home.social

#stuxnet — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #stuxnet, aggregated by home.social.

  1. 🕵🏻‍♂️ [InfoSec MASHUP] 21/2026 - The Supply Chain Didn't Break. It Was Walked.

    This week's issue reads like a case study in cascade failure. A malicious VS Code extension on one #GitHub employee's device leads to 3,800 internal repositories exfiltrated — by #TeamPCP, the same group that poisoned 170 npm and #PyPI packages last week. #Grafana gets breached via a token nobody rotated after the TanStack attack, itself a TeamPCP operation. A GitHub Action used by thousands of projects gets compromised and starts exfiltrating CI/CD credentials. And somewhere in a public GitHub spreadsheet, CISA contractor credentials — including #AWS GovCloud keys — sat waiting to be found.

    These aren't four separate incidents. They're one incident with four manifestations. The supply chain isn't a vector anymore; it's the terrain. Developer tooling, CI/CD pipelines, third-party actions, tokens issued and forgotten — all of it is now actively mapped and exploited with a persistence that makes the traditional "patch and move on" response look quaint. The Verizon DBIR dropped this week noting that third-party compromise is surging. The week's news was already illustrating the point before the report landed.

    → Week #21/2026 also covers: fast16 predated #Stuxnet and corrupted nuclear simulations quietly, #Pwn2Own Berlin paid $1.3M for 47 bugs, and #Bluesky got hijacked for Russian propaganda.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

  2. 🕵🏻‍♂️ [InfoSec MASHUP] 21/2026 - The Supply Chain Didn't Break. It Was Walked.

    This week's issue reads like a case study in cascade failure. A malicious VS Code extension on one #GitHub employee's device leads to 3,800 internal repositories exfiltrated — by #TeamPCP, the same group that poisoned 170 npm and #PyPI packages last week. #Grafana gets breached via a token nobody rotated after the TanStack attack, itself a TeamPCP operation. A GitHub Action used by thousands of projects gets compromised and starts exfiltrating CI/CD credentials. And somewhere in a public GitHub spreadsheet, CISA contractor credentials — including #AWS GovCloud keys — sat waiting to be found.

    These aren't four separate incidents. They're one incident with four manifestations. The supply chain isn't a vector anymore; it's the terrain. Developer tooling, CI/CD pipelines, third-party actions, tokens issued and forgotten — all of it is now actively mapped and exploited with a persistence that makes the traditional "patch and move on" response look quaint. The Verizon DBIR dropped this week noting that third-party compromise is surging. The week's news was already illustrating the point before the report landed.

    → Week #21/2026 also covers: fast16 predated #Stuxnet and corrupted nuclear simulations quietly, #Pwn2Own Berlin paid $1.3M for 47 bugs, and #Bluesky got hijacked for Russian propaganda.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

  3. 🕵🏻‍♂️ [InfoSec MASHUP] 21/2026 - The Supply Chain Didn't Break. It Was Walked.

    This week's issue reads like a case study in cascade failure. A malicious VS Code extension on one #GitHub employee's device leads to 3,800 internal repositories exfiltrated — by #TeamPCP, the same group that poisoned 170 npm and #PyPI packages last week. #Grafana gets breached via a token nobody rotated after the TanStack attack, itself a TeamPCP operation. A GitHub Action used by thousands of projects gets compromised and starts exfiltrating CI/CD credentials. And somewhere in a public GitHub spreadsheet, CISA contractor credentials — including #AWS GovCloud keys — sat waiting to be found.

    These aren't four separate incidents. They're one incident with four manifestations. The supply chain isn't a vector anymore; it's the terrain. Developer tooling, CI/CD pipelines, third-party actions, tokens issued and forgotten — all of it is now actively mapped and exploited with a persistence that makes the traditional "patch and move on" response look quaint. The Verizon DBIR dropped this week noting that third-party compromise is surging. The week's news was already illustrating the point before the report landed.

