Properly segregating environments aids in risk mitigation, adopts enhanced security practices, and aligns with secure software development life cycles.

Read more https://lttr.ai/Adzvj

Wonderfully bleak talk regarding the deeply challenging attack surface SMBs are presenting to threat actors (with actionable items at the end!) by @Tarah at @bsidesseattle

_duoBN4Z[A0{q(:ZL9V'

RewindFacility4Unbounded

New Episode!
A Brand Story from the Road to #RSAC 2025 — Featuring Akamai Technologies

Every year, as we get ready for RSA Conference, we fire up the engine and the mics—not just to cover the #tech, but to capture the #business, the strategy, and most importantly, the human side of #cybersecurity.

Our latest Brand Story does just that.

In this pre-conference conversation, we sit down with Rupesh Chokshi, SVP & GM of Application Security at #Akamai, to talk about the shifting cybersecurity landscape as we move deeper into the #AI era. From #APIattacks and #LLM scraping to hybrid infrastructures and #zerotrust environments, it’s clear that security is no longer just a barrier—it’s a business enabler.

And Akamai is right at the center of that transformation.

We explore what it means to build real #cyberresilience, how organizations can rethink their security strategy in an AI-driven world, and why this year’s #RSAC2025 Conference is set to be a defining moment for both innovation and trust.

A special thank you to Akamai for sponsoring our RSAC 2025 coverage and continuing to support conversations that matter.

Watch the teaser: https://youtu.be/NH4APVuZfRc
Full episode: https://youtu.be/DMm6INJ_2Z8
Listen on the podcast: https://brand-stories-podcast.simplecast.com/episodes/ai-security-and-the-hybrid-world-akamais-vision-for-rsac-2025-with-rupesh-chokshi-svp-gm-application-security-akamai-a-rsac-conference-2025-brand-story-pre-event-conversation
Learn more about Akamai: https://www.itspmagazine.com/directory/akamai
Follow all of our RSAC 2025 stories: https://www.itspmagazine.com/rsac

We’ll see you in San Francisco for more conversations to share with your audience!

— Marco Ciappelli & Sean Martin, CISSP
ITSPmagazine Co-Founders

New Open-Source Tool Spotlight

Google's GRR (GRR Rapid Response) is an open-source framework for remote live forensics and incident response. It allows security teams to investigate systems at scale without interrupting operations. Used for data collection, analysis, and hunting. #CyberSecurity #DFIR

Project link on #GitHub https://github.com/google/grr

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Microsoft NTLM hash disclosure vulnerability now actively exploited
#cybersecurity #infosec #attack #activeattack
https://beyondmachines.net/event_details/microsoft-ntlm-hash-disclosure-vulnerability-now-actively-exploited-g-9-3-z-7/gD2P6Ple2L

Critical authentication vulnerability reported in Yokogawa Recorder Products
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-vulnerability-reported-in-yokogawa-recorder-products-e-m-7-e-n/gD2P6Ple2L

The Kickstarter for Digital Safety in a Dangerous World is now live!

Check it out here:

https://www.kickstarter.com/projects/kimcrawley/digital-safety-in-a-dangerous-world

- Advice for ordinary people and political activists for good opsec during politically unpredictable times.
- Reduce your big tech espionage footprint.
- Choose operating systems, applications, and online services that have better encryption and better privacy practices.
- When Microsoft, Google, etc. cannot be avoided, how to use their services and applications more securely.
- Lawful advice, written to be more accessible to laypeople. Technological concepts are defined and explained.
- Learn about Clearview AI, Boston Dynamics, Planitir, and other espionage platforms.
- Research sources include other cybersecurity researchers, at least one human rights lawyer, activists, and organizations such as the EFF.

My previous Kickstarter funded self published book project, the Ultimate Cybersecurity Careers Guide, was successful. I started working on it in December and the Kickstarter was launched at the same time. It was fully funded by February 2025. Most of my research and writing was done between January and March 2025. The eBook came out in March, and the paperback came out just a few weeks ago in April.

