Man, this seems really bad.
But at least our government isn’t pulling back on the #cybersecurity we need to protect this information!
Whew!
https://www.npr.org/2025/06/29/nx-s1-5409608/citizenship-trump-privacy-voting-database
Geez, TWENTY-TWO ICS advisories from CISA today? Is that as awful as it sounds?
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #18/2025 is out!
It includes the following and much more:
🇫🇷 🇷🇺 France has linked Russian APT to 12 #cyberattacks on French Orgs.;
🇺🇸 Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation;
🐛 🍎 #Vulnerabilities in Apple's #AirPlay Protocol;
🚉 New York's Metropolitan Transportation Authority plans to use #AI and cameras to detect potential subway crimes before they happen;
🇨🇳 @SentinelOne Targeted by Chinese #PurpleHaze Group;
🔐 #Microsoft sets all new accounts #passwordless by default;
🇺🇸 💸 The #Trump administration plans to cut $491 million from #CISA's budget;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2025
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2025 is out!
It includes the following and much more:
🇺🇸 👋🏻 Two top officials from #CISA resigned;
🇺🇸 💬 U.S. Defense Secretary Pete Hegseth caught in another information leak;
📊 Yearly Threat Intelligence Reports Released;
🇺🇸 💸 U.S. lost record $16.6 billion to #cybercrime in 2024;
🇺🇸 5.5 Million Patients Affected by #DataBreach at Yale New Haven Health;
🐛 💥 VulnCheck spotted 159 actively exploited #vulnerabilities in first few months of 2025;
🇺🇸 🇨🇳 FBI is seeking public help to identify Chinese hackers known as #SaltTyphoon and offers $10 million reward;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-17-2025
I see a couple online news sources stating that CISA has extended the funding. They are using statements such as the following:
CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.
They leave out the sourcing on this. Who said it? How was it said? Via direct email requesting a comment? X post? Was it official or OTR? Like, I believe them but please provide SOME form of indication of provenance when claiming statements are made by the US Gov.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #15/2025 is out!
It includes the following and much more:
🇺🇸 The U.S. Department of Justice has disbanded its National #Cryptocurrency Enforcement Unit;
🇳🇱 To tackle #espionage, Dutch government plans to screen university students and researchers;
🐛 Another busy #PatchTuesday;
🐛 #NIST will mark all CVEs published before January 1, 2018, as 'Deferred';
🇺🇸 Trump Signs Memorandum Revoking Security Clearance of Former #CISA Director Chris Krebs;
🇨🇳 #China Admitted to Volt Typhoon #Cyberattacks on US Critical Infrastructure;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-15-2025
I'm looking for a #Tabletop #Cybersecurity incident exercise.
Idealy a sufficiently detailed scenario, similare to a (Solo) Adventure RPG Gamebook.
Any hints?
The #CISA Cybersecurity Scenarios https://www.cisa.gov/resources-tools/resources/cybersecurity-scenarios are going into this direction but contain too little details for me. I just have too little #Incident handling experience to create a coherent exercise which is addapted to participant actions.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #10/2025 is out!
It includes the following and much more:
➝ #CYBERCOM and #CISA Told to Stop Tracking #Russia Actors;
➝ Alleged Black Basta #Ransomware Leader Escapes from Court;
➝ #VMWare 0day Vulnerabilities Being Exploited - Patch Now;
➝ Gang Claims Responsibility on Tata Technologies Breach;
➝ The Great Firewall of #China is Bleeding;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/template-infosec-mashup-xx-2025-b3ff0d41bdc019b3
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #07/2025 is out!
It includes the following and much more:
➝ #8base Site Seized
➝ US National Cyber Director Chosen
➝ US, UK, and Australia Impose Sanctions on Russian Hosting Provider
➝ #CISA Staff Members Put on Administrative Leave
➝ Patch Tuesday Round-up
➝ #Apple has released updates for iOS and iPadOS to fix a serious security flaw
➝ New #zeroday in FortiOS and FortiProxy 🤦♂️
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
As promised, at the end of January, the ICS Advisory Project, with support from Industrial Data Works LLC, will release its annual ICS Vulnerabilities Research Report for CISA ICS Advisories and Other Vendor and CERT advisories reported in ICS[AP] Weekly Summaries.
Key Findings to be discussed:
🔷 Total Number of CISA ICS Advisories for 2023 compared to 2022
🔷 Total number of reported CVEs in CISA ICS Advisories for 2023 compared to 2022
🔶 CVEs reported in ICS[AP] Weekly Summaries for 2023 that did not correlate to CVE identified in CISA ICS Advisories
☣ CVEs reported in 2023 CISA ICS Advisories with no patch or remediation at the time of reporting
🔄 Total number of CVEs correlated from new Vendor and CERT Security Advisories to CISA ICS Advisories released previously for other Vendors
🔎 Identification of the leading top CVE Numbering Authority for ICS Vulnerabilities in 2023
🏭 Top Critical Infrastructure Sectors Impacted by ICS Vulnerabilities
and many more details.