    → Week #21/2026 also covers: fast16 predated #Stuxnet and corrupted nuclear simulations quietly, #Pwn2Own Berlin paid $1.3M for 47 bugs, and #Bluesky got hijacked for Russian propaganda.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

  4. 🕵🏻‍♂️ [InfoSec MASHUP] 21/2026 - The Supply Chain Didn't Break. It Was Walked.

    This week's issue reads like a case study in cascade failure. A malicious VS Code extension on one #GitHub employee's device leads to 3,800 internal repositories exfiltrated — by #TeamPCP, the same group that poisoned 170 npm and #PyPI packages last week. #Grafana gets breached via a token nobody rotated after the TanStack attack, itself a TeamPCP operation. A GitHub Action used by thousands of projects gets compromised and starts exfiltrating CI/CD credentials. And somewhere in a public GitHub spreadsheet, CISA contractor credentials — including #AWS GovCloud keys — sat waiting to be found.

    These aren't four separate incidents. They're one incident with four manifestations. The supply chain isn't a vector anymore; it's the terrain. Developer tooling, CI/CD pipelines, third-party actions, tokens issued and forgotten — all of it is now actively mapped and exploited with a persistence that makes the traditional "patch and move on" response look quaint. The Verizon DBIR dropped this week noting that third-party compromise is surging. The week's news was already illustrating the point before the report landed.

    → Week #21/2026 also covers: fast16 predated #Stuxnet and corrupted nuclear simulations quietly, #Pwn2Own Berlin paid $1.3M for 47 bugs, and #Bluesky got hijacked for Russian propaganda.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

  5. 🕵🏻‍♂️ [InfoSec MASHUP] 21/2026 - The Supply Chain Didn't Break. It Was Walked.

    This week's issue reads like a case study in cascade failure. A malicious VS Code extension on one #GitHub employee's device leads to 3,800 internal repositories exfiltrated — by #TeamPCP, the same group that poisoned 170 npm and #PyPI packages last week. #Grafana gets breached via a token nobody rotated after the TanStack attack, itself a TeamPCP operation. A GitHub Action used by thousands of projects gets compromised and starts exfiltrating CI/CD credentials. And somewhere in a public GitHub spreadsheet, CISA contractor credentials — including #AWS GovCloud keys — sat waiting to be found.

    These aren't four separate incidents. They're one incident with four manifestations. The supply chain isn't a vector anymore; it's the terrain. Developer tooling, CI/CD pipelines, third-party actions, tokens issued and forgotten — all of it is now actively mapped and exploited with a persistence that makes the traditional "patch and move on" response look quaint. The Verizon DBIR dropped this week noting that third-party compromise is surging. The week's news was already illustrating the point before the report landed.

    → Week #21/2026 also covers: fast16 predated #Stuxnet and corrupted nuclear simulations quietly, #Pwn2Own Berlin paid $1.3M for 47 bugs, and #Bluesky got hijacked for Russian propaganda.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

  6. "Günstiger wird KI vermutlich nicht."

    "Im Bund haben wir kritische Schwachstellen gefunden, die zum Teil mehr als 10 Jahre alt sind, und das in 16 Ministerien." (-> bereits bekannte und patchbare Schwachstellen)

    frauen-technik.podigee.io/82-n von @sveckert und @evawolfangel

    #ki #stuxnet #HayaSchulmann #TheyTalkTech

  7. "Günstiger wird KI vermutlich nicht."

    "Im Bund haben wir kritische Schwachstellen gefunden, die zum Teil mehr als 10 Jahre alt sind, und das in 16 Ministerien." (-> bereits bekannte und patchbare Schwachstellen)

    frauen-technik.podigee.io/82-n von @sveckert und @evawolfangel

    #ki #stuxnet #HayaSchulmann #TheyTalkTech

  8. "Günstiger wird KI vermutlich nicht."

    "Im Bund haben wir kritische Schwachstellen gefunden, die zum Teil mehr als 10 Jahre alt sind, und das in 16 Ministerien." (-> bereits bekannte und patchbare Schwachstellen)

    frauen-technik.podigee.io/82-n von @sveckert und @evawolfangel

    #ki #stuxnet #HayaSchulmann #TheyTalkTech

  9. "Günstiger wird KI vermutlich nicht."