That was an overwhelming learning experience! It's a bit intense to do a new book Kickstarter immediately afterward. But current events have made this book more necessary than ever. I should be done the full draft by July or August.

All of my work is made by my own thinking and creativity. (Yes, even my dorky book cover art is made by myself in GIMP.) There is absolutely zero Gen AI in anything that I do. I take pride in my work.

Support human research and creativity!

Kickstarter link: https://www.kickstarter.com/projects/kimcrawley/digital-safety-in-a-dangerous-world

Pledge awards start at only $20 CAD (approximately $15 USD).

Thank you so much, everyone! If you can't back my second Kickstarter, that's fine. But in that case, please share my new Kickstarter on your social media. If my second Kickstarter is at least as successful as my first, I will be giving eBooks away to some political activists and activism groups as a public service. This cybersecurity and opsec knowledge should be shared with as many people as possible.

Boosting with hashtags:
https://grapheneos.social/@GrapheneOS/114359660453627718

> One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. (...) Our priority has been keeping them safe.
>
> (...)
>
> If you're an experienced AOSP developer interested in working full time on GrapheneOS in a fully remote position, see https://grapheneos.org/hiring.

(please boost original toot)

Wow, this Node.js malware situation is pretty wild, isn't it? It's a stark reminder of how quickly attackers pivot and adapt their methods.

Sure, Node.js is incredibly handy, there's no denying that. But, let's be real, it can also be an open door for trouble if you're not careful with implementation. Things like PowerShell exclusions and sneaky obfuscated code are popping up – yeah, staying vigilant is absolutely key these days.

It really drives home what we're always telling our clients: Security by Design is non-negotiable! Honestly, getting it right from the very beginning definitely beats scrambling to fix nasty surprises later on.

So, curious to hear from you all: What are *your* go-to tools for managing risks like these? And what strategies do you use to train your teams so they don't get caught out by these tactics? Let's share some knowledge!

A tool to anonymise those little yellow dots your colour laser printer is probably adding to every page it prints:

https://github.com/dfd-tud/deda

V/l1pLg+;@z]P;2`z!,5

StuckUndecided5Groggy

The countdown to the weekend begins with Five for Friday, the Sherpa Intelligence roundup of #InfoSec and #DataPrivacy news you may have missed from this past week April 14-18, 2025!

Read! Subscribe! Share!
https://sherpaintelligence.substack.com/p/five-for-friday-18-april-2025

Zevonix Cybersecurity Tip of the Day: Use browser extensions that block trackers and ads for safer browsing. #CyberSecurity #Zevonix #MFA #DataProtection #Phishing #InfoSec #CyberAware #ITSecurity #SmallBizSecurity #DigitalSafety

This dumb password rule is from Vietnam Airlines.

`[[:alnum:]]{6,8}`

https://dumbpasswordrules.com/sites/vietnam-airlines/

Deafening Silence From The #Cybersecurity Industry

https://www.forbes.com/sites/tonybradley/2025/04/16/deafening-silence-from-the-cybersecurity-industry/

Want to feel better, help keep a Domestic Violence family housed. This month we're supporting a family to get safe housing and new devices (in the works). We're 74% to the goal already (and yes, I take refurbed devices). https://ko-fi.com/lockdownyourlife

ASN: AS7018
Location: Santa Clara, US
Added: 2025-03-22T05:31

Volume twelve of Scrolls is live - it's a magical one!

https://shellsharks.com/scrolls/scroll/2025-04-18

Everyone below contributed in some way either through content they created, or stuff they found and boosted . Thank you thank you!

@disassociated @shankulkarny @hyde @askDNA @andyandy @e11e @artlung @ruben@social.kedera.nl @KurisuVanEdge @hongminhee @jbaty @hryggrbyr @axxuy @joxean @thejaymo @flan @sylvia @deadsuperhero @QueerMatters @mauricerenck @ImaginaryKarin @digitalsnow @jana @nichteric @justincox @avlcharlie @anubiarts @reiver @bradenslen @hamatti @mike_k @lianna @wafrn @mariobianchi @cwebber @selfcaregentle @jerry @bouletcorp2 @gretared @ApisNecros