@tomatospy @thegrugq 'why do cyber attacks have to be mean?'
It's as if The Grugq had his own Ueshiba epiphany. According to the stories, that's how he gave up fighting and created Aikido.

Interesting premise and great discussion btw

@mdh @GossiTheDog @euroinfosec

Yes. That’s right, Google https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai and OpenAI https://cdn.openai.com/threat-intelligence-reports/influence-and-cyber-operations-an-update_October-2024.pdf have said that it is being used.

These reports are both based on examining how AI models are being used.

My guess is the disconnect arises because from an incident response perspective use of AI tools is not obvious.

@peterdowley I’d heard of it but haven’t listened to it, thanks for the recommendation.

@geraldew Haha, definitely a tomatospy and it is uncannily like my profile picture too.

[Chinese] APTs Behaving Badly

"We'd describe 'acceptable behaviour' as being targeted at national security rather than economic interests, carrying out proportionate operations and avoiding unnecessary harm to third parties. Many cyber actors, including the US and allies, generally adhere to these behaviours, but others, including Chinese actors, do not." 

[...]

"Mass deployment of malware is unacceptable because it causes unnecessary collateral damage — not the done thing for a responsible state program. To make matters worse, once Sophos had cottoned on to the intrusions, Guan and his colleagues allegedly altered their malware to make it more damaging, in a kind of scorched earth policy. If victims attempted to remove the malware, it would deploy encryption from the Ragnarok ransomware variant. We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure.."

Via @tomatospy - https://news.risky.biz/fcc-to-demand-telcos-improve-security/

#cybersecurity #china #apt #malware

@riskybusiness @ajsta @riskybiz @metlstorm Yes, what Pat said. I'll just add that when I write about this topic it is really a message to the tech community trying to explain how the world works and that they should think about and have plans for how to manage the issue.

This week's Seriously Risky Business is out:

- China v World in cyber security reports
- US Fedgov situation normal: gaping security holes
- DoJ outs Russian social media manipulation

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-world-vs-china-cyber-security-reporting/id1621305970?i=1000662589106

Or read here:
https://news.risky.biz/china-vs-world-cyber-security-reporting-duel/

This week's Seriously Risky Business:

- When it is good business to hack your customers
- When state actors drop turds on the way out
- Drawing a line with indictments

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-when-hacking-customers-is-good-business/id1621305970?i=1000661106527

Or read here:
https://news.risky.biz/when-regulation-encourages-isps-to-hack-their-customers-2/

This week's Seriously Risky Business:

- When it is good business to hack your customers
- When state actors drop turds on the way out
- Drawing a line with indictments

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-when-hacking-customers-is-good-business/id1621305970?i=1000661106527

Or read here:
https://news.risky.biz/when-regulation-encourages-isps-to-hack-their-customers-2/

The latest Seriously Risky Business is out.

I write about:
- how cyber command is like a half-ripe melon
- how scattered spider is like Hollywood
- and why TikTok's influence report is too little, too late

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-cyber-command-is-a-half-ripe-melon/id1621305970?i=1000657246571

Or read here:
https://news.risky.biz/tiktok-manipulation-report-is-too-little-too-late/

This week's Seriously Risky Business.

- The UK govt to think about introducing a licensing requirement before ransomware payments
- As threats get more aggressive and coercive, agencies need to step up their game

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-uk-to-consider-licensing-ransomware/id1621305970?i=1000656470285

Or read here:
https://news.risky.biz/uk-government-to-consider-licensing-ransomware-payments/

This week's Seriously Risky Business is out:

- Amnesty International flags possible spyware abuse in Indonesia
- Hospitals fight back against punishing cybersecurity regulations

listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-the-proliferation-of-spyware/id1621305970?i=1000655748296

or read here:
https://news.risky.biz/amnesty-flags-possible-spyware-abuse-in-indonesia/

This week's Seriously Risky Business:

- How Microsoft has made security the new black
- Ransomware kingping outed and friendless
- Digging deeper into the Change Healthcare disaster

listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-security-the-new-marketing-mantra/id1621305970?i=1000655004325

Or read here:
https://news.risky.biz/microsoft-makes-security-the-new-black/

@afx yep, you are right:
https://www.cookielaw.org/the-cookie-law/

This week's Seriously Risky Business:

- The FTC is the tip of the spear
- Security is top priority for Microsoft, immediately behind after AI, cloud, and Teams...
- First drones, then cars

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-the-problem-with-big-tech/id1621305970?i=1000654244702

Or read here:
https://news.risky.biz/ftc-is-the-tip-of-the-spear/

Socket CEO @feross recently joined @tomatospy on the Risky Business podcast where they discussed changes that made the OSS ecosystem more vulnerable, including the rise of small packages, the zero-cost dependency mentality, and shifts in maintainership. https://socket.dev/blog/risky-biz-podcast-how-shifts-in-open-source-made-it-a-prime-attack-vector

This week's Seriously Risky Business:
- UK leads in cybercrime money laundering!?
- Sandworm an inspiration for hostile actors
- When police hack the hackers

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-sandworm-an-inspiration-for-hostile-actors/id1621305970?i=1000653522592

Read here:
https://news.risky.biz/sandworm-an-inspiration-for-hostile-actors/

@tomatospy isn't pulling any punches (and is absolutely correct, IMO) on today's Risky Biz newsletter.

https://news.risky.biz/corporate-freeloading-makes-open-source-vulnerable/

This week's Seriously Risky Business is out:

- Why the compromise of open source projects is inevitable
- Sisense loses a bucket-load of keys
- Microsoft dependency a strategic risk

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-why-the-compromise-of-open/id1621305970?i=1000652803434

Read here:
https://news.risky.biz/corporate-freeloading-makes-open-source-vulnerable/

This week's Seriously Risky Business:
- When honeypots violate norms
- The Big Tech bogeyman in privacy reform
- When vendors wash their hands of security

Listen here:
https://podcasts.apple.com/au/podcast/srsly-risky-biz-states-behaving-badly/id1621305970?i=1000652098667

Or read here:
https://news.risky.biz/norms-what-norms-honeypots-harassment-on-the-up/