You know how cybersecurity is a market for lemons? This creates an opportunity for lemonade makers.

I share some thoughts on why and how this happens.

https://open.substack.com/pub/defendersinitiative/p/cybersecurity-a-market-for-lemonade?r=74yjk&utm_campaign=post&utm_medium=web&showWelcomeOnShare=false

DEF CON legal update: Truth is a complete defense against defamation.

The Hadnagy lawsuit against us is over. Summary judgement. Dismissed, with prejudice.

We look forward to returning our full attention to the community and conference we love.

We also thank everyone who came forward to help keep our community safe. We know it’s not an easy choice, but the world is better for it.

This victory is encouraging. We hope it makes attendees feel safe reporting CoC violations . We hope it demonstrates our commitment to protecting attendees from misconduct. Mostly, we hope our amazing community will continue looking out for each other. We will always have your back.

You can read the judgment here https://storage.courtlistener.com/recap/gov.uscourts.wawd.329575/gov.uscourts.wawd.329575.119.0.pdf . Stay tuned for a more detailed report.

#defcon #legalupdate

Saw an interesting invoice fraud technique recently where the fraudsters ‘built’ an email thread between an exec and themselves discussing the services apparently sold, the exec suggesting that payment would be made quickly to take advantage of a discount, before directing them to the correct email address in finance to pay the thing.

So finance gets tagged onto the end of what looks like a legit thread between an exec and a service provider and sort of indirectly instructed to pay.

A natural use case for a gen AI bullshit generation machine, generating bullshit.