    "Im Bund haben wir kritische Schwachstellen gefunden, die zum Teil mehr als 10 Jahre alt sind, und das in 16 Ministerien." (-> bereits bekannte und patchbare Schwachstellen)

    frauen-technik.podigee.io/82-n von @sveckert und @evawolfangel

    #ki #stuxnet #HayaSchulmann #TheyTalkTech

  10. "Günstiger wird KI vermutlich nicht."

    "Im Bund haben wir kritische Schwachstellen gefunden, die zum Teil mehr als 10 Jahre alt sind, und das in 16 Ministerien." (-> bereits bekannte und patchbare Schwachstellen)

    frauen-technik.podigee.io/82-n von @sveckert und @evawolfangel

    #ki #stuxnet #HayaSchulmann #TheyTalkTech

  11. Hörempfehlung.

    They Talk Tech – mit Eckert und @evawolfangel Teure KI und Schwachstellen-Hype - mit Cybersicherheitsforscherin Haya Schulmann

    🕸️ frauen-technik.podigee.io/82-n

    My 2ct:

    Toller Beitrag! Etwas fragwürdig imo der Versuch #Stuxnet zu legitimieren: Stuxnet war genauso Verstoß gegen Hacker-Ethik wie #APT28-Angriffe. Mir fehlen Hinweise auf "friendly Cyber-Sabotage" und moralische Scheuklappen - gerade bei Despoten wie #Trump, #Thiel & #Musk. LLMs & 0Days sind imho Teil digitaler #Geopolitik

  12. Hörempfehlung.

    They Talk Tech – mit Eckert und @evawolfangel Teure KI und Schwachstellen-Hype - mit Cybersicherheitsforscherin Haya Schulmann

    🕸️ frauen-technik.podigee.io/82-n

    My 2ct:

    Toller Beitrag! Etwas fragwürdig imo der Versuch #Stuxnet zu legitimieren: Stuxnet war genauso Verstoß gegen Hacker-Ethik wie #APT28-Angriffe. Mir fehlen Hinweise auf "friendly Cyber-Sabotage" und moralische Scheuklappen - gerade bei Despoten wie #Trump, #Thiel & #Musk. LLMs & 0Days sind imho Teil digitaler #Geopolitik

  13. Hörempfehlung.

    They Talk Tech – mit Eckert und @evawolfangel Teure KI und Schwachstellen-Hype - mit Cybersicherheitsforscherin Haya Schulmann

    🕸️ frauen-technik.podigee.io/82-n

    My 2ct:

    Toller Beitrag! Etwas fragwürdig imo der Versuch #Stuxnet zu legitimieren: Stuxnet war genauso Verstoß gegen Hacker-Ethik wie #APT28-Angriffe. Mir fehlen Hinweise auf "friendly Cyber-Sabotage" und moralische Scheuklappen - gerade bei Despoten wie #Trump, #Thiel & #Musk. LLMs & 0Days sind imho Teil digitaler #Geopolitik

  14. Hörempfehlung.

    They Talk Tech – mit Eckert und @evawolfangel Teure KI und Schwachstellen-Hype - mit Cybersicherheitsforscherin Haya Schulmann

    🕸️ frauen-technik.podigee.io/82-n

    My 2ct:

    Toller Beitrag! Etwas fragwürdig imo der Versuch #Stuxnet zu legitimieren: Stuxnet war genauso Verstoß gegen Hacker-Ethik wie #APT28-Angriffe. Mir fehlen Hinweise auf "friendly Cyber-Sabotage" und moralische Scheuklappen - gerade bei Despoten wie #Trump, #Thiel & #Musk. LLMs & 0Days sind imho Teil digitaler #Geopolitik

  15. Hörempfehlung.

    They Talk Tech – mit Eckert und @evawolfangel Teure KI und Schwachstellen-Hype - mit Cybersicherheitsforscherin Haya Schulmann

    🕸️ frauen-technik.podigee.io/82-n

    My 2ct:

