Pen Test Partners<p>A critical vulnerability in old Telerik software gave an attacker remote code execution on an SFTP-only Windows server. That meant they didn’t need credentials, antivirus didn’t trigger, and default log sizes meant almost nothing useful was captured.</p><p>From there? PowerShell exclusions, admin account created, RDP tunnelled in via Ngrok, ransomware deployed. </p><p>They even opened Pornhub either to cover traffic or celebrate the moment. Who knows?</p><p>This attack wasn’t subtle. But it worked because basic controls were missing. </p><p>We’ve broken down the incident. Plus, recommendations you can act on now to prevent the same thing.</p><p>📌<a href="https://www.pentestpartners.com/security-blog/sil3ncer-deployed-rce-porn-diversion-and-ransomware-on-an-sftp-only-server/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pentestpartners.com/security-b</span><span class="invisible">log/sil3ncer-deployed-rce-porn-diversion-and-ransomware-on-an-sftp-only-server/</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ransomware</span></a> <a href="https://infosec.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatDetection</span></a> <a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalForensics</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
225active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#incidentresponse
6 posts · 6 participants · 0 posts today
Tanya Janca | SheHacksPurple :verified: :verified:<p>🎥 Missed one of my past conference talks? Let’s fix that.</p><p>I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.</p><p>“Incident Response for Devs” - And <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> folks too!<br>📽️ <a href="https://twp.ai/4ioZ4t" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twp.ai/4ioZ4t</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAwareness</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p>
Discernible<p>🔥 New Discernible Drill this week! </p><p>Recent Scattered Spider attacks on airlines highlight the challenges of responding to a network compromise when every minute of downtime affects thousands of passengers and critical safety operations.</p><p>Our latest drill scenario puts you in the SOC during an active airline intrusion. You'll navigate the unique communication challenges of balancing security containment with operational continuity when flight schedules, passenger safety, and regulatory compliance are all on the line.</p><p>Perfect for: <br>✈️ SOC analysts and engineers <br>✈️ Incident response teams <br>✈️ Anyone working in critical infrastructure security</p><p>The aviation industry's complex operational requirements create communication scenarios you won't find in typical incident response training. </p><p>Ready to see how you'd handle it?</p><p>Subscribe to join at DiscernibleInc.com/drills </p><p><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityCommunications</span></a><br><a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a></p>
Brian Greenberg :verified:<p>A major cybersecurity legal case is moving forward. ✈️ Delta Air Lines proceeding with its $550M+ lawsuit against CrowdStrike over the July 2024 outage that canceled 7,000 flights and impacted 1.3M passengers.</p><p>⚖️ The court allowed claims of:<br>🧠 Gross negligence<br>💻 Computer trespass<br>🕵️♂️ Limited fraud</p><p>📉 Delta claims the update could have been caught with a simple test. CrowdStrike is pushing back, saying damages should be limited under Georgia law. This case may redefine how courts view software vendor liability, especially for updates in critical infrastructure.</p><p>💬 Should companies expect higher legal accountability for third-party software failures?</p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Delta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Delta</span></a> <a href="https://infosec.exchange/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> <a href="https://infosec.exchange/tags/LegalTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LegalTech</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p><p><a href="https://www.reuters.com/sustainability/boards-policy-regulation/delta-can-sue-crowdstrike-over-computer-outage-that-caused-7000-canceled-flights-2025-05-19/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/sustainability/boa</span><span class="invisible">rds-policy-regulation/delta-can-sue-crowdstrike-over-computer-outage-that-caused-7000-canceled-flights-2025-05-19/</span></a></p>
FIRST.org<p>Valuable insights from Eireann Leverett, security researcher and advisor to FIRST, featured in CSO on conducting effective post-incident reviews!</p><p>The article explores how organizations can strengthen cybersecurity defenses through structured post-incident analysis, moving beyond mitigation to meaningful learning and improvement.</p><p>Key recommendations: </p><p>🔍 Document incidents as they evolve, not just as they end<br>📊 Capture context behind decision-making processes during incidents <br>⚡Focus on structural learning over individual blame </p><p>Thank you Bob Violino and CSO for showcasing how thoughtful incident analysis drives continuous security improvement.</p><p>Read more: <a href="https://go.first.org/ISkJp" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/ISkJp</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p>
