Essential Digital Security Guide Still Relevant After FBI Seizure
I know people are looking for digital security guides and checklists in light of the FBI seizing devices of a Washington Post reporter. Here’s a guide I wrote for @gijn in 2024, which remains up to date and relevant. https://t.co/9vBMK8r1vV
Secure Solutions for Journalists and At‑Risk Professionals
I started Granitt in 2022 to help journalists and other groups of at-risk people continue to do their work safely and securely. Please get in touch if you’re looking for an assessment, policy and process development, training, or presentation. https://t.co/5eyprsSuBF
FBI Seizes Reporter’s Devices, Including Encrypted Drive
Here are the items the FBI seized from Washington Post reporter Hannah Natanson: a recorder, two laptops, an external drive, a smart watch, an iPhone. Her December article mentioned that she stored reporting notes on an encrypted external drive, so...
Claude Extension Serves as Fallback when Browsers Blocked
When you don't have an Skill/MCP, a headless browser is blocked, curl and fetch are blocked... the Claude extension is a slow but serviceable backup.
Rethink Dispute Processes to Turn Fraud Into Advantage
Banks can turn first-party fraud from a hidden vulnerability into a competitive advantage if they rethink dispute processes. Join our conversation with @shanthi_peace, CEO of Casap. Watch the full episode: https://t.co/aCTj9YH63K https://t.co/vmuPbei31q
Defender, Not Attacker, Determines Cyber Attack Impact
I wrote a short post on how the impact of cyber attacks is determined by the target, not the attacker. It’s important to remember how much control the defender has over not just the terrain but the effects of an...
Ethereum's Transaction Record Skewed by Address Poisoning Attacks
Ethereum just hit an all-time high in daily transactions But much of the activity was driven by address poisoning attacks https://t.co/rBDQRtSqza
AI Fuels Buggy Bounty Incentives; cURL Exits to Reset
AI was the accelerant on a perverse incentive fire sparked by bug bounty platforms that reward spray & pray. Both open source & orgs without dedicated vuln response teams get overloaded when they offer cash there. cURL is right to...
BTQ Partners ITRI for Low-Power
NEW: BTQ is partnering with ITRI to build a new chip architecture for post-quantum security. $BTQ ’s QCIM targets lower-power cryptography, and is now moving into silicon validation with ITRI, the incubator behind $TSMC.
Banks Overlook Billion-Dollar Fraud Crisis
[New Episode] The Billion Dollar Fraud Crisis Most Banks Are Missing. With @shanthi_peace, CEO of Casap. Watch the latest episode now: https://t.co/aCTj9YH63K https://t.co/dJky1nDo6a
PAI Boosts Claude Code Efficiency by 50% – Free Workshop
PAI is a super power. @DanielMiessler created features on top of Claude Code that increase its efficacy by 50%... and that's a lot based on how awesome Claude Code is. Incoming FREE workshop of PAI and other tools I'm using to...
Privacy, Security, and Scale: Non‑Negotiable Blockchain Essentials
3 things that will become non-negotiable for any chain that plans to operate in the long-term: Privacy, security, scale. - Privacy (by now it's obvious, and still) - because if we're to migrate our digital life -- financial and non-financial --...
Newsrooms Must Adopt Holistic Safety Beyond Digital Checklists
I spoke to @CJR about the FBI seizing devices from a @washingtonpost reporter and what newsrooms should know. The way forward here is more than just a digital security checklist, but a holistic focus on safety: physical, digital, emotional, legal....
Iran-Linked Hack Targets Middle East Gmail, WhatsApp Accounts
Spoke to @zackwhittaker about a hacking campaign targeting high-profile Gmail and WhatsApp accounts across the Middle East, found by @NarimanGharib earlier this week. Gharib believes the campaign is linked to Iran, TechCrunch was unable to attribute it. https://t.co/XH9cRWtxh2
Bots Now Dominate Web Traffic, Malicious Bots Rising
Here's what makes up a website's traffic today. It used to be mainly humans, but now bots make up the majority of website traffic. In addition, more malicious bots have been visiting sites than in the past. Check out the data. https://t.co/fpsvUqwlhE
New Dev Tools Promise End‑to‑End Encryption for Open‑Source L
Are there any other developer tools that let you encrypt your workflow? I met with the founders, video coming tomorrow, and they claim that everything is encrypted on open source LLMs even in and out of the LLM.
Aave V4 Contest Ends with Record Participation
The Aave V4 security contest has come to an end. With a record number of participants, enormous thanks to everyone who took part, and we hope you enjoyed our work. See you on mainnet.
Ethereum Foundation Tackles Quantum Threat Head‑On
"I HAVE to highlight the work being done by the Ethereum Foundation to solve the quantum threat." https://t.co/5TvOPraNmP
Quantum Threat Solves Crypto's Biggest Upcoming Challenge
"For all crypto protocols... solving the quantum threat is the most significant and biggest effort they'll have to undergo." https://t.co/5TvOPraNmP
Bitcoin's Fate in the Quantum Computing Era
Coming next: What happens to Bitcoin when quantum computers get powerful enough? ⚛️ I'll talk with Alex Pruden of Project Eleven @qdayclock about the post-quantum roadmap 👇 https://t.co/5TvOPraNmP
Bitcoin Rallies While Unpriced Risks Loom
⏰ Starting in 5 minutes (12pm ET)! Bitcoin is rallying 📈 but the biggest risks may not be priced in yet In today's @Unchained_pod livestream: 🧠 Steven Ehrlich w/ Grayscale's head of research Zach Pandl (@LowBeta_) on markets & regulatory delays then... 🔐 I'll speak...
Asia’s Payment Boom Fuels Surge in New Fraud
Visa just exposed 5 new fraud patterns exploding in 2026 — and they're hitting hard in Asia. • Account takeover up 300% via social engineering • AI-generated deepfakes fooling KYC • Mule networks using instant payments (PIX/UPI) • Synthetic identities surging in Asia • Card-not-present...
Auto-Close Tickets only when AI Reply Succeeds
Any @Zendesk experts out there? We have a gen AI reply out there for @haveibeenpwned which attempts to answer a support question, but has a fallback for if it can’t. How can we automatically close the ticket if a reply...
Read the Manual: Hidden Admin Paths Reveal Bypass
RTFM…. Literally I once was testing an older piece of software but didn’t have creds. Nothing available to me. Downloaded the manual and saw the url paths to the admin section. Plugged those in to my domain, one hit, boom 5k authorization...
Govern AI Agents with Standards, Governance, and Oversight
How Do You Manage AI Agents Before Your Tech Stack Spins Out of Control As #AIagents spread rapidly across businesses, many organizations are sleepwalking into fragmented, insecure and ungoverned #tech stacks. This article explains how leaders can regain control by...
Flagging Breach Data as Sensitive Prevents Harmful Doxing
Occasionally, someone takes issue with me flagging a data breach as "sensitive" such that the email addresses can't be publicly searched because they want to dox the users. That's a *really* bad idea, for many reasons: https://t.co/rEtQPHkxf7
Stay Anonymous When Using AI for Sensitive Queries
If you must, use AI tools with as much anonymity as possible. Ask your medical questions but anonymized and remove all personal details before submitting. OpenAI is increasingly the most interesting target for criminals, keep your account as boring and...
Travel Plans, IoT Shelly Nirvana, Ubiquiti Security Fusion
Weekly update is up! Upcoming Travel; Reaching IoT Shelly Nirvana; Physical Security Meets Digital with Ubiquiti: https://www.troyhunt.com/weekly-update-484/