    Toller Beitrag! Etwas fragwürdig imo der Versuch #Stuxnet zu legitimieren: Stuxnet war genauso Verstoß gegen Hacker-Ethik wie #APT28-Angriffe. Mir fehlen Hinweise auf "friendly Cyber-Sabotage" und moralische Scheuklappen - gerade bei Despoten wie #Trump, #Thiel & #Musk. LLMs & 0Days sind imho Teil digitaler #Geopolitik

  16. Fast16 Malware Exposes Pre-Stuxnet Cyber Warfare Roots

    Meet fast16, a sneaky malware framework that's been around since 2005 - five years before the infamous Stuxnet - and is designed to quietly sabotage high-precision software by subtly altering numerical results. This stealthy approach can cause systems to fail, wear out faster, or produce false conclusions, making it a chilling…

    osintsights.com/fast16-malware

    #IndustrialControlSystems #MalwareOperations #NationState #CyberWarfare #Stuxnet

  17. Researchers Uncover 'fast16' Malware Targeting Engineering Software Years Before Stuxnet

    Researchers have uncovered a long-forgotten malware, fast16, that was designed to sabotage engineering software, beating even the infamous Stuxnet by at least five years. This ancient cyber threat, dating back to 2005, was engineered to spread rapidly and produce inaccurate calculations…

    osintsights.com/researchers-un

    #IndustrialControlSystems #LuapoweredMalware #SabotageFramework #Stuxnet #MalwareOperations

  18. Sabotage-malware kan have været rettet mod Irans 🇮🇷 atom-program – og er ældre end #Stuxnet

    Researchers har endelig knækket #Fast16 - en mystisk kode, der i al hemmelighed kan manipulere beregnings- og simulerings-software

    Den blev udviklet i 2005 – sandsynligvis sat i spil af USA 🇺🇸 eller en allieret
    wired.com/story/fast16-malware

  19. fast16: il framework di cybersabotaggio pre-Stuxnet riemerso dai tool segreti NSA dei ShadowBrokers

    SentinelLABS ha scoperto fast16, un framework di cybersabotaggio datato 2005 che precede Stuxnet di cinque anni. Il tool altera sottilmente i calcoli floating-point nei software di simulazione come LS-DYNA, target del programma nucleare iraniano, e appare nei leak NSA dei ShadowBrokers come strumento "da non toccare".

    insicurezzadigitale.com/fast16

  20. My first article for Inquirer.net, the digital arm of the Philippine Daily Inquirer, is now up! 🎉

    technology.inquirer.net/146003

    Here I give my take on #Anthropic’s latest #Claude model named #Mythos.

    #AI #LLMs #infosec #cybersecurity #Stuxnet

  21. Omvendt #stuxnet
    Iranske 🇮🇷 hackere hacker PLC'er (programmerbare logiske controllere), der er forbundet til internettet

    CISA og FBI oplyser, at der er indberettet drifts-forstyrrelser over hele USA. 🇺🇸

    Angrebene har været rettet mod PLC'er fra Rockwell og Allen-Bradley
    cisa.gov/news-events/cybersecu

  22. This article does not mention common sense stuff -- like making printed copies of important documents, storing data on external hard drives, or having a Ham radios and/or walkie talkies or mesh networks!

    Experts Warn The #Internet Will Go Down In A Big Way — And You'd Better Be Ready

    Story by Geoff Williams, 9/23/2025

    "It’s bad enough when the internet goes down for a few hours because your power went out after a storm, but what if the internet went down indefinitely, sort of everywhere? What if your state or an entire region of the country lacked the internet or electricity because of a cyberattack or something innocuous, like problems with an aging grid or the federal government forgot to pay a bill?"

    Read more (pretty lame -- reads like a #Starlink advert):
    msn.com/en-us/news/technology/

    #InternetOutages #KesslerSyndrome #CarringtonEvent #cyberattacks #1000SIMCards #CyberAttacks #SystemVulnerabilities #ConnectedGrids #TechDisruption #DisruptiveTechnology
    #Landlines #TechVulnerability #OneThousandSIMCards #Malware #Stuxnet

  23. This article does not mention common sense stuff -- like making printed copies of important documents, storing data on external hard drives, or having a Ham radios and/or walkie talkies or mesh networks!

