Discover and read the best of Twitter Threads about #cybersecurity

Most recents (24)

1/5
Let's visualize this fight through the lens of #cybersecurity. We'll say Cuomo is a senior #DFIRstResponder on-site at the worst hotspot while Kushner is a SrVP sitting on the top floor of the HQ bldg...
2/5 Computers are getting infected fast and it's pushing Tier 3 support staffers to their limits. Triage teams admit not all boxes can be cleansed, especially those w/ older OSes. Various subnets are quarantined; workers are getting paid to stay home for "digital snow days."
3/5 The CEO bitches about all the negative ROIs and, worse, his CISO outright contradicted him during a press call.

The SrVP is related to the CEO (aren't they all?) and the hasty Excel spreadsheet he built tells him that senior #DFIRstResponder is spouting hyperbole.
Read 6 tweets
@KsapaOrg @FBaddache#Tax evasion
✅ Ruled using #bilateral investment treaties
#Data collection, usage, sharing

the 3 key themes in @KsapaOrg's approach to #BizHumanRights being highlighted by @FBaddache

#webinar #HumanRights #duediligence #engagement #HRDD #BigData #cybersecurity #UNGPs
@KsapaOrg @FBaddache three areas directly impacting #business in respect to #humanrights:

1. comply w/ mandatory transparency & #HRDD - in operations, joint ventures & #supplychains

#webinar #BizHumanRights #engagement @UKAntiSlavery @ModSlaveryReg @pcarrier26 @InvestForRights @FinComSlavery
Read 13 tweets
my own ebook library contain hundreds (661) of hacking books and computer science books,i love reading and reading again and again.feel free to ask me about the best hacking books
#Hacking #Pentesting #redteam #bugbountytip #Malware #CyberSecurity
The Best Hacking Books in 2020 part )1(:
-effective-cybersecurity
-Rootkits and Bootkits
-Gray Hat Hacking the Ethical Hacker's Handbook 5
-THE HACKER PLAYBOOK 3
-Black Hat Go
-Practical Binary Analysis
-Hacking Exposed Industrial Control Systems
-Windows Forensics
-Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
-Hunting Cyber Criminals
-Guide to Computer Forensics and Investigations-Processing Digital Evidence
-Mobile Forensic Investigations: A Guide to Evidence Collection
Read 6 tweets
3 lessons in #resilience from the #Cybersecurity field apply in many crises we’re facing now: (1) know what your critical assets/services and their interdependencies — you can’t fix what you don’t know, so make sure you have reliable info @PwCUS pwc.to/32YZiJs
(2) know how much impact you can tolerate BEFORE the disruption hits you. In the midst of crisis is not the time to research that. Learn more from @PwCUS pwc.to/32YZiJs
(3) build #resilience by design: get to a point of real-time threat intel and action, and get on a cycle of continuous learning. To learn more about how to raise your #resilience quotient #RQ @PwCUS pwc.to/32YZiJs
Read 4 tweets
Significant threat actors, their recent histories, and any noteworthy changes in 2019 are chronicled here by @PwC_UK #threatintel @smoothimpact @pewpew_lazors @cyberoverdrive #CyberSecurity pwc.co.uk/issues/cyber-s…
From the report, the targets of #cybercrime and the preponderance of financial motivations #ThreatIntel
@PwC #threatintel team issued 221 reports covering these sectors and threat actor locations in 2019
Read 4 tweets
للمهتمين في مجال #الأمن_السيبراني لكم هذا الثريد الشامل:

يتحدث الكاتب من خلاله عن أهمية الأمن السيبراني وكذلك أهمية البرامج المستخدمة وماهي أفضل البرامج المستخدمة في الأمن السيبراني والتي يجب على المتخصص معرفة كيف إستخدامها وتطبيقها في عمله.
ما مدى أهمية الأمن السيبراني؟ 👇
يمكن معرفة أهمية الأمن السيبراني من خلال البحث الذي أجرته Mimecast حيث تشير الدراسة على أن هناك زيادة بنسبة 26٪ في برمجيات فيروس الفدية و نسبة 88٪ من الشركات شهدت الانتحال نتيجة استخدام البريد الإلكتروني و أشارت الدراسة أن هناك منظمات لديها زيادة 67% انتحال الشخصية
#CyberSecurity
الأدوات المستخدمة في الأمن السيبراني أمر لا بد منه لضمان نجاح تطبيق برامج الأمن السيبراني في كل منشأة ومن خلاله  نحمي الشبكات أو الأنظمة أو التطبيقات من الهجمات السيبرانية. يتم استخدام البرامج والأدوات لتجنب الوصول غير المصرح به إلى البيانات من خلال الهجمات السيبرانية.
#Tools
Read 6 tweets
If stock photography has taught us one thing it's how to recognise a hacker! But how much do we really know about these shady characters, with their balaclava and their Windows 7 laptops?

