Discover and read the best of Twitter Threads about #cyber

Most recents (24)

The most common question I get is how do I work in tech policy? The biggest barrier is that these roles are often under promoted! See below for top resources (thread) #tech #techpolicy #privacy #cyber #infosec #cybersecurity
Women in Security and Privacy is a great resource and a great organization promoting women in tech!
The Bridge maintains a job/fellowship board in Tech, Policy and Politics which is focused on "bridging" government and technology
Read 11 tweets
.#Thread Gen Rawat at @iicdelhi
We are heading back to bipolar/multipolar world, is it good/bad 4 int community only time will tell. Wht we r certainly seeing is more aggression on part of nations, specially 1 thats tryin 2 go into bipolar world or makin presence felt thts #China
They (China) are becoming more n more aggressive and we share land borders with them. Its time for us to start looking at our strategies as to how we are going to deal with the two borders... aggressive adversaries, Pak on Western front & China on the North: CDS Gen Bipin Rawat
We need to also start looking at transformation for the betterment and ensuring the national security architecture that we want to evolve is capable of handling the threats that are emerging. To do this we need jointmanship amongst all the security forces: Gen Rawat at @iicdelhi
Read 11 tweets
🕵️‍♂️TLDR; Given the craziness in the cyber space - I mean its bad - I am building tools for personal cyber survival and opsec. A personal challenge with positive externalities

🚩Goal? Make it easy for people to use, but also effective and efficient. When I say 'easy', I mean it!
🔧 Tools? Practical security checklists, password checker (w/94GB list +real breaches), darkweb/cloud of logs monitoring, tips and solutions to reduce personal cyber risk. New ideas are welcome.

🌍 Focus? UK and Italy for starters
If interested in initial access like/DM and I will keep you posted 😉

🤯 Challenges? A few, beyond laws and privacy concerns

⏱️ When? Mid/End October should be feasible for an initial web release.

Name? not sure yet, I'm going with the flow ⛵️

#cyber #dev #code #security #DIY
Read 4 tweets
#McAfee #Afterlife dropped this PUBLIC PGP KEY earlier today. So I suppose if anybody needs to send him an encrypted message, you would secure it with this PGP key, and then only HE can read it.
go to:… Image
#Mcafee #Afterlife Telegram drop this afternoon: DATE WITH THE QUEEN and much more.
1/ Whoa! Some serious #McAfee #Afterlife drops tonight. No decoding necessary. "HILLARY, WE'RE COMING AFTER YOU."

Hey Killary Clinton
Remember Me. . .?
I’m Coming back to
Haunt You like You
Did to Me: +
Read 69 tweets
who wants to read a bit about #strategy? hell we can even make it #CYBER #SECURITY #STRATEGY
Am still writing ✍️ on this subject I could write about this stuff forever but I like to be short and to the point where I can be. Strategy is a super interesting subject to me.
Read 4 tweets
I can't draw invisible but i've referred to the most common security capability deployment model as "MISSING" - most organisations that I've seen do NOT have a dedicated security governance or operations capability.... Image
Governance.. oh god i love and hate the word! see most things in business processes are both itterative and inter related. An audit activity output will feed both security operations and governance activities. Image
also this isn't a text book "answer" it's me trying to explain in simple wording the difference between "checking" and "steering" vs "doing"
Read 14 tweets
"Some of the leading threats to the American way of life are #cyber enabled - from espionage to influence to attack" Deputy National Security Advisor for Cyber Anne Neuberger tells #AspenSecurity
Sanctions vs #Russia but not #China for malign #cyber behavior?

"#SolarWinds was not the 1st case of aggressive Russian cyber activity in int'l space" per @WHNSC's Neuberger
"In the case of #China, there's still that building of consensus around malicious cyber activity, around the need to call it out together" w/allies, per @WHNSC's Neuberger, adding that it "doesn't preclude follow-on activity"

Read 13 tweets
Happening now: "Nations fight wars...we fight in a combined environment w/our allies" @thejointstaff's Gen Mark Milley tells the Sea-Air-Space Global Maritime Exposition in Washington Image
"We are dependent, absolutely dependent...on a free & open ocean" per @thejointstaff's Gen Mark Milley
"The Navy that we have today is the best in the world & we want to keep it that way" per @thejointstaff's Gen Mark Milley

@USNavy's future depend on "decisions that are being made now" at the Pentagon, he adds
Read 5 tweets
RECAP: @POTUS visits US intelligence community, @ODNIgov

"The main reason I came, & I mean this sincerely, is to say thank you"
"You're the eyes and ears around the world & the front lines of our national defense" @POTUS tells US intelligence community

"You serve the American people no matter which political party holds power in Congress or the White House" per @POTUS
"It's so vital, so vital that you are & should be totally free of any political pressure or partisan interference" adds @POTUS "It's basic"