    Experts Warn The #Internet Will Go Down In A Big Way — And You'd Better Be Ready

    Story by Geoff Williams, 9/23/2025

    "It’s bad enough when the internet goes down for a few hours because your power went out after a storm, but what if the internet went down indefinitely, sort of everywhere? What if your state or an entire region of the country lacked the internet or electricity because of a cyberattack or something innocuous, like problems with an aging grid or the federal government forgot to pay a bill?"

    Read more (pretty lame -- reads like a #Starlink advert):
    msn.com/en-us/news/technology/

    #InternetOutages #KesslerSyndrome #CarringtonEvent #cyberattacks #1000SIMCards #CyberAttacks #SystemVulnerabilities #ConnectedGrids #TechDisruption #DisruptiveTechnology
    #Landlines #TechVulnerability #OneThousandSIMCards #Malware #Stuxnet

  24. This article does not mention common sense stuff -- like making printed copies of important documents, storing data on external hard drives, or having a Ham radios and/or walkie talkies or mesh networks!

    Experts Warn The #Internet Will Go Down In A Big Way — And You'd Better Be Ready

    Story by Geoff Williams, 9/23/2025

    "It’s bad enough when the internet goes down for a few hours because your power went out after a storm, but what if the internet went down indefinitely, sort of everywhere? What if your state or an entire region of the country lacked the internet or electricity because of a cyberattack or something innocuous, like problems with an aging grid or the federal government forgot to pay a bill?"

    Read more (pretty lame -- reads like a #Starlink advert):
    msn.com/en-us/news/technology/

    #InternetOutages #KesslerSyndrome #CarringtonEvent #cyberattacks #1000SIMCards #CyberAttacks #SystemVulnerabilities #ConnectedGrids #TechDisruption #DisruptiveTechnology
    #Landlines #TechVulnerability #OneThousandSIMCards #Malware #Stuxnet

  25. This article does not mention common sense stuff -- like making printed copies of important documents, storing data on external hard drives, or having a Ham radios and/or walkie talkies or mesh networks!

    Experts Warn The #Internet Will Go Down In A Big Way — And You'd Better Be Ready

    Story by Geoff Williams, 9/23/2025

    "It’s bad enough when the internet goes down for a few hours because your power went out after a storm, but what if the internet went down indefinitely, sort of everywhere? What if your state or an entire region of the country lacked the internet or electricity because of a cyberattack or something innocuous, like problems with an aging grid or the federal government forgot to pay a bill?"

    Read more (pretty lame -- reads like a #Starlink advert):
    msn.com/en-us/news/technology/

    #InternetOutages #KesslerSyndrome #CarringtonEvent #cyberattacks #1000SIMCards #CyberAttacks #SystemVulnerabilities #ConnectedGrids #TechDisruption #DisruptiveTechnology
    #Landlines #TechVulnerability #OneThousandSIMCards #Malware #Stuxnet

  26. This article does not mention common sense stuff -- like making printed copies of important documents, storing data on external hard drives, or having a Ham radios and/or walkie talkies or mesh networks!

    Experts Warn The #Internet Will Go Down In A Big Way — And You'd Better Be Ready

    Story by Geoff Williams, 9/23/2025

    "It’s bad enough when the internet goes down for a few hours because your power went out after a storm, but what if the internet went down indefinitely, sort of everywhere? What if your state or an entire region of the country lacked the internet or electricity because of a cyberattack or something innocuous, like problems with an aging grid or the federal government forgot to pay a bill?"

