Editor-in-Chief of Help Net Security.
I use this account for work and privately.
Work-related interests: Anything and everything to do with information security and related topics.
Personal interests: As above, + hiking, painting/art, development and use of language, human psychology, gardening and plant ecology... Always open to picking up new ones and often falling down internet rabbit holes.
Opexus, which is owned by the private equity firm Thoma Bravo and provides software services for processing US government records, was compromised in February by two employees who’d previously been convicted of hacking into the US State Department.
https://www.insurancejournal.com/news/national/2025/05/21/824641.htm
Signal have rolled out an update to all users that stops Microsoft Recall from capturing Signal conversations.
I’ve tested this and it works. Brilliant work by the @signalapp team. 💪
They call on Microsoft to build better, as there was no standardised way as an app developer to do this. Because Signal is open source, now app developers have a template to protect their users from Windows.
Our Red Team found multiple ways to get around SharePoint’s “Restricted View” and exfiltrate data. Here's how...
Jack walks through Red Team methods using OCR and screenshots, Copilot, browser tricks, and HTML scraping to keep and collect data.
No matter the file type (TXT, PPTX, XLSX), there's a way...
📌Read here: https://www.pentestpartners.com/security-blog/bypassing-sharepoint-restricted-view-to-exfiltrate-data/
If you’re relying on “Restricted View” to protect sensitive data, it’s time to rethink.
#redteam #cybersecurity #infosec #sharepoint #microsoft365 #datasecurity #restrictedview #copilot
Malicious RVTools installer found on official site
https://www.helpnetsecurity.com/2025/05/19/rvtools-installer-malware/
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Reported by @cert_eu
60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
https://databreaches.net/2025/05/08/60k-btc-wallets-tied-to-lockbit-ransomware-gang-leaked/
Wide agreement across 239 civil society organizations, companies, and cybersecurity experts, including Global Encryption Coalition members, that the UK should rescind its backdoor demands: https://www.globalencryption.org/2025/02/joint-letter-on-the-uk-governments-use-of-investigatory-powers-act-to-attack-end-to-end-encryption/
When asked what privacy means to him, Altman answered that he “would be too shy to say that in this room.” :blob_gnikniht:
https://therecord.media/sam-altman-openai-privacy-safeguards
@Sarahp it’s awesome that you have a presence here on mastodon. It’s also awesome that you’re writing cogent things that actually understand social media and how networks work. (Thinking about this bit at tech crunch). You’re right that people can move from server to server to avoid censorship on mastodon. You left out what a government has to do to censor an actually decentralized service. With bluesky they call up bluesky and they can get a lot of censorship done with one phone call. Not 100%, but if bluesky stops relaying for a person, their reach is significantly diminished.
To censor someone on the fediverse, the government has to play whack-a-mole with mastodon, peer tube, loops, and all the other servers. That’s far more resistant to censorship than the absence of some labelling data.
Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely?
While this feature may come in handy when dealing with trusted family, friends and colleagues, threat actors have started abusing it to install malware on targets’ computer.
https://www.helpnetsecurity.com/2025/04/18/zoom-remote-control-attack/
New from 404 Media: that "college protester" you see online isn't real. Instead it's an AI-powered undercover bot for cops.
We've obtained documents showing how 'Massive Blue' is helping cops deploy AI-powered social media bots to talk to protesters. Examples:
https://www.404media.co/this-college-protester-isnt-real-its-an-ai-powered-undercover-bot-for-cops/
Windows NTLM vulnerability exploited in multiple attack campaigns
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors. Active exploitation in the wild has been observed since March 19, 2025.
RCE flaw in MSP-friendly file sharing platform exploited by attackers since March 2025.
April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day that's under active attack.
https://www.helpnetsecurity.com/2025/04/08/patch-tuesday-microsoft-zero-day-cve-2025-29824/
CBS report CISA are going to be DOGE'd again, and will send a second 'fork in the road' email and lay off or force out another 40% of their staff (a very significant number of people).
Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
