thinking about this 20-person polycule in boston that’s using agile methodology

Not a popular opinion but I still believe this.

APT started out as a term to use when USG was too cautious to say 'China'. Now it's it is used to mean all govt backed threats, many of which are not that advanced or even that persistent.

Finished reading the probably best blog post I‘ll come across this week by Kelly Shortridge

Thanks to Richard Seroter for listing it on your newsletter.

Now let‘s head over across the street to #devopsdayszh 🤩

kellyshortridge.com/blog/posts/cyb…

remy🐀 There's room in the cybercrime industry (or maybe the anti-cybercrime industry) to quickly publish malicious POCs for every high CVE automatically. Probably collect a lot of shells from people who eagerly download, trust, and run arbitrary code hoping to get their own shells.

I dislike the term Zero Trust because it’s been held hostage by sales folks and has bred so much confusion. I don’t like confusion. The term has also been subject to misinterpretation interpretation.

Shove all the noise, here is what you need to really know: No one product or

“being alive is as special an occasion as it gets” fundamentally altered my brain

File under interesting but unsurprising.

World-first Cybercrime Index ranks countries by cybercrime threat level.

unsw.edu.au/newsroom/news/…

Apple has notified people in 150 countries that they were infected with mercenary spyware (Intellexa, NSO...).

We knew spyware was global but this is next level. The market has grown tremendously since 2004, when Hacking Team was getting started.

support.apple.com/en-us/102174

Do we hold others responsible for their choices even when these choices have been shaped by unfair unequal circumstances?

Yes, we do, suggests 'Shallow Meritocracy' from Peter Andre (Peter Andre), recently accepted at REStud.

restud.com/shallow-merito…

Reports have appeared that Ukrainian hackers destroyed Moscollector (Moscow sewage company) IT infrastructure.

Moscollector company is responsible for the operation of underground water pipes, communication cables, power cables, and heating networks in Moscow. Ukrainian hackers

Prepping slides about how I’m disrupting phishing at scale via deception, GPT discovered this paper by Kelly Shortridge & co for me

Great read, making the game more costly to play and effecting the productivity of the human in the loop is the future of cyber.

arxiv.org/abs/2211.16626…

Are these Crowdstrike or Microsoft threat actor names?

(attempting to flirt): if i were a jira ticket would you do me

Eclipse solar visto desde un avión en pleno vuelo.

big day for eclipse

Dan Brown is Perl.

no, I will not elaborate