🦎 What if your network could heal like a living organism?
Traditional DR is reactive. Autonomous Continuity is the next leap. In Episode 2, we discuss Target Morphology (Policy-as-Code) and the TOTE loop (Test, Operate, Exit) to shrink RTOs from hours to minutes.
It’s time to move from "firefighting" to "resilience engineering." Build systems that want to be secure.
🎧 Listen: https://open.spotify.com/episode/7bBRpPXMeuCnJrm69aMDAr?si=KQFS6S0FTa-Yu3vGtpLlRQ
#CyberSecurity #AgenticAI #Resilience #DevSecOps #InfoSec #SecurityEngineering
#securityengineering
What if your network wanted to be secure? 🧵 In Episode 1 of "The Morphogenetic SOC," we’re using Michael Levin’s TAME framework to redefine cyber defense. How do you control a system? Level 1: Rewire hardware. Level 2: Modify setpoints. Level 3: Reward behavior. Level 4: Persuade with reasons. Which level is your WAF? #CyberSecurity #AI #zeroknowledge #multiplepartycompute #TAME #evolutionaryalgorithms #agentic #SOC #securityengineering https://open.spotify.com/episode/4Pamgs6PUITRSHUUSFBRu7?si=-nEhwCSoSamkJPtHNe4IiQ&nd=1&dlsi=b9a7fc3ef2914a8f
Password Security in 2026: A Practitioner’s View
After years in security, I can say one thing with confidence: most breaches still don’t start with zero-days. They start with credentials.
Phishing, credential stuffing, password reuse — same story, different year.
From the offensive side, weak or reused passwords are still one of the cheapest ways in. From the defensive side, identity remains the most fragile layer in otherwise decent infrastructures.
What I keep seeing in real environments:
The same password reused across multiple services
“Seasonal” patterns like Summer2026!
Credentials leaked in one breach and reused elsewhere
Missing MFA on systems that really should have it
This is why the basics still matter more than shiny tools:
Use a password manager and generate long, random, unique passwords
Use passphrases for master credentials
Enable MFA / 2FA everywhere it’s possible
Treat access reviews and account cleanup as a routine, not an incident response
Technology alone won’t save you, though. If policies are unclear or not enforced, people will always take shortcuts. And shortcuts in identity and access management are exactly what attackers love.
In 2026, this is not about “making life harder for users”. It’s about:
Reducing breach probability
Limiting blast radius
Protecting business continuity
And not turning basic hygiene into an expensive incident
Strong authentication is no longer “advanced security”. It’s just digital hygiene.
And like any hygiene, it only works if it’s systematic and boringly consistent.
#infosec #cybersecurity #passwords #identity #MFA #2FA #bluesky #mastodon #securityengineering #digitalhygiene
This multi-stage Windows attack chain highlights how modern campaigns increasingly avoid exploits in favor of social engineering, cloud-hosted payloads, OS trust assumptions, and layered persistence.
The abuse of Defender configuration, Security Center trust models, and legitimate services underscores the importance of behavioral monitoring over signature-based detection.
Early-stage visibility appears critical - once recovery and security controls are disabled, response options narrow quickly.
Thoughts welcome. Follow @technadu for neutral, practitioner-focused cybersecurity reporting.
#ThreatHunting #EDR #WindowsDefense #MalwareResearch #CyberOperations #SecurityEngineering
Beyond the surface of a steel door lies a world of precision engineering. From internal reinforcements to blast-resistant cores. Ever wondered what makes a security door virtually impenetrable?
We’re peeling back the steel layers to show you.
https://vocal.media/stories/the-hidden-engineering-behind-high-security-steel-doors
#SecurityEngineering #SteelDoors #PhysicalSecurity #Architecture #BuildingDefense
Analysis of VolkLocker ransomware reveals a critical implementation flaw where encryption master keys are hard-coded and stored locally in plaintext, enabling free decryption.
Despite employing AES-256-GCM and exhibiting common ransomware behaviors, the design oversight significantly undermines its extortion model. The case illustrates how technical maturity varies widely across ransomware-as-a-service ecosystems.
What defensive lessons should teams take from flawed ransomware implementations like this?