'll never politicize the work you do. You have my word on that"
Read 20 tweets
Happening now: @DHSgov @SecMayorkas testifies before the Senate Homeland Security & Governmental Affairs Committee
"#Cyber security is not only a matter of homeland security but national security as well" per @SecMayorkas

@POTUSA proposed budget "invests in every dimension of our defense to this increasing threat"
"We are underway in executing the largest #cyber security hiring initiative in the department's history" adds @SecMayorkas
Read 7 tweets
Happening now: @PentagonPresSec confirms @DeptofDefense has suggested using Ft. Lee to house about 2,500 #Afghan #SIV applicants in response to a formal request from @StateDept

"Ft. Lee is just an initial location" he says, adding other US locations could be considered
#Afghan #SIV applicants expected to be at Fort Lee for just "several days or so" per @PentagonPresSec, noting they are in the very final stages of the process & will quickly head to resettlement
"They will not be there for very long - just several days" per @PentagonPresSec

includes 700 applicants & their families

re #Afghanistan #SIV applicants headed to the US, Fort Lee
Read 9 tweets
Happening now: White House - #China - #hackers

"We are actually elevating & taking steps to not only speak out publicly but top certainly take we have from #Russia as well" per @PressSec
"We are not holding back. We are not allowing any economic circumstance or consideration to prevent us from taking actions where warranted" per @PressSec

"We reserve the options to take additional actions....this is not the conclusion" w/response to #China #Russia hackers
Earlier, from my colleague @W7VOA ...…
Read 7 tweets
My @CSIS colleague @cy_newlin and I have a new piece out today on #cyber. As the Biden administration is resuming its cyber dialogue with Moscow, France has some interesting lessons to share from its own experience with Russia. A thread 👇…
In a bid for increased transparency and predictability with Russia, France initiated in 2018 several channels of dialogue: a confidential “deconfliction line” to discuss cyber incidents, as well as broader diplomatic consultations.
France essentially pursued three objectives: (1) addressing in a direct and confidential manner cyberattacks originating in Russia; (2) better understanding Russian cyber doctrine and apparatus; (3) engaging with Russia on norms of responsible behavior in cyberspace.
Read 11 tweets
We put on our Russian-hacker hats to conduct influence operations on @Twitter. Setting up disinformation campaigns should not be this easy. See our experiment below. #cyber #AI #Russia
My latest with @pulkitology at @DefenseOne
Thread 1/…
Our scenario is designed as a three-part operation to influence American social media users about a piece of controversial legislation. By analyzing publicly available history of likes we use artificial intelligence to identify users who are potential targets for our campaign 2
Artificial intelligence is among the many important technologies that promise to change the scope of warfare for years to come especially hybrid warfare. See how we used publicly available information. /3
Read 10 tweets
On June 2, #Russia has finally unveiled its new National #Security #Strategy - the strategic document that was expected some six months ago. The document is very interesting and has #information security at its heart. #InformationWarfare 1/8
One thing that may immediately surprise some experts, is the total absence of the word "#cyber", so revered in our Western countries. This further confirms the difference in approaches to the issue of #InformationWarfare and cyber. 2/8
In terms of terminology, the document does not use "#InformationWarfare, but "#InformationConfrontation" (информационное противоборство). Of course no nonsense like "#fakenews" can be found in it, although there are references to #propaganda and #PsyOps. 3/8
Read 8 tweets
Le 2/07 la #Russie a enfin dévoilé sa nouvelle #Stratégie de la #sécurité nationale - ce document stratégique qui était attendu encore y a six mois. Il est en soit très intéressant et a au cœur la sécurité informationnelle. #infoguerre 1/8
Une chose qui saute directement aux yeux est l’absence totale du mot « #cyber », tant vénéré chez nous. Ceci confirme de plus la différence d’approches envers le sujet de l’#infoguerre et le cyber. 2/8
Au niveau de termes, le document n’emploie pas « l’#infoguerre », mais « la confrontation informationnelle » (информационное противоборство). Bien sûr pas d’absurdités comme les « #fakenews », même si on y trouve des références à la #propagande et activités psychologiques. 3/8
Read 8 tweets
Subdomain Enumeration 101 🏆 👇

1. Passive Enumeration
2. Active Enumeration

@shifacyclewala @Hacktifycs
#bugbountytips #bugbounty #infosec #cybersecurity #hacking
1. Google Dorking:
“site:* -www -store -jobs -uk”
2. virustotal
3. dnsdumpster
4. crt[.]sh
5. censys[.]io
6. Rapid7 Sonar Datasets
7. Dnsbufferover

#bugbountytips #bugbounty #infosec #cybersecurity #hacking
Unique Ways:
1. dig +multi AXFR
2. CSP (curl -I -s -L https://some[.]com | grep -iE 'Content-Security|CSP')
3. Github Subdomains
4. nmap --script targets-asn --script-args targets-asn.asn=17012
5. Scraping using webscrapers
Read 9 tweets
@sata252 @ArianeTanner1 hör doch auf mit diesem #bullshit #luhmann-speech... das geht schief. damit bekommstu bei @VinzenzWyss ECTS-punkte. aber so geht das nicht.

es ist viel einfacher.

das beispiel #seenotrettung @ArianeTanner1 bringt es auf den punkt. dazu brauchstu keine nikolaus.
@sata252 @ArianeTanner1 @VinzenzWyss 17:29 antidemokratischer journalismus
@sata252 @ArianeTanner1 @VinzenzWyss 17:40 das handwekr von #journalismus

- recherche
- einordnung
- service einer meinungsbildung

(plötzlich ist #meinung wieder was tolles: verweis auf mangelhafte begriffklärung ;-)…
Read 18 tweets
Today's #NATOSummit produced a communique with represents the state of play at #NATO . I would described it as a holding pattern.


