Surveillance Report 218 has landed. This week: #Amazon removes the option to keep #Echo voice recordings local, #SaudiArabia purchases #Pokemon Go, and #Brazil forces #Apple to allow sideloading on #iPhone

https://www.youtube.com/watch?v=Rtwv6tBoZWE

What Really Happened With the DDoS Attacks That Took Down X
—@WIRED

｢ Kevin Beaumont and other analysts see evidence that some X origin servers, which respond to web requests, weren't properly secured behind the company's Cloudflare DDoS protection and were publicly visible. As a result, attackers could target them directly. X has since secured the servers ｣

https://www.wired.com/story/x-ddos-attack-march-2025/

I just published the source code for my very naive #Python implementation for generating a node network based on MITRE Intrusion Sets and Techniques. It will output linked #Markdown files linking intrusion sets to their used techniques.

Perhaps someone finds it useful or interesting to experiment with.

Source code: https://github.com/cstromblad/markdown_node

I hinted at this in a thread started by @Viss where he asked for input on a few very likely malicious domains. Me @Viss @cR0w @neurovagrant and others did some OSINT fun work with a couple of the original domains.

It was this thread: https://mastodon.social/@Viss/114145122623079635

Now I posted a picture of a node network rendered in Obsidian and I hinted that perhaps Obsidian could be used as a poor mans version of performing threat intelligence work.

#BlackBasta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. #Ransomware #CyberAlerts #Cybersecurity
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/

A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. #Cryptocurrency #PhishingAlert #Cybersecurity https://www.bleepingcomputer.com/news/security/coinbase-phishing-email-tricks-users-with-fake-wallet-migration/

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of #Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. #RansomwareAttacks #Cybersecurity https://www.bleepingcomputer.com/news/security/gpu-powered-akira-ransomware-decryptor-released-on-github/

The fallout from the malicious tj-actions/changed-files is still being investigated. It is fortunate that this malicious commit was identified fairly quickly, as further compromise of major OSS components and projects could lead to a kind of chain reaction.

- https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
- https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/

#Coinbase #phishing #email tricks users with fake wallet migration

https://www.bleepingcomputer.com/news/security/coinbase-phishing-email-tricks-users-with-fake-wallet-migration/

#ClickFix: How to Infect Your #PC in Three Easy Steps

https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/

Dramaturgie eines Milliardencoups: Erste Untersuchungsdetails zum Fall Bybit

Die Kryptobörse Bybit erlitt mit einem Wallet des Anbieters "Safe" einen Milliardendiebstahl, wohl auch durch Social Engineering.

https://www.heise.de/news/Dramaturgie-eines-Milliardencoups-Erste-Untersuchungsdetails-zum-Fall-Bybit-10316989.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cisco #IOSXR vulnerability lets attackers crash #BGP on routers

https://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/

‘Absurd’

When you have the press and civil society camped outside the courtroom, the secret might be out

Even so, we’re still denied the reasons why the UK government wants to take a battering ram to our security and privacy.

It shows contempt for the public interest in the Apple encryption case.

https://pressgazette.co.uk/media_law/apple-encryption-government-press-appeal-tribunal-snoopers-charter/

Hey everyone involved in #ComputerScience, are you looking for a #job in #academia?

Aalto University in Finland has several positions open for assistant professors. The topics include #MachineLearning, #Programming, #ComputerArchitecture, #CyberSecurity, #SoftwareEngineering and Human-Computer Interactions.

https://www.aalto.fi/en/department-of-computer-science/assistant-professor-positions

Is today #FediHire Friday? Sure looks like it!

What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large environment. Interested in relocating outside of the US. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively.

My main focus the last few years has been rebuilding and modernizing a struggling certificate management team. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack, getting a handle on our web PKI consumption, and making massive improvements to our certificate lifecycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My background in understanding deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.

This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've been training and teaching junior and mid-level engineers both practical PKI concepts and our specific enterprise requirements. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.

While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.

My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.

In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can do their best.

Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.

PMs open if you want to talk details. Boosts/reshares appreciated.

#Windows #Defender Now Flags #WinRing0 Driver as Security Threat, Breaking Multiple PC Monitoring Tools

https://it.slashdot.org/story/25/03/14/1351225/windows-defender-now-flags-winring0-driver-as-security-threat-breaking-multiple-pc-monitoring-tools

End-to-end encrypted #RCS messaging on #iPhone coming in future software update

https://9to5mac.com/2025/03/14/end-to-end-encrypted-rcs-messaging-on-iphone/

A New Era of Attacks on #Encryption Is Starting to Heat Up

https://www.wired.com/story/a-new-era-of-attacks-on-encryption-is-starting-to-heat-up/

Chinese Hackers Sat Undetected in Small #Massachusetts Power Utility for Months

https://www.pcmag.com/news/chinese-hackers-sat-undetected-in-small-massachusetts-power-utility-for