✅ Sign up to receive your copy of ICS[AP] and Industrial Data Works 2023 ICS Vulnerabilities Research Report:
https://docs.google.com/forms/d/e/1FAIpQLSfC490BHoCR4gHekZcMLBgbHMhUQZr7ZVYZG1OkaWdKGwH73g/viewform
#CISA #ics #ot #icssecurity #vulnerabilitymanagement #cybersecurity
Happy New Year! Here are the ICS Advisory Project 2023 Annual Summary Slides for CISA ICS Advisories and this week's Other CERT & Vendor vulnerability advisories weekly summary for 25 – 29 December 2023. Attached are 2023's Annual summary slides.
Link to ICS Advisory Project Annual Summary Slides: https://drive.google.com/file/d/1HYDE_rD1dvJb30r7CuoJuXEYSPNs7MxU/view
This past week, CISA did not release any new ICS Advisories. In its place, the ICS[AP] provided a high-level summary of the 380 CISA ICS Advisories released in 2023. Within this summary, you will find a high-level review of the following:
- Total Number of vendors reported in ICS Advisories ranked by country
- Vendors with a high number of critical severity vulnerabilities
- Overview of Vendor & products Affected Global Distribution & Updated CISA Advisories in 2023
- Overview of 2023 CISA ICS Advisories CVE CVSS Vectors by Severity
- Top 10 CWEs identified on MITRE's 2023 CWE Top 25 Most Dangerous Software Weaknesses (MDSW).
- Most reported impacted Critical Infrastructure sectors and by Vendor
- ICS Asset Type metrics
- Total number of CISA ICS Advisories correlated to CISA KEV Catalog
- Mitigation statics based on CISA ICS Advisories recommendations
- Top Independent Vulnerability Researchers and Research Organizations for 2023
ICS[AP] identified 12 new other CERT and vendor products security advisories were released this week for vulnerabilities in the following Vendor products: Moxa (LTE Wireless Gateway & Ethernet remote I/O with 2-port Ethernet switch), Buffalo (Router), Weintek (HMI), and Gallagher (Access Control System). See Weekly Summary of Other Vendor & CERT Advisories for potentially impacted CI sectors.
View the summary details of other CERT & Vendor product advisories identified last week (25 – 29 December 2023) at: https://drive.google.com/file/d/1wBofoXVnP9m9wAKxx2VCSFeS9tTlNMmg/view?usp=sharing
No updates were added to the CISA KEV Catalog this week.
Visit the ICS[AP] CISA KEV Catalog Dashboards: https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisories
View previous ICS Advisory Project annual and weekly summaries: https://www.icsadvisoryproject.com/ics-advisory-summaries
To view the updated ICS Advisory Project Dashboards, visit: icsadvisoryproject.com
We appreciate everyone's comments & support. Have a great week!
#CISA #ot #ics #otcybersecurity #otsecurity #icscybersecurity
#cybersecurity #cybersecuritythreats #cybersecurityawareness
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2024 is out!
It includes the following and much more:
➝ T-Mobile Confirmed #Breach
➝ Jen Easterly To Leave #CISA in Jan. '25
➝ US Gov. and Security Related Bills
➝ DPRK Workers Funding Missile Programs
➝ #Apple Confirms #ZeroDay Attacks
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-472024?r=299go8
#CISA has updated the KEV catalogue. #cybersecurity #infosec
- CVE-2021-33044: Dahua IP Camera Authentication Bypass Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-33044
- CVE-2021-33045: Dahua IP Camera Authentication Bypass Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-33045
- CVE-2022-0185: #Linux Kernel Heap-Based Buffer Overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0185
- CVE-2021-31196: #Microsoft Exchange Server Information Disclosure Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-31196 @cisacyber
#CISA has added three vulnerabilities to the KEV catalogue. #cybersecurity #infosec
- CVE-2024-4879: ServiceNow Improper Input Validation Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2024-4879
- CVE-2024-5217: ServiceNow Incomplete List of Disallowed Inputs Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2024-5217
- CVE-2023-45249: #Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-45249
You know, I've been using the Internet for a long time. I've been helping build it for a long time. Back in the day I had a copy of O'Reilly's DNS and BIND on my desk.