Brussels Summit Communiqué…
The most important aspect of this @NATO Summit was the return of US. President Biden reconfirmed the #USA commitment to NATO and, in so doing, restored unity & solidarity, the bedrock of the #Alliance.
No more NATO being called obsolete (Trump) or braindead (Macron)

The most important decision today was to start working on a new Strategic Concept, to be concluded at the next Summit in Spain 2022.
This is very much needed as the current outdated one dates from 2010. But it puts all major decisions on hold until next year.

Read 16 tweets
#FBI Deputy Director Paul Abbate will join our partners from @TheJusticeDept and @USAO_NDCA for a press conference today regarding the ransomware attack on Colonial Pipeline. You can watch live at 3:15 p.m. EDT via
Justice Department Seizes $2.3 Million in Cryptocurrency Paid to Ransomware Extortionists: @TheJusticeDept today announced that it has seized 63.7 bitcoins that allegedly represent the proceeds of a May 8 ransom payment to DarkSide cyber actors. Deputy Director Paul Abbate stated, "There is no place
During the press conference, Deputy Director Abbate discussed the central role partnerships play in #cyber investigations, including the investigation into DarkSide. FBI Deputy Director Paul Abbate speaks at a Justice Departme
Read 7 tweets
I will now fully defend @jonathanreiber's assertion.

Notice his key phrase: "a measurable economic impact on the American population."

This measurement derives from the fact #ColonialPipeline itself chose to shut down its operations "out of an abundance of caution"...
2/11 we can rightly say "computer security #hysteria led to a measurable economic impact on the American population."

But ... have there been UN-measured impacts?


I can cite my hilarious audio column from exactly 20 years ago today:
I consider it a first -- a true first! -- that we can measure a real economic impact from computer security #hysteria.

Now we have a cyber attack on the world's largest meat supplier. And it won't surprise me if @JBSCareers shuts down all operations "as a precaution."
Read 12 tweets
Spoiler : j'ai (dé)chiffré le programme de décryptage #SecretDéfense de la DGSE, qui a développé des « capacités techniques interministérielles » dans le cadre d'une mutualisation « discrète mais essentielle » des techniques de renseignement. #Thread /1…
Et ça n'a pas été une sinécure : j'avais commencé à enquêter à ce sujet en... 2015, à l'occasion de la polémique sur la #LoiRenseignement, alors que tout le monde ou presque criait à la « surveillance de masse » par les #boitesnoires. /2
#Quandjaicompris #Putain6ans !
On sait que, au-delà des « guéguerres » intestines entre les « cousins » des différents services de renseignement français, ces derniers travaillent de concert depuis des années, notamment en mutualisant certaines de leurs « capacités » et « capteurs » techniques. /3
Read 15 tweets
Nur so weil ich irgendwas mit #Cyber im Profil stehen hab. Allgemein sei gesagt, es ist auch eine Maßnahme gegen IT Angriffe, wenn man kein Arschloch ist.

Jetzt etwas länger am satirischen Beispiel "Meine Firma will die einen Todesstern bauen (oder nicht, ist kompliziert)"
Fakt ist, wenn man grundsätzlich nach ethisch und moralisch nachvollziehbaren Vostellungen und Werten handelt, dann ist es a) einfacher Verbündete zu aktivieren und b) für Antagonisten schwieriger, die Motivation für einen Angriff aufzubringen. 2/
Neben vielen Herleitungen aus der Antike oder auch bei so illustren Leuten wie Mattis, Mao, Engels und Lenin, kann man das recht großartig bei Boyd nachlesen (dort "moral isolation" bzw "moral interaction")

Das sind jetzt alles Leute, die sich mit Krieg befasst haben. 3/
Read 9 tweets
‘Tricks With a Notorious Russian Spy Group’

‘Security researchers have found links between the attackers and #Turla, a sophisticated team suspected of operating out of Moscow’s #FSB intelligence agency.’

“…believe the SolarWinds #hackers and #Turla aren't one and the same. But … one #hacker group at the very least ‘inspired’ the other, and they may have common members between them or a shared #software developer building their #malware.”…
“… That actually makes the connection more significant … ‘It’s more like handwriting. That handwriting or style propagates to different projects written by the same person.'"

Read 16 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!