Just a quick intro post to say hello!

I'm a mid-40s woman in tech and security engineer. I'm neurodivergent, genderfluid, and my pronouns are she/they.

I tend to use Mastodon for the things I love and enjoy, and I'll include a few of them in the hashtags.

Sharing a pic of me wearing my comfy Dustrial hoodie. In case I look familiar, I have migrated from elsewhere on the Fediverse!

#introduction #WomanInTech #cats #knitting #crochet #creativity #SerialExperimentsLain #nature #SecurityEngineering #snails

Incident overview: LexisNexis Legal & Professional division.

Confirmed unauthorized access to limited servers containing mostly legacy data (pre-2020). Data reportedly included:
• Customer identifiers
• Business contact information
• Support tickets, survey IP addresses
• Account records for agencies and firms

Company position:
– Contained incident
– No SSNs or financial data involved
– No product/service compromise observed
– Forensic firm engaged, law enforcement notified

Legacy data remains a recurring exposure vector:
Weak segmentation
Reduced monitoring priority
Accumulated credential reuse
Extended retention without operational necessity
Are your deprecated systems treated as high-risk assets or low-priority archives?

Source: https://therecord.media/lexisnexis-says-hackers-accessed-legacy-data

Engage below.
Follow TechNadu for infosec, breach intelligence, and enterprise risk analysis.
Repost to inform your network.

#Infosec #DataBreach #LexisNexis #LegacyInfrastructure #CyberIncident #SecurityEngineering #RiskManagement #ThreatModeling #DataProtection #CyberResilience #SecurityNews

Third-party ecosystems are structurally exposed.
Black Kite’s 2026 report reframes supply chain cyber risk from “weakest link” theory to concentration dynamics.

Key systemic indicators:
• 5.28 downstream victims per breach (2025 average)
• 10-day median detection vs. 73-day median disclosure
• 53%+ organizations with at least one critical vulnerability
• 23%+ with corporate credentials exposed

Top 50 shared vendors:
– 70% KEV exposure
– 84% CVSS ≥ 8
– 62% stealer-log credential presence
– 52% breach history

Shared infrastructure nodes are now strategic attack surfaces.
Security teams must shift toward:
Dependency mapping
Concentration analytics
Active intelligence monitoring
Exposure propagation modeling
Is your organization modeling systemic fragility — or auditing in isolation?

Source: https://blackkite.com/press-releases/black-kites-2026-third-party-breach-report-identifies-risk-concentration-as-the-primary-catalyst-for-global-cascading-failures

Engage below.
Follow TechNadu for advanced infosec, vendor risk, and threat intelligence coverage.

#Infosec #ThirdPartyRisk #VendorSecurity #ThreatIntelligence #CISAKEV #CyberExposure #Ransomware #SupplyChainSecurity #SecurityEngineering #CyberResilience #RiskAnalytics

DDoS targeting sovereign digital infrastructure.
Roskomnadzor and the Russian Defense Ministry reported a large, multi-vector distributed denial-of-service campaign impacting regulator and telecom monitoring systems.

Technical considerations:
• Multi-source botnet traffic
• Cross-border server origination
• Targeted state-level digital infrastructure
• Temporary availability disruption
No attribution confirmed. No public claim of responsibility.

For security architects:
- Are traditional volumetric defenses sufficient against complex multi-vector campaigns?
- How should national agencies design redundancy against sustained L3/L7 hybrid floods?
- What role does geopolitical signaling play in non-destructive cyber operations?

Engage below.
Follow TechNadu for threat intelligence, DDoS analysis, and cyber operations reporting.
Repost to elevate discussion in the security community.

#Infosec #DDoSDefense #ThreatIntel #NetworkSecurity #CyberOperations #GeopoliticalRisk #DigitalInfrastructure #SecurityEngineering #CyberResilience #BotnetActivity #GlobalThreats

Incident Summary:
Victim: Wynn Resorts
Threat Actor: ShinyHunters
Impact: Employee data accessed
Claim: 800k+ PII records
Alleged vector: Oracle PeopleSoft environment

Operational notes:
• Incident response + external experts engaged
• Leak site entry removed
• Credit monitoring deployed

ShinyHunters TTPs historically include:
– Vishing against SSO
– OAuth token abuse
– Device code phishing targeting Entra / identity ecosystems
– SaaS data exfiltration
Identity is the pivot point.

Source: https://www.bleepingcomputer.com/news/security/wynn-resorts-confirms-employee-data-breach-after-extortion-threat/

Follow us for tactical threat briefings.
Share detection or IAM hardening insights below.
#Infosec #ThreatIntel #IdentitySecurity #SSO #MFA #ShinyHunters #CyberExtortion #DataProtection #IAM #SOC #BlueTeam #SecurityEngineering

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

The sentencing of Oleksandr Didenko highlights the operational mechanics of North Korea’s IT worker revenue scheme.

TTPs included:
• Identity theft & resale infrastructure
• U.S.-based laptop farms
• Remote access tooling
• Money transmitter accounts
• Tax filings under stolen identities
The Federal Bureau of Investigation linked the activity to broader nation-state revenue generation.
The United Nations estimates up to $600M annually generated via embedded IT workers.
Technical mitigation questions:
- Device attestation + hardware-bound identity?
- Continuous behavioral authentication?
- Payroll anomaly detection?
- Zero-trust for remote contractors?

Drop your technical countermeasures below.

Source: https://therecord.media/north-korea-laptop-farm-ukraine

Follow Technadu for advanced cyber threat reporting.

#ThreatModeling #InsiderThreat #NorthKorea #IdentityManagement #ZeroTrust #RemoteAccessSecurity #CyberCounterintelligence #FraudDetection #Infosec #SecurityEngineering #RiskManagement #CyberIntelligence