    Read more (pretty lame -- reads like a #Starlink advert):
    msn.com/en-us/news/technology/

    #InternetOutages #KesslerSyndrome #CarringtonEvent #cyberattacks #1000SIMCards #CyberAttacks #SystemVulnerabilities #ConnectedGrids #TechDisruption #DisruptiveTechnology
    #Landlines #TechVulnerability #OneThousandSIMCards #Malware #Stuxnet

  27. Funding for program to stop next #Stuxnet from hitting #US expired Sunday
    #Government funding for a program that hunts for threats on #America's #criticalinfrastructure networks expired on Sunday, preventing Lawrence Livermore National Laboratory from analyzing activity that could indicate a #cyberattack, the program director told Congress on Tuesday.
    theregister.com/2025/07/22/lap
    #CISA #CyberSentry #cybersecurity

  28. CW: US Politics and security

    Funding for program to stop next Stuxnet from hitting US expired Sunday

    theregister.com/2025/07/22/lap

    "Let me be blunt, we are not prepared or a major attack on our critical infrastructure … we are not doing enough to prepare and the results could be catastrophic, including loss of life," Lee warned.

    All shields down, the attacks will not even be noticed.

    #security #stuxnet #usa

  29. Kim Zetter's (@kimzetter) 2014 book 𝘊𝘰𝘶𝘯𝘵𝘥𝘰𝘸𝘯 𝘵𝘰 𝘡𝘦𝘳𝘰 𝘋𝘢𝘺 was one of the first inducted into the Cybersecurity Canon Hall of Fame 🏆. The book unpacks the story of #Stuxnet and was a first of its kind to turn a real-world cyber espionage operation 🕵‍♀️ into a gripping thriller of a book.

    Last week, Kim joined #CyberCanon President Rick Howard at the 𝘞𝘦𝘥𝘯𝘦𝘴𝘥𝘢𝘺 𝘞𝘦𝘦 𝘋𝘳𝘢𝘮 gathering for a candid discussion and Q&A with an eager group of about 40 cybersecurity leaders.

    This event was coordinated before the recent Operation Midnight Hammer attack, which made the timing for this Stuxnet conversation impeccable. Many members attributed this to the uncanny foresight of Wee Dram host J. Carlos Vega, CISSP. 😄

    Book review 👉 tinyurl.com/mubj2z4n

    #CyberCanonHoF #Cybersecurity #CybersecurityBooks #CyberEspionage

  30. Kim Zetter's (@kimzetter) 2014 book 𝘊𝘰𝘶𝘯𝘵𝘥𝘰𝘸𝘯 𝘵𝘰 𝘡𝘦𝘳𝘰 𝘋𝘢𝘺 was one of the first inducted into the Cybersecurity Canon Hall of Fame 🏆. The book unpacks the story of #Stuxnet and was a first of its kind to turn a real-world cyber espionage operation 🕵‍♀️ into a gripping thriller of a book.

    Last week, Kim joined #CyberCanon President Rick Howard at the 𝘞𝘦𝘥𝘯𝘦𝘴𝘥𝘢𝘺 𝘞𝘦𝘦 𝘋𝘳𝘢𝘮 gathering for a candid discussion and Q&A with an eager group of about 40 cybersecurity leaders.

    This event was coordinated before the recent Operation Midnight Hammer attack, which made the timing for this Stuxnet conversation impeccable. Many members attributed this to the uncanny foresight of Wee Dram host J. Carlos Vega, CISSP. 😄

    Book review 👉 tinyurl.com/mubj2z4n

    #CyberCanonHoF #Cybersecurity #CybersecurityBooks #CyberEspionage

  31. Kim Zetter's (@kimzetter) 2014 book 𝘊𝘰𝘶𝘯𝘵𝘥𝘰𝘸𝘯 𝘵𝘰 𝘡𝘦𝘳𝘰 𝘋𝘢𝘺 was one of the first inducted into the Cybersecurity Canon Hall of Fame 🏆. The book unpacks the story of #Stuxnet and was a first of its kind to turn a real-world cyber espionage operation 🕵‍♀️ into a gripping thriller of a book.

    Last week, Kim joined #CyberCanon President Rick Howard at the 𝘞𝘦𝘥𝘯𝘦𝘴𝘥𝘢𝘺 𝘞𝘦𝘦 𝘋𝘳𝘢𝘮 gathering for a candid discussion and Q&A with an eager group of about 40 cybersecurity leaders.

