hi! im back from vacay. send me important infrastructure cyber stuff to write about:
signal: chrismvasq.42
email: christian.vasquez
@cyberscoop
.com
proton: chrismvasq
@protonmail
.com
hushline:
🚨 We are incredibly excited to welcome
@chrismvasq
to the CyberScoop team where he'll be digging into
#grid
security, covering
@ENERGY
and all things
#industrial
#infosec
. He'll also head up a revamped newsletter coming to your inboxes soon. Welcome aboard Christian!
NEW: I spoke to more than a dozen cybersecurity professionals about mental health. I heard stories of burnout, stress, anxiety and depression in an industry under extreme pressure. But I also found individuals working to make those conditions better.
🚨 PERSONAL NEWS 🚨: Today I started anew at
@CyberScoopNews
, where I was senior editor back before I joined then left The Washington Post. This time around I'll be senior reporter.
The Messenger is shutting down, which means I’m looking for a new job.
I've reported on cybersecurity since 2014, and I'm excited to continue covering it as it becomes even more important to our daily lives.
If you think your newsroom needs a cyber reporter, please reach out.
"Now Google says it is tightening its BIMI verification process and is blaming an unnamed “third-party” for allowing its services to be used in ways that bypassed its security controls and delivered spoofed messages to inboxes." via
@AJVicens
really interesting group 👀
"The ransomware group wrote that it won’t target companies based in Africa, Latin America 'and other colonized countries, with the exception of a few big ones of foreign investors or shitty industries.'" via
@AJVicens
“That 5,000-6,000 people that come from the services, they’re not being trained consistently, their readiness over the last half a decade has been flat despite increased attention...” Montgomery said.
via
@MarkAPomerleau
The winner of the first CTF in space is...mHACKeroni! Major congrats to the team that won a pretty historic event.
mHACKeroni is a team of 60 from Italy that beat out five teams for the final CTF. (Again in actual space.)
#DEFCON31
#defcon
“In Microsoft’s case you have a culture which denies the criticality of vulnerabilities,” Yoran told CyberScoop in an interview.
via
@EliasGroll
&
@AJVicens
NEW —> How Ukraine’s electric grid operator —-with the help of the US Air Force — quietly imported equipment custom-built to resist Russian electronic warfare to keep the lights on this winter.
"The new study found that in the week after the dam was destroyed, Russian diplomatic and media accounts tweeted “Kakhovka” or “dam” more than 1,300 times, earning nearly 200,000 retweets and more than 480,000 likes." via
@SuzanneMSmalley
"Microsoft concludes that a
group it is calling “Cadet Blizzard” is behind a wave of attacks since February 2023 targeting not only
Ukraine, but also NATO member states providing military assistance to Ukraine." via
@AJVicens
We can’t wait to see everyone next week at
#ETS2024
! In 3 days, we’ll convene with industry experts to discuss
#GridModernization
+ clean energy
#cybersecurity
. Have you seen the agenda? A full list of sessions and speakers is now available:
🚨WE WON! 🥳‼️
We have a tentative agreement on a contract that will give our members more money and job protections and resolve our ULP.
Our strike is over - we’re going back to work tomorrow!🎉
“"I've never seen anything even remotely close to 50 percent, not to mention 76 percent," CHEQ founder and CEO Guy Tytunovich told Mashable regarding X's fake traffic data.”
l o l
"Authentication options for toilets in the study were fingerprint and anal print. For anal print [15], it is not clear that it can function as a responsible biometric."
🧐
"The system we intend to build on the moon, dubbed LunaGrid, will consist of a network of solar-power generating stations, or nodes, connected by transmission cables."
@Gi7w0rm
Note: Per the insights from a space nerd,
@SWGlassPit
, this is publicly available telemetry originally released for a now defunct project known as ISS live.
tl;dr ISS lets you monitor pee-pee and poo-poo? We had no idea =D
Real-time monitoring is here:
Good read!
“While many entities have a stake in the cybersecurity of DER technologies (NERC, NIST, IEC, DOE, CISA, etc.), there are no current cybersecurity requirements for vendors or asset owners,” from
@CyberSnark
Brian Mazanec, dir of office of preparedness at HHS, points to an interesting study indicating that cyberattacks against hospitals impact more than just the targeted facility but has a "blast radius" sort of impact on the surrounding area much like conventional physical disasters
contractor was just like 🤪 😝
"records for Biden and Harris were accessed by “a Department support contractor” although the president and vice president are exempt from counterintelligence evaluations under DOE’s review program." via
@KevinBogardus
@EENewsUpdates
Tasked with doing counterintel reviews on Biden and Harris, an
@ENERGY
contractor accessed their personnel records — putting the president and vice president's private info at risk of being compromised
I got the report under
#FOIA
#FOIA4eva
Hello Thunderbird Family! After nearly 20 years, we are thrilled to share a completely redesigned Thunderbird logo that honors our history and vital connection to
@mozilla
, while carrying us forward into the next 20 years.
“Using leads found in the leaked data, reporters produced dozens of stories revealing the myriad ways in which organized crime groups are evolving, expanding, and experimenting in the modern world — while leaving new victims along the way.”
Looking forward to reading
#NarcoFiles
This is a new beginning for global investigative reporting collaborations. Organized crime is the public enemy and journalists are focusing their investigative power on it.
"According to the police department’s preliminary investigation, an unknown individual gained access to the facility and manipulated a control panel for the electrical system. PG&E’s security personnel notified the FBI after the incident."
Workers
@washingtonpost
are walking off the job for 24 hours on Dec. 7th.
✊Show solidarity by signing the letter to the Publisher:
✊Respect the picket line by avoiding Post journalism during the walkout
SCOOP: Footage from a food delivery robot in Los Angeles was given to the LAPD as evidence and used to secure a criminal conviction, according to internal emails I got using a public records request
cc
@FilmThePoliceLA
Some ✨personal news ✨: After nearly 2.5 years, today is my last day at
@CyberScoopNews
.
I'm incredibly excited to be starting next week as a senior privacy reporter at
@BLaw
!
🚨Turn off new default Twitter audio and video calling feature to prevent unwanted interactions🚨
Just went to my direct message settings here and found audio and video calling enabled by default (new feature, rolling out over time).
Highly recommend disabling this to prevent
Personal News:
New year, new gig! Thrilled to announce I’ll be joining
@CyberScoopNews
starting this week, where I’ll be covering election security, disinformation and other cyber news.
Sources: reach me at Derek.Johnson
@cyberscoop
.com. Email/DM for Signal. I’d love to connect!
v curious how this is applied in certain situations. if a domestic abuse victim is searching for help, are the results something that profits google most? medical advice? mental health issues? it's such a fundamental part of everyday life
"it appears that Amtrak’s cybersecurity team has yet to make a complete and centralized inventory of its operational technology, and does not have “immediate access” to the separate spreadsheets where they are currently tracked." reports
@rebheilweil
Eric Goldstein said that the pre-ransomware notification pilot has been used over 300 times so far at a Homeland Security & Defense Forum event. Dir. Easterly said at the beginning of May that it was 225. So 75 new notifications since early May.