Mastodawn

Daniel Gordon Nov 21, 2022

@Johnhultquist I know advertising spending probably got allocated a while ago but this Twitter advertising is probably the final straw for me to stop tipping things to Mandiant, both for influence ops and typical hacking activity.

Daniel Gordon Nov 21, 2022

Patrick Gray Nov 21, 2022

Today on Risky Biz:

* Tom Uren and @thegrugq talk about why EU plan to regulate 0day won't do much on Spyware. That podcast up imminently in Risky Business News RSS feed (site currently building)

* News bulletin podcast and newsletter out at 2:30pm AEST
- Some Cyber Partisans action
- Vanuatu government ransomware update
- Russia moves towards cybercrime proceeds forfeiture laws (lol corruption gonna be amazing)
- Free Wickr app gets the Amazon razor
- More

* A long form interview I did with head of developer relations from Snyk: How can CSOs help foster a good secure dev culture within dev org? Still working on that one but will be out later today in the primary RSS feed.

Looks like I'll be spending a bit more time on Mastadon now because this is clearly where the action is. :)

Daniel Gordon Nov 21, 2022

Dmitri Alperovitch Nov 20, 2022

There is far too little recognition of the fact that the US Intelligence Community’s ability to discover Russian invasion plans and share them with Ukraine is one of the greatest intelligence successes of the last 50 years and has had a critical impact on thwarting Putin’s imperialist ambitions.

They knew the Russian war plans better than most of the Russian military executing the invasion (who mostly had no idea they were going to war) and even members of Putin’s Security Council! Remarkable!

Daniel Gordon Nov 20, 2022

Mx Cazzo 🏳️‍🌈Nov 20, 2022

Daniel Gordon Nov 19, 2022

Forcing remote employees to physically come into an office for a meeting that could be virtual was dumb even before the pandemic. Large meetings are mostly a forum for announcements or training and are generally a terrible way to actually accomplish work.

Daniel Gordon Nov 19, 2022

Lesley Carhart

Nov 18, 2022

#FF Just a few hackers who have made my life better this year: @alyssam_infosec @cillic @SwiftOnSecurity @film_girl @selenalarson @Blenster @jeffmcjunkin @gossithedog @Nerdpyle @malwaretech @PhilHagen @Medus4 @troyhunt @JaysonEStreet @mzbat @ErrataRob @blowdart @accidentalciso @argv @tinker @spaf @jack_daniel @reverseics

Daniel Gordon Nov 18, 2022

Hexa Nov 18, 2022

I really want people to take away from twitter’s downfall that billionaires are a corrosive element on every aspect of human society. This moment is symbolic of a greater lesson. Wealth hoarding should be limited.
You can disagree with me about where the limit is, but it’s tough to dispute the detriment effects a few people with obscene, grotesque wealth have on our social fabric.

Daniel Gordon Nov 18, 2022

zeno's paradox speedrunner Nov 18, 2022

A few things all the new infosec peeps should know.

Boost this for visibility please.

Text search does not work here

So if you're going to post an IOC in any way, it's best to at least add the hashtag "#IOC" to the post.

All punctuation breaks hashtags, except for underscore.

I don't currently know of any efforts to track that hashtag and index the IOCs being shared. However, once a project takes off to do that, having them historically in the hashtag would be good.

If you know of a project to start doing that, please reply to this and share.

Other hashtags people have commented That have been used, but at least #IOC should be used:
#ThreatIntel
#ThreatIntelligence
#IOCs

....we return you to your regularly scheduled home timeline...

Daniel Gordon Nov 18, 2022