#cti #dfir #natsec #netsec and other secs. Downloading things from the Internet and looking at them. Views are my own.
I am very excited to share that I will be speaking at this year's edition of NATO @ccdcoe CyCon conference. The lineup is top notch and I can't emphasise enough how honoured I am to be able to share the stage with the rest of speakers.
It is hardly a secret that globally we are seeing major shifts in approach to security posture, especially in Europe. Hence I am very proud that I will have an opportunity to contribute to the discussion on cyber threats we are facing.
See you all in Tallinn!
If you somehow still think that cybersecurity can be disjoint from politics, just consider that you will struggle to find threat intel vendor report describing more consequential APT operation than this doc does https://upload.wikimedia.org/wikipedia/commons/e/e4/Report_On_The_Investigation_Into_Russian_Interference_In_The_2016_Presidential_Election.pdf
Mój krótki komentarz odnośnie niedawnych zmian w podejściu CISA i Cyber Command do rosyjskich operacji cyber.
My short commentary regarding recently reported changes in CISA and US Cyber Command approach to Russian operations.
After a hiatus please check out a new post on counterintelligence.pl. This time a bit different theme and form but for details please the post itself :)
https://counterintelligence.pl/en/2025/02/ai-cyberbezpieczenstwo-i-europejska-perspektywa/
Po dłuższej przerwie zapraszam do wpisu na counterintelligence.pl. Tym razem trochę inna tematyka i forma ale po szczegóły zapraszam już do samego posta :)
https://counterintelligence.pl/2025/02/ai-cyberbezpieczenstwo-i-europejska-perspektywa/
"While it’s unlikely we could get rid of CISA, we survived for what, 248 years without them," [Rand] Paul said.
🤦
I mean, "yay...job security..."
But also: 🤦
https://www.politico.com/news/2024/11/14/rand-paul-kneecap-cisa-00189698
@dannyjpalmer when tech is not political? :p
Over on cybersecurity Reddit, the mods are removing any 'political discussion'
"This subreddit is dedicated to technical topics, and we intend to keep it that way."
Because tech is never ever political in any way, right? 🤷♂️
https://www.reddit.com/r/cybersecurity/comments/1gj1l9g/zero_tolerance_for_political_discussions/
Ransomware, szpiegostwo, wipery - publiczne i prywatne instytucje muszą stawić czoła szerokiemu spektrum ataków. 🎯 Obrona zwykle kojarzy się z technicznymi działaniami zespołów cybersecurity, ale w przypadku bezpieczeństwa narodowego i infrastruktury krytycznej potrzebne są też strategiczne działania zniechęcające potencjalnych atakujących. Czy jednak są one skuteczne?
Kamil Bojarski (@lawsecnet) przeanalizuje efektywność strategii odstraszania i omówi koncepcję persistent engagement. Zastanowi się również, jak techniczne i polityczne środki oddziaływania na napastników mogą się uzupełniać i jaki może być dalszy kierunek strategicznego podejścia do operacji cyber.
Zobaczcie jego wykład na https://omhconf.pl - z kodem ZAUFANA15 otrzymacie 15% zniżki na bilety. 🙂
Hand tracking in DCS is not super useful yet but definitely got some roleplay value. #dcs #fa18c #foreignrelations
Just Sunday things hunting MiGs and supporting strike missions on enemy's coastal infrastructure. #dcs #fa18c #foxone
Krótko i treściwie, dlaczego warto używać Signala i jak go zainstalować (nadaje się do podsyłania mniej technicznym znajomym, których chcemy przekonać do jedynego słusznego komunikatora ;-))
https://www.youtube.com/watch?v=iwB_zC51KlY
PS. Czy można jeszcze liczyć na jakąś instancję Invidious, czy YouTube pokonał już wszystkie?
@signalapp @mateuszchrobok #infosec #cyberbezpieczenstwo #signal
Bardzo miło mi poinformować, że już 26 listopada widzimy się na Oh My Hack! Będę opowiadał o politycznej stronie odpowiedzi na operacje cyber, odstraszaniu, i wszelkich próbach kształtowania zachowań adwersarzy. Jeżeli więc chcecie posłuchać o tym co to ten cały DIMEFIL, albo jak USA zdecydowało się wyjść atakującym naprzeciw to zapraszam serdecznie :)
OMG finally managed to run Command on my M1 MBP. Tbh not sure what happened, perhaps @parallels update, but finally it is working well :) Now I can run truly modern and mobile operations.
Very important and necessary piece from @Jason_Healey I couldn't agree more with need to have strategic indicators of if cybersecurity efforts are working at all in the big picture. Understandably most private sector security teams focus on tactical outcomes and direct impact on the security posture of their organization. However, this can as well very easily turn to guestimation without understanding of how thwarting certain elements of tradecraft translates into actual defensive advantage/increasing the bar for adversary.
Just a check in on how elections for the position of Commander in Chief of the world’s only superpower with global force projection capabilities are going. 🫠🫠🫠
I really enjoyed this episode of War on the Rocks Net Assessment and I think it is a worthwhile listen even if you are not specifically interested in national security. The issues of hedging assessments to avoid being the one who did not call out threat and that if everything is priority, nothing is are definitely applicable to cyber realm and other security disciplines.
Nice touch emphasizing difficulties of threat assessment was anecdote about a book by Ash Carter and William Perry about US national security issues that mentioned that at the time US had no A-list threats. And apparently that book was published in 2000. Of course I couldn't help but find the book and it is "Preventive Defense: A New Security Strategy for America" published 1 September 2000. It indeed claims that the post-cold war period has been unusually happy and free of A-list threats. But perhaps even more interestingly it does mention threat of catastrophic terrorism, however claims that the threat is terrorists "making a quantum leap" from airline hijackings to nuclear, chemical, biological, and even cyber attacks. Just an another example of how difficult it is to model threats and take into account multitude possible scenarios.
https://warontherocks.com/2024/08/is-everything-a-matter-of-national-security/
Not every day you can read joint op-ed from heads of CIA and SIS. Hence, even more interesting to see which areas and threats are in focus here and which actions are specifically called out. While those might seem like a standard set of issues (Russia, China, Middle East, counterterrorism) reiterating their importance, rather than taking chance to highlight a singular, issue shows that even situation as drastic as invasion of Ukraine cannot take over priorities in terms of threat analysis.
>Russia’s actions are a flagrant breach of the UN Charter and global norms. We will continue to aid our brave, resolute Ukrainian intelligence partners. We are proud to do so, and stand in awe of Ukraine’s resilience, innovation and élan.
>Beyond Ukraine, we continue to work together to disrupt the reckless campaign of sabotage across Europe being waged by Russian intelligence, and its cynical use of technology to spread lies and disinformation designed to drive wedges between us.
>For both the CIA and SIS, the rise of China is the principal intelligence and geopolitical challenge of the 21st century, and we have reorganised our services to reflect that priority.
>In the Middle East, SIS and the CIA have exploited our intelligence channels to push hard for restraint and de-escalation. Our services are working ceaselessly to achieve a ceasefire and hostage deal in Gaza, which could end the suffering and appalling loss of life of Palestinian civilians and bring home the hostages after 11 months of hellish confinement by Hamas (...)
https://www.ft.com/content/252d7cc6-27de-46c0-9697-f3eb04888e70
Congratulations @maxWSmeets and really looking forward to this one!
It is hard to imagine more of a flagship cybersecurity issue. Ransomware showed how borderless nature of cyber operations and almost unlimited attack surface enabled its road from a simple eCrime monetization mechanism to tool of state-on-state activities.
As such very timely publication and my expectations are very high :D