Discernible<p>Most organizations think security communications = crisis PR, but this narrow focus actually sabotages the media relationships they're trying to protect.</p><p>When security incidents hit the news, journalists aren't starting from scratch -- they're drawing on accumulated context about your organization's communication patterns and competence built over months or years.</p><p>That means the real work of effective security communications happens in internal meetings, stakeholder interactions, and organizational messaging long before any reporter gets involved.</p><p>Here's a new post from us on building comprehensive security communications that strengthen rather than undermine your credibility: <a href="https://discernibleinc.com/blog/sabotage-media-relations-by-misunderstanding-security-communications" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discernibleinc.com/blog/sabota</span><span class="invisible">ge-media-relations-by-misunderstanding-security-communications</span></a></p><p><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/SecurityCommunications" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityCommunications</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p>
Dissent Doe :cupofcoffee:<p>In August 2020, <span class="h-card" translate="no"><a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SchizoDuckie</span></a></span> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."</p><p>In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.</p><p>Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. </p><p><a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/04/no</span><span class="invisible">-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</span></a></p><p>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <span class="h-card" translate="no"><a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TonyYarusso</span></a></span> and <span class="h-card" translate="no"><a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bkoehn</span></a></span> for their efforts. </p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentmanagement</span></a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityalert</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Walker<p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> </p><p>See, this is why I like this field, when people are involved you always see something new. </p><p>The third party ransomware negotiator, negotiated kickbacks from the ransomware actor when negotiating the ransom payment for their client. </p><p>Amazing.</p><p><a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a></p>
Walker<p>Could data segregation help mitigate impact of large scale data incidents?</p><p>Looking at the Qantas breach of 6 million passenger records.</p><p>Taking a step back from the data warehouse model, what if data could be stored in different locations based on a set of criteria instead of in a single repository. Access to these systems could be isolated as well. If one system got compromised it would not impact the entire data set. </p><p>The data could still be mined for business analytics but it could be pseudonymized in a data warehouse. If access to the warehouse got compromised it would not impact privacy. </p><p>This is a much more complex and expensive setup, but the cost could be weighed against the loss resulting from a compromise. </p><p>There is also the impact on real time data interactions with PII, where is it stored, how is it accessed, etc. Lots of considerations. </p><p>Just a thought, though it may not be practical. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/securityengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityengineering</span></a> <a href="https://infosec.exchange/tags/database" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>database</span></a> <a href="https://infosec.exchange/tags/datawarehouse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datawarehouse</span></a></p>
Dissent Doe :cupofcoffee:<p>With great thanks to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:</p><p>Bolton Walk-In Clinic patient data leak locked down! </p><p>Read about this very frustrating effort to get exposed patient data locked down:</p><p><a href="https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/30/bo</span><span class="invisible">lton-walk-in-clinic-patient-data-leak-locked-down-finally/</span></a></p><p><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/HIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> For the life of me, I cannot understand why this got kicked over to the anti-rackets branch, but thank you for what you managed to accomplish. </p><p>I will post an update to this leak on my blog sometime this week, but in the interim:</p><p>Any patients of the Bolton Walk-In Clinic should consider filing a complaint with the provincial Privacy Commission and requesting an investigation into the clinic's failure to comply with medical privacy laws such as PHIPA. IMO, the IPC should also be asked to require the clinic to notify every patient whose unencrypted information was exposed. </p><p>Additional details about earlier efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and I to get this leak secured can be found in my post at <a href="https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2024/12/03/bo</span><span class="invisible">lton-walk-in-clinic-in-ontario-lock-down-your-backup-already/</span></a></p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/Ontario" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ontario</span></a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a></p>
FIRST.org<p>Who's your lunch buddy for the day? 🥙🍴 Make sure to connect with your old and new pals at <a href="https://infosec.exchange/tags/FIRSTCON25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIRSTCON25</span></a> <a href="https://infosec.exchange/tags/inspiringconnections" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>inspiringconnections</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/secconf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secconf</span></a> 🔗<a href="https://go.first.org/LV4lq" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/LV4lq</span><span class="invisible"></span></a></p>
