Discover and read the best of Twitter Threads about #cybersecurity

Most recents (24)

Thread: Protecting Mobile Devices

Contrary to the popular belief, doing a factory reset on your phone does not guarantee removal of sophisticated spyware. As per recent analysis by @citizenlab , Pegasus spyware can persist a factory reset on certain android phones.
If you are a high profile target, always assume that your mobile devices are likely to be targeted. While, the following steps can't ensure protection against sophisticated cyber weapons they will surely help reduce the attack surface.
1. Do not link any cloud accounts to your mobile device.

2. Change your password on regular basis, use a different password for each service and if you use a password manager, only use it to store "Password Hints" instead of actual passwords.
Read 8 tweets
Some bit of tough love on IP protection in Kenya. I have heard of companies requiring their IT depts or hired devs to develop unhackable apps. To say this is ludicrous is an understatement because tech nerdistry alone can't protect your company's IP #CyberSecurity
IMO, IP protection should be hinged on the following key pillars
~ sound legal advice/support
~ BYOD policy
~ data privacy/protection policy
~ skilled IT staff
~ sober C-suite

Companies ought to start by seeking proper legal advice. I understand there are lawyers that......
focus solely on intellectual property. A BYOD policy is equally important because companies tend to focus on outsiders misappropriating their IP when studies have shown employees pose an even greater threat. Corporate espionage ring a bell?
Read 11 tweets
1/35 In 2017, the tax-exempt Koch Foundation and Koch Institute donated over $2 million to conservative media outlets, including $980,000 to the Daily Caller Foundation, the tax-exempt entity that underwrites Tucker Carlson’s The Daily Caller. doi.org/10.1017/978110…
2/35 Now, why would the Koch brothers be spending money on that? Probably for the same reason the far more reclusive billionaire Robert Mercer invested in Breitbart. bloomberg.com/news/features/…
3/35 With the rise of movements defending specific groups a la FDR and LBJ: labor, civil rights, consumer, environmental, and women’s movements, too much power had slipped into the hands of people who made excessive demands (fairness) of government and corporations.
Read 36 tweets
📢 On air! 📢
Tony Hedoux talks about
#ebiosRM and #riskmanagement

Join us on YouTube:
Join us on LinkedIn: linkedin.com/video/live/urn…
@TonyHedoux graduated from ISTIC in Rennes, and already had an interest in software engineering. He is now Product Owner Cyber at @all4tec_fr and Secretary General of the @club_ebios.
@TonyHedoux @all4tec_fr @club_ebios As always, interact with us on Slido: sli.do/cyberCNI-4
Read 27 tweets
1/ @retheauditors @premnsikka @ArmitageJim The curious case of “who’s really the daddy ?”. @FinTelegram asked “is the #FinMax binary option/FX/CFD #scam network really operated by a former high-ranking Ukrainian police officer + his wife?” ( AND ...
2/ fintelegram.com/another-warnin…). It’s Belfast footprints entwined with other notorious blacklisted crypto/binary option/FX/CFD ops + far more. It’s interesting to note that the #FinMax group’s “#RUSVPN” VPN op targets #KODI (P2P media centre app, primarily for illegal viewing ...
3/ of movies) influencer deals. KODI movies often have injected “Englishski” ads for notorious blacklisted online crypto/binary option/FX/CFD ops. The appearance of Belfast addressed UK SPV “Morris Processing Ltd” is fascinating, it being the initial purported owner & ...
Read 47 tweets
We are LIVE tweeting the keynote address by @BradSmi. Join us using #Raisina2021 #RaisinaDialogue
.@BradSmi: We often see nation state #cyberattacks that identify and develop new attack vectors, which are then pursued by #cybercriminals often for #ransomware that is putting at risk institutions we all rely on #Raisina2021
.@BradSmi: We also have 21st century digital arms merchants – companies that work contractually for govts. to create the code govts. want to put to work – adding to the risk situation #Raisina2021
Read 10 tweets
We are live tweeting @d_jaishankar in conversation with @BradSmi @Microsoft. The two will discuss @BradSmi’s latest book “Tools and Weapons: The Promise and the Peril of the Digital Age” #Raisina2021
.@BradSmi: Tech is a quintessentially global industry, but is also remaking every aspect of societies around the world. #Raisina2021
.@BradSmi: As data is fundamental to our lives, our book begins in one of @Microsoft’s data centre campuses. It brings to life the sheer scale of infrastructure that goes into these centres. #Raisina2021
Read 15 tweets
Trying to start a business when you are Disabled + suffering from Executive Function issues is a MAJOR reason why you don't see more Disabled Business Owners.
I'm also un-medicated, so I'm trying to do the absolute BEST I can while pushing through. I am absolutely panicked in this process, but I REFUSE to just give up.

I've given up before. I've failed before.

So why not just WIN???

