowerSchool, exposing data of 60 million students and 9 million teachers, including sensitive details like Social Security numbers and medical conditions.
- Lane demanded a 30 BTC ransom and used sophisticated operational security, but PowerSchool's lack of multi-factor authentication was a key enabler of the breach, which cost the company over $14 million.
- Separately, Huntress has warned of widespread compromise of SonicWall SSL VPN devices, with over 100 accounts impacted across 16 customers, where threat actors are using valid credentials, potentially linked to a prior exposure of MySonicWall cloud backup files.

🗞️ The Record | https://therecord.media/powerschool-prison-sentence-hacker
📰 The Hacker News | https://thehackernews.com/2025/10/experts-warn-of-widespread-sonicwall.html

DFIR Tool Weaponised in Ransomware Attacks 🛡️

- Threat actor Storm-2603 (aka CL-CRI-1040 or Gold Salem), known for LockBit and Warlock ransomware, is now weaponising Velociraptor, an open-source digital forensics and incident response (DFIR) tool.
- The group exploits SharePoint vulnerabilities (ToolShell) for initial access, then deploys an outdated Velociraptor version (0.73.4.0) susceptible to a privilege escalation flaw (CVE-2025-6264) to gain arbitrary command execution.
- Storm-2603's sophisticated tactics, rapid development cycles, and operational security measures suggest potential ties to Chinese nation-state actors, with recent attacks also involving Babuk ransomware.

📰 The Hacker News | https://thehackernews.com/2025/10/hackers-turn-velociraptor-dfir-tool.html

US Cyber Command and NSA Leadership Shake-Up 🇺🇸

- Army Lt. Gen. William Hartman, acting head of US Cyber Command and the National Security Agency, will not be nominated for the permanent leadership role and has submitted his retirement paperwork.
- The decision reportedly stems from his failure to impress key Defense Department leaders, further complicating a prolonged leadership transition at both critical organisations.
- This development also highlights ongoing internal discussions within the Trump administration regarding the future of the "dual-hat" leadership arrangement for Cyber Command and the NSA.

🗞️ The Record | https://therecord.media/william-hartman-not-nominee-nsa-cyber-command

#CyberSecurity #ThreatIntelligence #Ransomware #APT #CyberAttack #Vulnerability #IncidentResponse #DFIR #NationalSecurity #USCyberCom #NSA #InfoSec

Head of #NationalSecurity Agency & #Cyber Command Is Ousted

No reason was given for the removal of Gen. Timothy D. Haugh, but the #FarRight #ConspiracyTheorist #LauraLoomer had called for his ouster in a meeting with #Trump, an official said.

#NSA #USCyberCom #DOD #military #USmilitary #MilitaryPreparedness #USpol #idiocracy #kakistocracy
https://www.nytimes.com/2025/04/03/us/politics/nsa-cyber-command-chief-fired.html?smid=nytcore-ios-share&referringSource=articleShare&sgrp=p&pvid=5EEED3CC-7459-4B93-9861-7531F383E2EB

Es gab diese Woche ein Hin und Her über die angebliche Einstellung von US-Cyberoperationen gegenüber Russland. Eine kleine Einordnung (allerdings aufgenommen, bevor das Dementi zur Einstellung vom Pentagon kam): https://percepticon.de/landing-page/

#cybersicherheit #UScybercom #pentagon #Russland

Regarding #musk 's #coup :

His agents are securing direct communication and control over the federal bureaucracy by attacking and controlling #opm and #gsa #IT systems. Thread about that here: https://federated.press/@NiftyLinks/113927598764386780

Simultaneously, they're attempting to get control of the centralized #finance and #monetary payment systems at the department of the #treasury ?

Where's #uscybercom and the #NSA?

https://www.thecipherbrief.com/nsa-director-salt-typhoon-not-the-highest-end-operation-that-weve-seen

General Timothy Haugh, Director of the #NSA and Commander of #USCYBERCOM, said on Thursday that U.S. cyber defenses failed to identify recent Chinese breaches of American telecommunications networks, and were only made aware following an alert from Microsoft. “We did not see activity in U.S. telecommunications networks,”…A #MicrosoftFlare ultimately alerted the government to the breach that is now known as #SaltTyphoon…”