Source: https://thehackernews.com/2025/12/volklocker-ransomware-exposed-by-hard.html
Engage in the discussion and follow TechNadu for objective infosec coverage.
#InfoSec #Ransomware #MalwareAnalysis #ThreatResearch #CyberDefense #SecurityEngineering #TechNadu
A newly uncovered issue in Microsoft Teams allows attackers to bypass Defender for Office 365 protections by inviting users into attacker-controlled guest tenants.
Because security policies apply from the host tenant, malicious links and files can slip through unscanned - especially when attackers use minimal or trial tenants lacking security tools.
Are default-enabled guest features creating unnecessary risk?
Source: https://cybersecuritynews.com/microsoft-teams-guest-chat-vulnerability/#google_vignette
Share your thoughts and follow us for more analysis.
#infosec #MicrosoftTeams #cloudsecurity #phishing #malware #ZeroTrust #securityengineering
OpenAI confirmed that limited API-user data was exposed through a breach at its previous analytics provider, Mixpanel. The dataset included names, emails, coarse location, user/organization IDs, and technical metadata — but no chats, passwords, API keys, or payment data.
Researchers noted that sending identifiable data to analytics tools isn’t aligned with typical security best practices.
What’s your view on data minimization in analytics pipelines?
Source: https://cybernews.com/security/openai-mixpanel-cybersecurity-incident-breach/
Share your thoughts - and follow us for more updates.
#InfoSec #CyberSecurity #DataPrivacy #OpenAI #Mixpanel #APISecurity #DataBreach #VendorSecurity #ThreatIntel #SecurityEngineering #TechNews
New blog post live for my Sentinel Saturday series! :1000: :apartyblobcat:
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
In this post, I explore the power of using Microsoft Sentinel Tasks as part of your automation workflows.
Most teams aren’t getting the full #value out of Tasks in Microsoft Sentinel. Are you? When you combine Sentinel Tasks with automation, they become a game-changer.
- Auto-create tasks when automation fails (so nothing slips through the cracks)
- Auto-complete tasks when automation succeeds
- Use tasks to verify automation outcomes
- Build engineering feedback loops and automation #QA
Read the blog 👉 https://marshsecurity.org/sentinel-saturday-using-tasks-with-automation/
#MicrosoftSentinel #SentinelAutomation #CyberSecurity #SOCAutomation
#CloudSecurity #AzureSecurity #SIEM #SecOps #Automation #InfoSec
#CyberSecurityCommunity #BlueTeam #ThreatDetection #SecurityEngineering #SecurityOperations
A Canon Hall of Fame classic by Dr. Ross Anderson continues to prove its significance in modern security practices.
Our most recent #Newsletter covers an Infosecurity Magazine article that aligns with many points from two recent canon-reviewed books, as well as an old favorite, 𝘚𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘌𝘯𝘨𝘪𝘯𝘦𝘦𝘳𝘪𝘯𝘨.
While Ron Woerner’s Canon review was of the 2008 2nd edition, Dr. Anderson has since released a 3rd edition just a few years ago.
📰 https://cybercanon.substack.com/p/november-newsletter-spotlight-on
🛍️ If interested in purchasing the latest edition and supporting the Canon, please consider using this affiliate link: https://amzn.to/47NiFa4
Hello #InfoSec community!
I'm James (JMo), a Institute of Data x Michigan Tech Cybersecurity Bootcamp grad who built an open-source security scanner as part of my capstone project.
**JMo Security** orchestrates 11 tools (Trivy, Semgrep, TruffleHog, ZAP, Falco) with:
✅ Multi-target scanning (repos, containers, IaC, web apps, GitLab, K8s)
✅ Auto-compliance mapping (OWASP, CWE, NIST, PCI DSS, CIS, ATT&CK)
✅ Unified reporting (dashboard, SARIF, JSON)
**Quick start:**
pip install jmo-security jmotools wizard
📖 Docs: https://docs.jmotools.com
🐙 GitHub: https://github.com/jimmy058910/jmo-security-repo
**Actively seeking #DevSecOps / #AppSec roles!** DMs open for opportunities or technical feedback.
What security tools are you using in your workflows?