For #DataProtectionDay here's my essential stock photography guide to #cybersecurity...
First things first, hacking has come on leaps and bounds in the last few years. Backing up your sensitive data on C60 cassette and labelling it 'Kajagoogoo Live' is no longer enough to keep your information safe!
Hackers are hard to spot because they dress head-to-toe in black (or very very very dark grey). This is because they live on the Dark Web and want to blend into the background.
Read 13 tweets
BREAKING 'Iran cyber hacks American government website and gives chilling warning' FDLP
American Federal Depository Library Programme (#FDLP) are greeted with a hacked image from ' the Islamic Republic of Iran' #CyberSecurity 👉 fdlp.gov
mirror.co.uk/news/us-news/b…
Former EMP Commission chief believes Obama-holdovers and "deep state" operatives could undermine America's ability to protect itself from an #EMP
National Defense Authorization Act was signed by President Trump on 12/20/2019, EMP -Executive Order
onenewsnow.com/national-secur…
Shocking!
Iran Deal Agreement Calls on the U.S. to Help Iran Develop Its Cyber Security Capabilities
👉Assisting Iran's ability to defend against cyber weapons (like Zero day) that the US or allies may want to use against #Iran #Treason
Full Video👇
Read 3 tweets
Ransomware Thread: One day a user clicked on a malicious link which caused some havoc - the company files got encryped with ransomware. Upon investigation looking at the headers of the email it was noted that the email had come from one of the DR servers. How? Why?

#infosec
Apparently the Exchange Admin had decided to carry out a DR test but not considered including the spam filter failover as part of the test. It was only meant to be a short while I mean what could possibly go wrong?

Also this was a known threat so why didnt the IPS block it?
Well turns out the DR mailbox IP’s had been added to an access policy but that policy had not been configured with file analysis. Therefore the email attachment went undetected - passed the firewall and since no spam filter was there ended up in the users mailbox.
Read 7 tweets
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (1/9)

Tuesday December 10

#Windows10 #Malware #warning

forbes.com/sites/daveywin…
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (2/9)

Tuesday December 10

#Xmas #toys #stranger #danger #threat

forbes.com/sites/daveywin…
That was my week in #CyberSecurity that was.

#ICYMI here's a #weekend review of my #infosec output for the past week. (3/9)

Tuesday December 10

#NHS #HealthcareIT #Opinion

digitalhealth.net/2019/12/differ…
Read 9 tweets
Vamos a usar este tweet para publicar #Dorks de todo tipo, empecemos con este:

inurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner -foro -forum -topic -blog -about -docs -articles

#CyberSecurity #dork #BugBounty
intext:"pass" ! "usuario" | "user" | "contraseña" filetype:sql -github
Este es muy bueno, nos permite hacer uploads, ha sido probado con imágenes .jpeg

intitle:"FCKeditor - Uploaders Tests"
Read 18 tweets
Beware #Android Users!

A new unpatched #vulnerability — dubbed Strandhogg — in Android could let malicious apps take extensive control over your device & steal your login credentials.

Details: thehackernews.com/2019/12/strand…

Dozens of apps are already exploiting this flaw in the wild.
@Swati_THN 1) #Phishing Attacks:

#Strandhogg task hijacking vulnerability can be exploited to display a fake user interface (UI) while tricking users into thinking they are using a legitimate app, making it easy for the malware to steal their credentials using spoofed login interfaces.
@Swati_THN 2) Fraudulently Requesting Permissions:

A malicious app can also escalate its capabilities significantly by tricking users into granting sensitive device permissions while posing as a legitimate app.

Read more: thehackernews.com/2019/12/strand…

#infosec #hacking #cybersecurity
Read 4 tweets
🚆It’s a Rail Thread Friday 🚆

I’m personally individually proud to help Claire Shooter @LDCMoiso team @RSSB_Rail in their search for imaginative, analytical minds to help bring cutting edge research and technology onto the UK railway.