And it sounds so easy, but DAMN.
Consistency is the key to a Hell of a lot.. and as someone with ADHD (CONSISTENCY ISSUES HELLO), it can very tough to stay on track - but dammit, if I have to CHEW ROCKS to get Reparations.Tech off the GROUND, I WILL!!!!!!!!!!!!!!!!!!!
Read 95 tweets
Let’s talk about the 5 Essential Skills required to start a Career in Cyber security:

Cyber security is a vast field with so many companies manufacturing lots of tools that function at different layers of the cyber defense matrix.
#cybersecurity
A cyber security professional is expected to learn how to use these tools and be proficient in them; whether identity and access management tools, intrusion prevention and detection devices, disaster response and recovery tools and so on.

#cybersecurity
Certifications are great, but it is your experience, skills and ability to solve technical problems that would earn you the trust and confidence of the people you work with and the customers you work for.

So let's look at the five foundational skillsets:

#cybersecurity
Read 11 tweets
New nominations from @POTUS to fill out @DHSgov

Deputy Sec - John Tien

@CISAgov Director - Jen Easterly

@USCIS director - Ur Jaddou

@CBP director - Chris Magnus

General Counsel - Jonathan Meyer

UnderSec for Strategy - Robert Silvers
Nominations of Jen Easterly to head @CISAgov and Chris Inglis to be National Cyber Director getting bipartisan praise from @CyberSolarium commissioners @SenAngusKing @JimLangevin @RepGallagher @SenSasse
.@DHSgov @SecMayorkas on the latest @POTUS nominations
Read 7 tweets
Let us talk about simple steps you can take in order to create a strategic policy document on cyber security for your organization.
Thread
#CyberSecurity
Such a document should detail the company’s present infrastructure assets (hardware and digital), outlines the goals it intends to achieve, and show how the company can achieve the said cyber security goals.

#cybersecurity
The policy when followed to the later should ensure that your company physical infrastructure is protected and the integrity of the digital assets remain authentic and uncompromised #cybersecurity
Read 19 tweets
.@DHSgov @SecMayorkas on proposed $52 billion FY 2020 budget

"[It] will reinforce the basic missions of securing our homeland, including preventing terrorism; securing & managing our borders; repairing the broken immigration system; safeguarding critical infrastructure"
"It provides the Department w/targeted resources to advance commonsense policy solutions" per @SecMayorkas
Proposed $52 billion FY 2022 budget calls for $131 million "to support diverse, innovative, & community-driven methods to prevent #domesticterrorism while respecting civil rights & liberties" per @DHSgov

Also includes total of abt $95 million in grants to build local capacity
Read 4 tweets
Daily Bookmarks to GAVNet 04/09/2021 greeneracresvaluenetwork.wordpress.com/2021/04/09/dai…
Europe’s third wave: ‘It’s spreading fast and it’s spreading everywhere’

ft.com/content/d1af35…

#COVID19 #waves #surges #europe
PSYOP, Cyber, and InfoWar: Combating the New Age IED - Modern War Institute

mwi.usma.edu/psyop-cyber-an…

#cybersecurity #infowars #military #InformationSecurity
Read 10 tweets
Cyberstalking by faculty and administration is simply never okay. #Medbikini was not a one off.

Almost everyone, regardless of age & gender, whose bio has “#professionalism” in it or “#cybersecurity” is worth looking into as to what #ethics they disregard or violate.
#Mentalhealth is needed. Until they clean up their #ethics minoritized populations will continue to be unsafe

Torture relies on “exploiting” psychological or physiologic vulnerabilities

Some, instead of creating #health, sell services to design torture

washingtonpost.com/outlook/psycho…
Conflicts of interest, especially unreported, are a massive source of ethical failure. First, clinicians should inherently know torture is unethical as well as “unprofessional”

but if they lack a moral compass or ethics, reporting COI can flag to others

journalofethics.ama-assn.org/article/profes…
Read 8 tweets
Doing an investigation on Windows Security Event Logs? These will make your life easier!

Guide to Windows audit and security policy settings - activedirectorypro.com/audit-policy-b…

Windows Event Logs Analyst Reference - forwarddefense.com/pdfs/Event_Log…

#infosec #CyberSecurity
EventID Encyclopedia -
ultimatewindowssecurity.com/securitylog/en…

EventID Cheat Sheet - andreafortuna.org/2019/06/12/win…

Logon Type Details - techgenix.com/logon-types/

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs. github.com/sans-blue-team…
APTHunter - Python tool to quickly perform threat hunts of Windows logs. github.com/ahmedkhlief/AP…

Sigma rules - github.com/SigmaHQ/sigma/…
Read 3 tweets
Daily Bookmarks to GAVNet 03/27/2021 greeneracresvaluenetwork.wordpress.com/2021/03/28/dai…
Reconsidering Monetary Policy: An Empirical Examination of the Relationship Between Interest Rates and Nominal GDP Growth in the U.S., U.K., Germany and Japan

sciencedirect.com/science/articl…

#MonetaryPolicy #InterestRates #GDP #NominalGrowth
Read 8 tweets
Here’s some Infosec / cybersecurity GitHub links I have found recently.