#CyberSecurity #OpenSource #Python #SecurityEngineering #JobSearch
🧠 Vibe coding isn’t a security issue - it’s a workflow issue.
OX Research’s latest findings show that AI-generated code hits production too fast for review, embedding vulnerabilities through anti-patterns like over-commenting, poor reuse, and lack of architectural thinking.
Security must be embedded directly into AI workflows - not patched in afterward.
💭 How should infosec teams adapt review processes to handle AI-produced code?
Follow @technadu for more research-driven cyber insights.
#InfoSec #CyberSecurity #AICoding #VibeCoding #DevSecOps #SoftwareSecurity #ThreatIntelligence #AIWorkflow #SecurityEngineering
Prompt injections are still a problem – August 2025 edition
Independent AI researcher Johann Rehberger (previously) has had an absurdly busy August. Under the heading The Month of AI Bugs he has been publishing one report per day across an array of different tools, all of which are vulnerable to various classic prompt injection problems. This is a fantastic and horrifying demonstration of how widespread and dangerous these vulnerabilities still are, almost three years after we first started talking about them.
Johann’s published research in August so far covers ChatGPT, Codex, Anthropic MCPs, Cursor, Amp, Devin, OpenHands, Claude Code, GitHub Copilot and Google Jules. There’s still half the month left!
The Summer of Johann: prompt injections as far as the eye can see
Previously:
https://gurupanguji.com/2025/04/23/notes-on-llms/
https://gurupanguji.com/2025/08/06/trust-in-the-world-of-ai/
#ai #engineering #llms #model #promptInjection #security #securityEngineering #software
🔐SSH and shell-free
🧱Immutable by default
🔁Trusted Boot out of the box
Because we believe security starts at the foundation. Here's what makes Talos Linux different.
🔗 https://www.siderolabs.com/blog/mastering-security-in-your-kubernetes-infrastructure/
#Kubernetes #TalosLinux #DevSecOps #CloudNative #SecurityEngineering
This hands-on guide shows how to build secure, scalable data pipelines using open source tools like Filebeat, Logstash, Kafka, and Ansible.
Learn to collect, transform, enrich, and centralize security telemetry from Windows, Linux, and network sources. A practical resource for anyone supporting detection, forensics, or incident response.
📣 We’re expanding.
To reach more of the #Fediverse and engage with #AI, #Privacy, and #Security voices outside the infosec world, you can now also find us at:
👉 @confsec
Same mission. Same stance:
🔐 Provable privacy
🚫 No visibility, no retention
✅ Built for compliance, AI, and trust
#CyberSecurity #AIPrivacy #PrivateAI #LLM #SecurityEngineering #DataPrivacy
Thoughts on the Impact of Generative AI on Security Engineering Careers: https://scottponte.substack.com/p/thoughts-on-the-impact-of-generative
Automation made us fast.
AI agents might make us fearless—or reckless.
In this deep-dive opinion piece, we explore how DevSecOps evolves when autonomous AI joins the team.
What gets better? What gets worse? Let’s talk.
#DevSecOps #AI #Automation #SecurityEngineering #TechLeadership #AIInSecurity
https://webdad.eu/2025/06/18/devsecops-in-the-age-of-autonomous-ai-what-gets-better-what-gets-worse/
In a new blog, Proofpoint threat research engineers disclosed their discovery of Amatera Stealer, a newly rebranded and upgraded malware-as-a-service (MaaS) version of the ACR Stealer.
Read the blog: https://brnw.ch/21wTvkx
While maintaining its roots in ACR Stealer, the latest variant, #Amatera, introduces new features—including sophisticated delivery mechanisms, anti-analysis defenses, and a revamped control structure—making it stealthier and dangerous.
See the Threat Research Engineering blog for IOCs and Emerging Threat signatures.
#securityengineering #detectionengineering #securitycontrols
From scanning ports to structuring security programs that meet real-world demands, this book helps practitioners level up from technical know-how to strategic capability.
It bridges foundational knowledge with practical security leadership. Designed for those who build, defend, and explain security every day
https://nostarch.com/foundationsinfosec
#infosec #cybersecurity #securityengineering #nmap #SOC2 #compliance #devops #securityculture
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst