Lily H. Cuts Through Mythos Hype, Finds Kernels of Truth
So much breathless hyperbole this week about Anthropic's Mythos, no doubt ignited by genius way the company marketed it with elite access and bold unproven claims. @lilyhnewman does good job examining the hype and where it might also prove to be true https://t.co/5YNHSyApJl
Ex‑Trenchant Exec Sold Exploits Amid Depression, Money Woes
Former Trenchant exec who stole exploits from his employer and sold them to Russian broker says he was suffering depression & money troubles when he decided to sell exploits. New info also reveals work he did for Australian intel agency...
Adam Back Refutes Satoshi Claim, Cites Confirmation Bias Warning
Adam Back denies he's Satoshi Nakamoto and also describes how he warned the NYT author against confirmation bias in his research and analysis before he published his story claiming Back is Nakamoto
LinkedIn Silently Harvests Chrome Extension Data
Every time you open LinkedIn in a Chrome or Chromium-based browser, covert code silently scans your browser for info about any extensions you've installed, then transmits the info back to LinkedIn and partners. From this, they can glean info about...
US Proposes Runway Operation to Seize 1,000 Pounds Uranium
“The U.S. military has given the president a plan to seize nearly 1,000 pounds of highly enriched uranium in Iran that would involve flying in excavation equipment and building a runway for cargo planes to take the radioactive material out”
SIM Swaps Bypass 2FA, Exposing Unprotected Accounts
This hack often occurs 1) if accountholder fails to protect account with two-factor authentication and their credentials get leaked thru an infostealer or 2) account is protected with 2FA but hackers succeed to get accountholder's phone SIM swapped to their...
Google Targets 2029 for Post‑quantum Authentication Rollout
Quantum cryptography now has a deadline. Google has announced that it has set 2029 as the year by which it will have migrated authentication services to post-quantum cryptography. Will it win the race to secure against quantum attacks before they...
Apple Silently Patches iOS via Hidden Incremental Updates
Apple has been installing silent fixes on your devices. These fixes don't require an entire OS update, and they get same version # as previous whole update, but with (a) appended to version #. These silent fixes then get incorporated...
Attack Triggers only via Lithuanian‑registered iPhone Link
"the attack would be launched only if I would access the link using an iPhone registered in Lithuania"
Modern Individualism: From Ancient Silence to Self‑Reflection
Andreessen: 400 years ago it never would have occurred to anybody to be introspective.... The great men of history didn't sit around doing any of this stuff.... Western civilization had to kind of invent the concept of the individual" Marcus Aurelius:...
UAE's Defense Spend Dwarfs Iran's Attack Budget
Context matters Iran spent: Ballistic missiles: ~$165–330M Drones: ~$11–27M Total: ~$177–360M UAE spent: Ballistic missile defense: ~$1.2–1.52B Drone defense: ~$253–759M Total: ~$1.45–2.28B "UAE spent 5-10x more defending than Iran spent attacking" https://t.co/36WBaQgePE
AI Agents Autonomously Hack Simulated Network, Bypass Security
AI agents told to conduct routine tasks on a simulated corporate network went rogue. "No adversarial prompting was involved. The agents independently discovered vulnerabilities, escalated privileges, disabled security tools, and exfiltrated data." https://t.co/jDjDgPb5rk
Russian Spies Duped Ordinary Europeans Into Delivering Explosives
Russian intel recruited ordinary citizens across Europe to post packages to the UK and Poland that turned out to contain explosives. I hadn't heard about this when the couriers were arrested. Now one has spoken about how he was tricked...
Five Lawsuits, $20 Payout: Class‑action Reality
I'm part of about 5 different class-action lawsuits at the moment and I just got my payout for one of them: $20 🙂
FBI Alerts California: Iran Plans Offshore Drone Strikes if Attacked
FBI recently sent warning to California police about intelligence it obtained from Feb that Iran "aspired" to launch drone strikes in the event the US attacked Iran. They planned to hit unspecified targets in the state from a vessel located...
Oil Above $100 Forces Nationwide Price Adjustments
Oil prices sourced to $120 a barrel on Sunday before dropping to $104. As Billy Bob Thornton notes in this TV clip, at $100+ per barrel, "every product in America has to readjust its price"
Iran's IRGC Threatens US Tech Firms Linked to Israel
Iran's IRGC warns that offices/infrastructure of US firms with links to Israel or whose technology has been used to assist the military will be targeted for physical attack. This includes infrastructure of Google, Palantir, Microsoft, IBM, Nvidia, Oracle https://t.co/M5nw4IhpCK
Iranian Hacktivists Wipe Stryker Employee Devices in Cyberattack
US medical device maker Stryker hit with cyberattack from Iranian hacktivists who remotely wiped employee devices. "many employees have had their device data wiped and cannot access their accounts" Stryker makes surgical/imaging equipment, defibrillators https://t.co/PA2eBYjPfK
Memoir Hype Repeats: Publishers Skip Vetting, Celebrities Amplify
It seems like this story gets repeated every few years. Someone writes a memoir. The book publisher does no due diligence to determine the story's credibility. Oprah and other celebrities heavily promote the book. Then questions arise. https://t.co/zCywhXJble
Graham Claims US Will Profit From Iran War
Sen Lindsey Graham promises US will gain oil/money from Iran war: "We are going to make a ton of money... Venezuela and Iran have 31% of the world’s oil reserves. We’re going to have a partnership with 31% of the...
Trump Administration Shifts From Layoffs to Hiring Spree
After firing thousands of workers, Trump admin now on hiring spree. “We probably have some skills that we now need to hire back, quite frankly,” says head of the Office of Personnel Management. https://t.co/LzqxsR63AM
Cyber Tools: Both Promise and Limits Against Iran's Nuclear Threat
I guess it's fitting that I spent a couple of hours this week signing 400 copies of Countdown to Zero Day for a conference -- fitting because it's a reminder, in regards to Iran's nuclear program, of both the advantages...
Threat Actors Downgrade vSmart Controller to Exploit Root Access
"Using the built-in update mechanism the actor downgraded a vSmart controller to a version with...known local privilege escalation vulnerabilities.... Achieving...persistence as the user ‘root’, the actor [then] restored..controller to [previous] version" https://t.co/PcdPHtzgCR
Ex‑Trenchant Exec Gets 7‑year Sentence
Peter Williams, the former Trenchant exec who stole zero-day exploits from his employer and sold them to a Russian exploit buyer, was sentenced today to 7 years and 3 months in a hearing that was partially closed to the public...
Researcher Traces Death Threats to Snowflake Hack Suspect
When hacker named "Waifu" and "Judische" made death threats against security researcher Allison Nixon, she had no idea why he targeted her. So she set out to unmask him. The quest led her to Connor Moucka, a 25-yr-old behind infamous...
China's Expedition Cloud Trains Hackers on Replica Critical Networks
Leaked files detail a training platform called "Expedition Cloud" that is designed to allow China's hackers to practice hacking critical infrastructure of China’s opponents in South China Sea and Indochina region using replicas of those networks https://t.co/jbJhbj9JRi