Never thought about bugs in BIND. I've never even thought of the folks that maintain it. Man I hope they are paid well.
https://thehackernews.com/2024/07/cisa-warns-of-exploitable.html
#Python listed as memory-safe language in latest recommendations by #CISA! 🎉
There's still a gap in resources to migrate Python's package ecosystem to memory-safe programming languages:
https://sethmlarson.dev/security-developer-in-residence-weekly-report-21
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2023 is out! It includes the following and much more:
➝ 🔓 🇬🇧 University of Manchester #CISO Speaks Out on Summer Cyber-Attack
➝ 🔓 🇺🇸 Hacktivists breach U.S. nuclear research lab, steal employee data
➝ 🔓 👀 Sumo Logic Completes Investigation Into Recent Security #Breach
➝ 🔓 🇺🇸 Auto parts giant AutoZone warns of #MOVEit data breach
➝ 🔓 🇨🇦 Canadian government discloses data breach after contractor hacks
➝ 🇦🇫 New 'HrServ.dll' Web Shell Detected in #APT Attack Targeting Afghan Government
➝ 🇬🇧 🇰🇷 UK and South Korea: Hackers use zero-day in supply-chain attack
➝ 🇵🇸 🇮🇱 #Hamas-Linked #Cyberattacks Using Rust-Powered SysJoker #Backdoor Against #Israel
➝ 🇷🇺 😱 “They are tired of him, but they are afraid”: what is known about the leader of the hacker group Killnet
➝ 🇰🇵 N. Korean Hackers Distribute Trojanized #CyberLink Software in Supply Chain Attack
➝ ▶️ 🛒 Play #Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
➝ 🇮🇳 Indian Hack-for-Hire Group Targeted U.S., #China, and More for Over 10 Years
➝ 🇷🇺 Russian hackers use #Ngrok feature and #WinRAR exploit to attack embassies
➝ 🇺🇸 🩺 #CISA Releases Cybersecurity Guidance for #Healthcare, Public Health Organizations
➝ 🇬🇧 🙏🏻 Thanking the vulnerability research community with #NCSC Challenge Coins
➝ 🧅 #Tor Network Removes Risky Relays Associated With #Cryptocurrency Scheme
➝ 🇺🇦 👋🏻 #Ukraine fires top cybersecurity officials
➝ 🩹 Johnson Controls Patches Critical #Vulnerability in Industrial Refrigeration Products
➝ 🦠 🦀 New WailingCrab #Malware Loader Spreading via Shipping-Themed Emails
➝ 🦠 📨 New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
➝ 🦠 🎠 NetSupport #RAT Infections on the Rise - Targeting Government and Business Sectors
➝ 🚫 Google #Chrome will limit ad blockers starting June 2024
➝ 🐛 ☁️ 3 Critical Vulnerabilities Expose #ownCloud Users to Data Breaches
➝ 🔓 ☁️ Researchers Discover Dangerous Exposure of Sensitive #Kubernetes Secrets
➝ 🔓 ☝🏻 New Flaws in Fingerprint Sensors Let Attackers Bypass #Windows Hello Login
➝ 🔓 🩸 ‘#CitrixBleed’ vulnerability targeted by nation-state and criminal hackers: CISA
➝ 🐡 Researchers extract RSA keys from #SSH server signing errors
📚 This week's recommended reading is: "How I Rob Banks: And Other Such Places" by FC a.k.a. Freakyclown
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-week-472023
Okay this is a social norm around here.
Hi, I'm Tod, and I work and play in #infosec. I'm kind of a generalist these days, but if I had to pick some focus areas, I'm into:
Teaching people how #hacking works
Coordinated vulnerability disclosure
Counting things on the internet
Election and voting systems
Medical systems
Open source offensive security tooling (like #Metasploit)
I have a wife with whom I enjoy a very #sexy attorney-client relationship.
I have a bunch of kids. Some of those kids are now adults. One of them is no longer an adult. I am constantly trying to educate my kids in #GenX culture, and I lean on them to keep up with #Zoomer things.
I care about politics and social issues and democracy and equality of opportunity. Some of these cares are radical. Many are hypocritical. I'm pretty comfortable with my own level of socio-political hypocrisy, though.
I'm a fed, but at #CISA (not a cop, not a spy). The idea is that I can do public good for the #internet at scale. Some of that public good is #CVD (coordinated vulnerability disclosure).
I live in #Austin, #Texas. I spend as much time at the #AlamoDrafthouse as I can, responsibly -- I like craft beer and craft movies.
I perform, edit, and publish a #podcast with said wife about #Lovecraft fiction which you can hear at https://podsothoth.club or follow at @podsothoth.
I play a lot of Lovecraft-themed games (AH:TCG, Eldritch Horror, and Call of #Cthulhu #RPG). I ran a tabletop #VTM game with some friends over pandemic, and it was so fun that I'm now running a #CoC game IRL (if you're in Austin, let me know if you want in!). I've been involved in these hobbies, off and on, for 30 years. I like other #boardgames too.
I don't care about most video games, except for the few I care a lot about (#Nethack, #Civilization, #Portal, and #Factorio, primarily. #HOI4 is my new unhealthy addiction.)
I like most people I meet.
That's it! That's my whole thing!
