Important note one: Campaigns aren't election infrastructure. So, when DHS said they weren't seeing attacks against election infrastructure (i.e. voting machines, poll books, etc) this doesn't contradict that.
Important note two: We don't know what the intent was behind attempted hacking. So, while the obvious thoughts will turn to hack and leak sabotage, like in 2016...
Most of the time, these groups are just trying to get boring intelligence from people in the know.
China hacking Biden staffers may just mean China wants to know Biden's plans about, say, microprocessor sanctions.
That wouldn't be good, but it's a better bad than actively interfering in the election.
Important note number 3: Microsoft uses elements to refer to groups typically referred to by other names.
Strontium is better known as APT 28 or Fancy Bear and was involved in the 2016 leak campaign.
The element strontium, taken as a supplement, may improve bone health.
Zirconium is a Chinese group typically seen in intellectual property theft, often referred to as Apt 31, Judgement Panda and Bronze Vinewood.
The mineral zirconium is sometimes is good at resisting heat, and makes its way into jet engines and space things.
Phosphorus, AKA Charming Kitten, APT35 and Ajax Security Team is an Iranian group who were caught trying to phish a campaign in 2019.
Phosphorus, the element, is an important component of plant fertilizer that is also found in tooth enamel.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I'm going to say something that a lot of you won't like.
If you stay on Twitter to make fun of Elon, you aren't fighting the man. You're doing the thing Elon wants.
He is the main character driving user engagement. Posting space Karen memes isn't a protest. It's the product
I posted this on another site. It's true here, too.
If you stay on this site, even to make fun of Elon Musk, advertisers will come back. Advertisers don't care why you're here, just that you see their thing.
The same thing is true about arguing with people who paid for blue checks. They want you to engage with them.
One of the reasons sites like Gab, Parlor and Truth Social never took off is that the core appeal of Twitter is gawking at adversaries and hoping they notice.
This would actually mean Elon Musk is dumber than he looks.
High school sports is a monopoly. If you go to Jefferson High, and you don’t like the coach at Jefferson High, you can’t move to City High, where City High will also give you a raise.
Musk had recently complained that too many employees were working remotely.
Managerial tip: If you fire half the staff, and then some more members of the staff, and are still unsure your employees won't sabotage the company, you fired the wrong employees.
Cybersecurity has a lot of really weird internal drama. I'm going to skip rebroadcasting the latest one, except for one claim: A guy said someone who only had a bachelor's degree couldn't critique his PhD-level research.
This is a thread about cybersecurity and the institution.
Moreso than any other field I'm aware of, law enforcement, investigation, crime prevention and national security tasks are shifted to the private sector.
Almost all research happens outside academia and - until very recently - nearly all training did as well.
To that latter point, and to the point of that one researcher quickly building a reputation for being wrong and incurious about why he's wrong: Nearly all the most accomplished cybersecurity researchers learned the craft outside of the academy.
I originally a posted thread about how the article was disingenuous. I took down that thread (save the above tweet) because I suspect there was supposed to be a line about it that was removed by accident.