Apply here ⬇️⬇️⬇️
careers-rssb.icims.com/jobs/1192/stud…
🚆Who are you ?🚆

An undergraduate or post graduate student in economics, sustainability, maths, physics, data science or engineering looking for a central London @RSSB_rail 13-month R&D role, competitive salary and excellent benefits

Apply here ⬇️⬇️⬇️
careers-rssb.icims.com/jobs/1192/stud…
🚆What will you do ?🚆

Search on technological and operational questions relevant to rail, scanning the horizon for new technologies and developments that could impact the sector, and facilitating research projects @RSSB_rail

Apply here ⬇️⬇️⬇️
careers-rssb.icims.com/jobs/1192/stud…
Read 11 tweets
I like @SANSInstitute a lot - I recommend them a lot. But, I'm going to be honest. They've become the gatekeepers of the #infosec practice in many ways and at $10k for a course and travel it's hurting our ability to grow leaders and practitioners. #cybersecurity #training
@SANSInstitute There are many stories about #infosec warriors "pulling themselves up by their bootstraps" which is true! However, we're now beginning to change from a meritocracy into a plutocracy. Only those who work for the wealthiest companies or have the personal fortune can get in easy
@SANSInstitute SANS is not "overpriced" it's priced accurately based on market demand - the same as Harvard is priced accurately based on market demand. But, that doesn't mean it's what is best for our industry.
Read 6 tweets
I did this one before. But since we're making #30daysofthreads a great opportunity for folks to learn gems going into 2020, I figured I bring this one back!

With that being said, I will list 10 books to get started you in #hacking & #penetrationtesting
#CyberSecurity #infosec
“Penetration Testing" by
@GeorgiaWeidman
- 1 of the top books you must read if you're new to hacking or reviewing. Some material is dated but it is still a great book (Georgia is working on a new version. Don't bother her about it!) -

amzn.to/2WRB4N7
@georgiaweidman “Linux Basics for Hackers” by OccupyTheWeb

This book is great for those learning or working w/ Linux. It explains how to install Kali & what services are installed & what they're used for. This book also explains how to create scripts in BASH & Python

amzn.to/2NcCKNN
Read 10 tweets
Welcome to the Member of Congress Tracking Report for the week ending November 10, 2019. With Congress on recess this week, we are going to do things a bit differently this week. We are going to take a dive into #McConnellsGraveyard.
#MoCTrack 1/33
bit.ly/34FD5jk
#GOP keeps trotting out their tired talking point about the “do-nothing-Dems” and all we can concentrate on is #Impeachment.

NOT TRUE.

What you’ll find below are 30 bills of the 300+ that #McConnell has stalled in the Senate.

#MoCTrack #DemCast 2/33
demcastusa.com/2019/11/10/mit…
HR 1 - #ForThePeople

A bill that would improve voting rights, fix campaign finance regulations, and mandate ethics and accountability reforms.
💯 over 100 co-sponsors (236)