Resource Lists -

github.com/pascalschulz/I…

github.com/archanchoudhur…

github.com/GoVanguard/lis…

github.com/ShilpeshTrived…

1/3

#CyberSecurity #infosec
Security auditing tool for Kubernetes - github.com/vchinnipilli/k…

Collets information from an email and shows in nice GUI - github.com/kennbroorg/iKy

Public cybersecurity datasets - github.com/gfek/Real-Cybe…

2/3
Takes an array or file of URLs and returns a report with screenshots, application headers and src/href references. - github.com/TypeError/crys…

Dictionary of cybersecurity terms - github.com/securityarch/c…

3/3
Read 3 tweets
A thread on how I managed to encrypt and store a video using #Flutter

Scroll for links, code snippets, and my general thought process...
Recording and saving videos locally isn't too difficult.

Dependencies:
- camera
- path_provider

#flutter #android #s21 #video #coding

Below is the code for getting a file reference:

Created with @carbon_app   /// One call to get a file reference, set temp = false to
Encryption on the other hand is a foreign language to me. From my research, I learned that each user needs an #AsymmetricKeyPair that can be used to #encrypt and #decrypt data.

To generate these, I used the rsa_encrypt package.

pub.dev/packages/rsa_e…
Read 19 tweets
Yes SIEMs can be expensive, but are you getting full value from yours? Or are you just using it for security monitoring?

Here are some other things a SIEM can be used for, to provide much more value to a business.

#siem #infosec #CyberSecurity

1/6
Dashboards. Yes, your security team has dashboards, but have you thought of creating ones to be used by Networking, Desktop Support and other teams? Ask them what dashboards could be useful, and provide them access to the SIEM which only allows access to these dashboards.

2/6
Threat Hunting. There are bountiful threat hunting resources online - Perform these threat hunts on your SIEM logs! This could find things your alerts or analysts have missed; and can lead to future detection opportunities.

3/6
Read 6 tweets
Bulgarian prosecutor's office details how 6 person spy-ring with access to the Bulgarian military and parliament operated.
#espionage #russia #gru #natsec #intelligence #counterintelligence #bulgaria @NATO @EU_Commission @NSAGov @CIA @NCSCgov #EU #SCS #security #cybersecurity Image
Tasking?

The #GRU tasked for #SECRET info on #Bulgaria, #EU, #NATO & specifically the NSA, CIA and their joint SIGINT entity the SCS

#espionage #russia #gru #natsec #intelligence #counterintelligence @EU_Commission @NSAGov @CIA @NCSCgov #SCS #security #cybersecurity ImageImageImage
Read 6 tweets
Happening now: "We are tracking that event very carefully" @SecMayorkas tells House Homeland Security Committee of shootings in & around #Atlanta #Georgia that left 8 ppl dead, 6 of them women of Asian descent Image
#Cybersecurity: "As a 1st step, I have directed grant funding that will provide an additional $25 million for state & local entities across the country to increase their cybersecurity" per @SecMayorkas re: #SolarWinds, @Microsoft Exchange hacks
.@CISAgov "remains laser focused on protecting & providing assistance to federal civilian agencies & working w/the private sector" adds @SecMayorkas
Read 35 tweets
CPJ has documented dozens of journalists, commentators and their associates targeted with spyware.

Surveillance of journalists and their sources threatens #pressfreedom globally.

Explore the map of cases and read more below ⤵️

cpj.org/spyware-press-…
Key points:

- CPJ’s map lists 38 journalists & associates targeted with spyware

- Attacks attributed to actors in UAE, Saudi Arabia, Morocco, Ethiopia, Mexico & India

- 4 companies accused of supplying spyware based in Israel, Italy & Germany

More: cpj.org/spyware-press-…
Secret surveillance of journalists & their sources poses a severe threat to #pressfreedom globally

That’s why we are calling on governments to stop the use of spyware & to take steps to prevent states with bad #pressfreedom records from getting such tools cpj.org/spyware-press-…
Read 17 tweets
It has taken over 7 years for India to revamp its #cybersecurity policy — experts say there's room for carrots and sticks but not surveillance

businessinsider.in/tech/news/indi…

By @pabsgill Image
@pabsgill India was among the first few countries to launch a #cybersecurity policy back in 2013 and now it is looking to revamp that framework. According to Bloomberg, the new rules will be approved by the cabinet committee on security headed by Prime Minister #NarendraModi.
@pabsgill The move to set up a new system comes amid increasing reports of hackers from other countries targeting users in India and the country’s critical infrastructure.

#cybersecurity
Read 9 tweets
Diving into UEBA systems that large corporations use to protect themselves from cyber attacks, espionage, noncompliance, fraud, 'insider' threats and other risks ...I feel like this is a kind of totalitarian surveillance hellscape we'd never accept in any other area of life.
"A Watch List is used to monitor entities ...that are considered problematic or require special attention"

"...users who have received a poor performance review can be placed on a Watch List so that their activity can be closely monitored" #cybersecurity

documentation.securonix.com/onlinedoc/Cont… Image
An "abnormal number of logon failures", a "rare domain visited" or "flight risk behavior on web browsing to multiple job sites in a short period of time" ...put this employee on the Watch List #cybersecurity

In 'Spotter'. The product is called "SNIPR".

(p378) Image
Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!