    This event was coordinated before the recent Operation Midnight Hammer attack, which made the timing for this Stuxnet conversation impeccable. Many members attributed this to the uncanny foresight of Wee Dram host J. Carlos Vega, CISSP. 😄

    Book review 👉 tinyurl.com/mubj2z4n

    #CyberCanonHoF #Cybersecurity #CybersecurityBooks #CyberEspionage

  32. Kim Zetter's (@kimzetter) 2014 book 𝘊𝘰𝘶𝘯𝘵𝘥𝘰𝘸𝘯 𝘵𝘰 𝘡𝘦𝘳𝘰 𝘋𝘢𝘺 was one of the first inducted into the Cybersecurity Canon Hall of Fame 🏆. The book unpacks the story of #Stuxnet and was a first of its kind to turn a real-world cyber espionage operation 🕵‍♀️ into a gripping thriller of a book.

    Last week, Kim joined #CyberCanon President Rick Howard at the 𝘞𝘦𝘥𝘯𝘦𝘴𝘥𝘢𝘺 𝘞𝘦𝘦 𝘋𝘳𝘢𝘮 gathering for a candid discussion and Q&A with an eager group of about 40 cybersecurity leaders.

    This event was coordinated before the recent Operation Midnight Hammer attack, which made the timing for this Stuxnet conversation impeccable. Many members attributed this to the uncanny foresight of Wee Dram host J. Carlos Vega, CISSP. 😄

    Book review 👉 tinyurl.com/mubj2z4n

    #CyberCanonHoF #Cybersecurity #CybersecurityBooks #CyberEspionage

  33. Kim Zetter's (@kimzetter) 2014 book 𝘊𝘰𝘶𝘯𝘵𝘥𝘰𝘸𝘯 𝘵𝘰 𝘡𝘦𝘳𝘰 𝘋𝘢𝘺 was one of the first inducted into the Cybersecurity Canon Hall of Fame 🏆. The book unpacks the story of #Stuxnet and was a first of its kind to turn a real-world cyber espionage operation 🕵‍♀️ into a gripping thriller of a book.

    Last week, Kim joined #CyberCanon President Rick Howard at the 𝘞𝘦𝘥𝘯𝘦𝘴𝘥𝘢𝘺 𝘞𝘦𝘦 𝘋𝘳𝘢𝘮 gathering for a candid discussion and Q&A with an eager group of about 40 cybersecurity leaders.

    This event was coordinated before the recent Operation Midnight Hammer attack, which made the timing for this Stuxnet conversation impeccable. Many members attributed this to the uncanny foresight of Wee Dram host J. Carlos Vega, CISSP. 😄

    Book review 👉 tinyurl.com/mubj2z4n

    #CyberCanonHoF #Cybersecurity #CybersecurityBooks #CyberEspionage

  34. Im aktuellen Podcast sprechen @sveckert und ich mit Sarah Fluchs über die IT-Sicherheit kritischer Infrastrukturen, und wieso es immer schwieriger geworden ist, diese gut zu schützen. Besonders interessant finde ich ihre Überlegungen zum Einsatz von Open Source und wieso IT-Sicherheit immer unübersichtlicher geworden ist. Eine Lösung ist leider nicht in Sicht. Habt ihr interessante Ansätze gesehen?
    #cybersecurity #Iran #stuxnet
    heise.de/news/Podcast-Kritisch

  35. Als die USA vergangene Woche die Atomanlagen im Iran angegriffen hat, musste ich immer wieder an #Stuxnet denken: 2010 hatten die USA und Israel das gleiche Ziel, nämlich das iranische Atomporgramm zu stoppen - allerdings mit einem Cyberangriff. Stuxnet war ziemlich beeindruckend: ausgefeilt und zielgerichtet genau auf diese eine Art der Zentrifugen in Natanz ausgerichtet. Schon damals war umstritten, wie viel Schaden das angerichtet hat - und das ist es auch beim aktuellen Angriff.
    1/2