#MoCTrack #McConnellsGraveyard 3/33
vox.com/2019/3/8/18253…
Read 33 tweets
1/6 HOW TO SET GOOD GUIDELINES FOR VOTING SYSTEMS
1) Consult with #cybersecurity experts
2) Do what they say
House bill #HR3351 says "the voter shall have the option to mark his or her ballot by hand." That's good. That's what the majority of cybersecurity experts recommend.
2/6 HOW NOT TO SET GUIDELINES FOR VOTING SYSTEMS
Senate bill #SecureElectionsAct sets up a panel of "independent experts on #ElectionSecurity" then fills it with ppl who are NOT #security experts. If you have to have heart surgery - do you want a surgeon or a hospital admin?
3/6 The #SecureElectionsAct has #bipartisan support, but contrary to current narrative it is NOT less intrusive to states - just less effective. It still sets up standards - but instead of specific ones, they are undefined & will be determined later by a panel of non-security ppl
Read 7 tweets
After #cyberattack while NPCIL officials have admitted to their administrative system being breached by malware, actual damage assessment is yet to be determined. Meanwhile #cybersecurity community is concerned whether India's #thorium secrets got stolen. greatgameindia.com/did-kudankulam…
@issuemakerslab #cybersecurity experts based out of #SouthKorea who have been monitoring suspicious activity in Indian #cyberspace, have claimed that ‘the possible reason behind the #cyberattack was to obtain information about #thorium based nuclear power. greatgameindia.com/did-kudankulam…
On the morning of October 29, 2019, @GreatGameIndia was the first to report #cyberattack at #KKNPP). #NPCIL after initially claiming it to be ‘false information’ did actually admit next day that their system was indeed breached by the #malware. greatgameindia.com/kudankulam-nuc…
Read 4 tweets
Heres Aharon Almog-Assoulin, a retired Israeli security official who until recently served on the town council in a suburb of #TelAviv. He was one of the undercover agents used by #BlackCube hired by #NSOGroup to #spy on #CitizenLab journalists exposing #Pegasus among other jobs.
Heres a partial list of #cybersecurity firms linked directly to #cyber weapons dealer #NSOGroup that targeted Indian journalists and activists using #Pegasus. Almost all of them spawned out of Israeli intelligence #Unit8200. #WhatsApp #WhatsAppSpywareRow
Acc to 2016 price list, #NSOGroup charges customers $650,000 to hack 10 devices on top of $500,000 installation fee. If 41 Indians were targeted it will be 4 times the fee + installation. That comes to a whopping 31,00,000 USD equals 21,96,80,725.00 INR. Thanks to @Kodungolan737
Read 10 tweets
Thread. BIG NEWS the Voluntary Voting System Guidelines 2.0 #cybersecurity working group is going to recommend NO #Wi-Fi & NO #Internet capability for #voting systems. This does not include #epollbooks but does include tabulators & election management systems. @secureourvotes
This is not a done deal, but it is a good step! The working group recommendations will be given to the Technical Guidelines Development Committee this Fri & they (the TGDC) may vote on these recs (could be up/down) then (supposedly) they go to the EAC for a public comment period.
Keep in mind that even if the EAC adopts these guidelines - they are still VOLUNTARY. States can choose to disregard them, or follow some & not others. Also the recommendation is not for the Wi-Fi capability to be removed, but instead permanently disabled due to cost of removal.
Read 9 tweets
#India's Kudankulam #Nuclear Power Plant has been hit by #cyberattack. Authorities were already alerted of the threat months in advance. The power plant project built in collaboration with #Russia has been a target of foreign players since its inception.
greatgameindia.com/kudankulam-nuc…
The second 1,000 MW #nuclear power unit at #Kudankulam, owned by the Nuclear Power Corporation of India Ltd (NPCIL) stopped power generation on Saturday 19th October, owing to “SG level low”.
greatgameindia.com/kudankulam-nuc…
More than a month before the unit stopped operating, NCSC was notified of intrusion of their systems by #cyber threat intelligence analyst @RungRage. The alert was generated on investigation by #cybersecurity firm #Kaspersky into spy tools dubbed #DTrack. greatgameindia.com/kudankulam-nuc…
Read 10 tweets
2/16 Silencing expert voices in the cybersecurity discussion space is a
strategy for weakness not strength, as any Red Team expert would tell
you. #CyberCon #CensorCon
3/16 The @CyberGovAU removed me from the #AISA #CyberCon speakers list
8 days b4 the event. Reason: my talk content was 'incongruent' w/ the
largest cybersec conf in AU. Yet they had not seen my talk content yet.
#CensorCon #cyber #infosec #cybersecurity #informationsecurity
4/16 #CyberCon removed me from the speakers list based on my talk title
alone. I'm not the only speaker removed: @Thomas_Drake1 was also disinvited. Others
told to alter format. #CensorCon #cyber #infosec #cybersecurity #informationsecurity
Read 16 tweets
As part of our @NASSorg #NCSAM IT Director spotlight, we wanted to highlight a few key partners in state #cybersecurity.

The first one up is @CISAgov's @CISAManfra. Follow along with this 5 Q&A thread...
Q1: Can you walk us through a day in the life as the Assistant Director for Cybersecurity for @CISAgov?

A1: The thing about cybersecurity is no 2 days are the same & you need to be ready for anything. My day typically starts with reviewing the news & current intelligence &...
A1 cont'd:...receiving updates from my team on operational priorities. Based on this, we determine appropriate actions. This could mean speaking with gov’t partners to declassify information about urgent threats or meeting with @NASSorg to discuss next steps on election security.
Read 16 tweets
If stock photography has taught us one thing it's how to recognise a hacker! But how much do we really know about these shady characters, with their balaclava and their Windows 7 laptops?

For today's #SundayMotivation here's my essential stock photography guide to #cybersecurity
First things first, hacking has come on leaps and bounds in the last few years. Backing up your sensitive data on C60 cassette and labelling it 'Kajagoogoo Live' is no longer enough to keep your information safe!
Hackers are hard to spot because they dress head-to-toe in black (or very very very dark grey). This is because they live on the Dark Web and want to blend into the background.
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!