4uit_GB

@4uit_GB@infosec.exchange
1 Followers
25 Following
27 Posts
4uit_GBApr 24
Kevin BeaumontApr 24

Google’s M-Trends 2025 report is out - data from Mandiant’s incident response engagements. Direct PDF link to avoid the sales pitch wall:

https://services.google.com/fh/files/misc/m-trends-2025-en.pdf

Thread about my main observations:

- Firstly, no mention of generative AI or GenAI again. This is in common with Sophos incident response, ESET, etc etc etc. You’ll see why as we get into the data.

4uit_GBApr 16
Kevin BeaumontApr 15

Wow. CVE database is in serious trouble, tomorrow.

The cyber industry as a whole is in trouble also really, it’s the elephant in the room - the collapse of the White House’s support for cybersecurity is obvious and pronounced due to widespread cutbacks.

4uit_GBMar 24
Kevin BeaumontMar 24
The Trump admin uses Signal to coordinate military operations... and somebody in the Signal group added a member of the press into the group about which targets to bomb in error, and didn't notice. https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/
The Trump Administration Accidentally Texted Me Its War Plans

U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.

The Atlantic
4uit_GBSep 10, 2024
Kevin BeaumontSep 10, 2024

If populist political parties campaigning against immigration genuinely wanted to limit immigration, they would make climate change one of their top priorities - as climate change is 100% going to drive migration.

A portion of our planet is going to become uninhabitable in the lifetime of our children, which will drive people to migrate.

4uit_GBMay 22, 2024
Show threadKevin BeaumontMay 21, 2024

I've written up my thoughts on the Copilot Recall feature in Microsoft Copilot+ PCs

I think it will enable fraud and endanger users, and is not the sign of a company who are committed to security first.

https://doublepulsar.com/how-the-new-microsoft-recall-feature-fundamentally-undermines-windows-security-aa072829f218

How the new Microsoft Recall feature fundamentally undermines Windows security

Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by…

DoublePulsar
4uit_GBJan 10, 2024
Kevin BeaumontJan 10, 2024

⚠️ want a highly impactful, actively exploited border gateway zero days situation to wake you up?

Ivanti Pulse Secure aka Ivanti Connect Secure and Ivanti Policy Secure Gateway customers - prepare to deploy mitigations and await follow on patches.

In the wild exploitation, probable nation state - includes authentication (including MFA) bypass and code execution.

Looks like Ivanti have done a really good job identifying.

I call it ConnectAround. #threatintel #connectaround

4uit_GBApr 26, 2023
Kevin BeaumontApr 26, 2023

I recently took a look at Mandiant's yearly M-Trends report (link https://cyberplace.social/@GossiTheDog/110220117253124508 ), so I decided to have a look at Sophos' yearly Sophos X-Ops Incident Response report.

Thread time!

The results are very similar to Mandiant's finding at a top line. E.g. dwell time is down, and your data will get stolen by ransomware groups.

https://news.sophos.com/en-us/2023/04/25/2023-active-adversary-report-for-business-leaders/

Kevin Beaumont (@GossiTheDog@cyberplace.social)

Attached: 1 image Things I found interesting in Mandiant's M-Trends 2023 report, a thread. This is their yearly report on cybersecurity. Direct link to PDF, to avoid the sales lead generator: https://mandiant.widen.net/s/dlzgn6w26n/m-trends-2023 For starters - dwell time - how long orgs take to detect incidents - is at its lowest ever, at 16 days (13 days for internal incidents). "Improvements in global median dwell time in 2022, regardless of detection source, enabled organizations to respond to incidents faster than ever before."

Cyberplace