CISA's initial email announcement reducing public-facing security products preserved RSS feeds. But the website language has been updated to drop RSS as a remaining source.

The stated reasoning ("CISA wants this critical information to get the attention it deserves and ensure it is easier to find") is ... specious at best.

Even if we stipulate that keeping the general website less noisy is a net win, they could just ... provide a different web page? And it would be trivial to also create a separate RSS feed just for the vulnerability announcements. The automation is clearly already there and would be relatively easy to modify.

The actual reasoning is different from the stated reasoning, and is left as an exercise for the reader.

Edit: Jerry is setting up an email-to-Mastodon shim here!

https://infosec.exchange/@cisareflector

... which can then be followed as an RSS feed:

https://infosec.exchange/@cisareflector.rss

#CISA

When incidents hit, how you communicate can shape the outcome.

This week’s THOR Collective Dispatch features @audrastreetman, former journalist turned cyber intel analyst.

https://dispatch.thorcollective.com/p/how-communication-shapes-the-outcome

#cybersecurity #incidentresponse #communication #infosec #THORcollective #thrunting

Wow. CVE database is in serious trouble, tomorrow.

The cyber industry as a whole is in trouble also really, it’s the elephant in the room - the collapse of the White House’s support for cybersecurity is obvious and pronounced due to widespread cutbacks.

✨Representation is a security issue✨
Check out this THOR Collective Dispatch on why cyber needs more women and intersectional diversity.

Read it here: https://dispatch.thorcollective.com/p/why-we-need-more-women-and-intersectional-diversity-in-cyber

#cybersecurity #dei #womenincyber #representationmatters #inclusivesecurity #thrunting #THORcollective

Bleeping Computer say multiple Oracle customers confirm their customer data has been stolen. Oracle continue to deny there is a problem.

https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/

Last week THOR Collective Dispatch covered blind purple teaming. This week? Full transparency. Red & Blue sharing every move, learning together in real time.
💜
Check it out: https://dispatch.thorcollective.com/p/purple-teaming-in-plain-sight

#purpleteaming #threathunting #thrunting #cybersecurity #infosec

Registration is open for the SANS New2Cyber Summit on March 13! The free virtual event is for anyone new to #cybersecurity or looking to level up their skills. I'm presenting at 4:25pm ET about my career change from local TV news to cyber threat intelligence:
https://www.sans.org/cyber-security-training-events/newtocyber-summit-2025/

Threat hunters - if you haven't already, check out HEARTH (the Hunting Exchange and Research Threat Hub). It's a new, community-driven repository for hunt ideas, methodologies, and research:

https://github.com/triw0lf/HEARTH

#cybersecurity #infosec

The August Staff Picks for Splunk Security Reading blog is out with the #cybersecurity news and research we found most interesting this month:
https://www.splunk.com/en_us/blog/security/staff-picks-for-splunk-security-reading-august-2024.html

Ep. 2 of The Security Detail is out! This week, @Lawyerliz, founder of Silver Key Strategies, discusses her research using large language models (LLMs) to analyze SEC 8-K filings and other public reporting to gain #cybersecurity insights.
https://thesecuritydetail.podbean.com/e/liz-wharton/

Season 3 of The Security Detail is here! In our first episode, hear from Tom Marsland, board chair of VetSec, about how the non-profit helps veterans and transitioning military members find careers in cybersecurity.

https://thesecuritydetail.podbean.com/e/veterans-cybersecurity/

The May Staff Picks for Splunk Security Reading blog is out with the #cybersecurity news and research we found most interesting this month:
https://www.splunk.com/en_us/blog/security/staff-picks-for-splunk-security-reading-may-2024.html

ICYMI: @DavidJBianco had a great talk at #RSAC this morning about how Splunk's PEAK threat hunting framework improves upon Sqrrl, a framework he also helped develop. https://www.techtarget.com/searchsecurity/news/366583463/Splunk-details-Sqrrl-screw-ups-that-hampered-threat-hunting
#cybersecurity

In the final episode of season 2 of The Security Detail, hear from past interview guests about the skills they think will be most import in the future for cybersecurity professionals. Here's one excerpt from Adam Pennington who leads the MITRE ATT&CK project.

You can listen to the full episode here: https://thesecuritydetail.podbean.com/e/skills/

#cybersecurity #infosec

The April Staff Picks for Splunk Security Reading blog is out with the #cybersecurity news and research we found most interesting this month:
https://www.splunk.com/en_us/blog/security/staff-picks-for-splunk-security-reading-april-2024.html

ICYMI: Episode 8 of The Security Detail features predictions from past interview guests about the future of emerging technologies like generative AI and quantum computing.

You can listen to the full episode here:
https://thesecuritydetail.podbean.com/e/emerging-technology/

#cybersecurity #ai #quantumcomputing

ICYMI: Adam Pennington (@_whatshisface) recently joined The Security Detail to talk about the origins of MITRE ATT&CK and how to leverage the framework for adversary emulation and red teaming. You can listen to the full episode here:
https://thesecuritydetail.podbean.com/e/mitre-attack/

#cybersecurity

The @sansinstitute published their annual threat hunting survey recently, and I found something very surprising in it. Here's me to tell you all about it.

The March Staff Picks for Splunk Security Reading blog is out with the #cybersecurity news and research we found most interesting last month:

https://www.splunk.com/en_us/blog/security/staff-picks-for-splunk-security-reading-march-2024.html

Ep. 7 of The Security Detail is out! This week Adam Pennington (@_whatshisface) tells us about the origin and evolution of MITRE ATT&CK and how organizations can best leverage the framework:

https://thesecuritydetail.podbean.com/e/mitre-attack/
#cybersecurity