FIRST.org<p>We’re proud to welcome Richard D. Pethia to the FIRST Incident Response Hall of Fame, announced today at <a href="https://infosec.exchange/tags/FIRSTCON25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIRSTCON25</span></a> in Copenhagen, Denmark.</p><p>As the founding director of the CERT Coordination Center (CERT/CC), now part of the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI), Pethia’s vision and leadership helped shape the modern practice of cybersecurity incident response. </p><p>Congratulations, Rich, and thank you for your lasting impact on our field!</p><p>Read more: <a href="https://go.first.org/bFM9v" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/bFM9v</span><span class="invisible"></span></a> </p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a><br><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
FIRST.org<p>Excited to introduce FIRST CORE with our founding partner Fortinet! </p><p>This new sponsorship initiative will strengthen incident response capabilities worldwide, focusing on capacity building in underrepresented regions across Africa, the Asia-Pacific, Latin America and the Caribbean. </p><p>Together, we're expanding our Community and Capacity Building Program to provide critical training, mentorship and resources where they're needed most. </p><p>Fortinet's decade-long commitment to our mission makes them the perfect partner to help us build resilient cybersecurity communities grounded in internationally recognized best practices. </p><p>Learn more here: <a href="https://go.first.org/UTC8W" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/UTC8W</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberDefense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberDefense</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <br><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/FIRSTCON25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIRSTCON25</span></a></p>
Dissent Doe :cupofcoffee:<p>McLaren provides written notice to 743,131 patients after ransomware attack in July 2024:</p><p><a href="https://databreaches.net/2025/06/22/mclaren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/22/mc</span><span class="invisible">laren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/</span></a></p><p><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HealthSec</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> </p><p>This was their second ransomware attack in a year. Personal injury lawyers are already recruiting plaintiffs. </p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>amvinfe</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>
Bytes Europe<p>Why a Business-First Incident Response Approach Works Best <a href="https://www.byteseu.com/1121222/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">byteseu.com/1121222/</span><span class="invisible"></span></a> <a href="https://pubeurope.com/tags/business" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>business</span></a> <a href="https://pubeurope.com/tags/BusinessLeadership" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessLeadership</span></a> <a href="https://pubeurope.com/tags/BusinessOperations" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusinessOperations</span></a> <a href="https://pubeurope.com/tags/ChaosManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChaosManagement</span></a> <a href="https://pubeurope.com/tags/CommunicationPlan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CommunicationPlan</span></a> <a href="https://pubeurope.com/tags/ContinuityPlans" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContinuityPlans</span></a> <a href="https://pubeurope.com/tags/CrisisManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrisisManagement</span></a> <a href="https://pubeurope.com/tags/CyberCrisis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberCrisis</span></a> <a href="https://pubeurope.com/tags/EmployeeEngagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EmployeeEngagement</span></a> <a href="https://pubeurope.com/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://pubeurope.com/tags/LegalImplications" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LegalImplications</span></a> <a href="https://pubeurope.com/tags/OutdatedSystems" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OutdatedSystems</span></a> <a href="https://pubeurope.com/tags/recovery" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>recovery</span></a> <a href="https://pubeurope.com/tags/Resilience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Resilience</span></a> <a href="https://pubeurope.com/tags/Semperis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Semperis</span></a> <a href="https://pubeurope.com/tags/SimonHodgkinson" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SimonHodgkinson</span></a> <a href="https://pubeurope.com/tags/TabletopExercises" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TabletopExercises</span></a> <a href="https://pubeurope.com/tags/TechnicalContainment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechnicalContainment</span></a> <a href="https://pubeurope.com/tags/YossiRachman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YossiRachman</span></a></p>
Discernible<p>🔥 New Supply Chain Security Comms Drill!</p><p>Supply chain attacks are becoming one of the most challenging threats facing security teams today. But here's what we've learned from working with hundreds of <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> teams — the technical response is often the easy part.</p><p>The real challenge? Coordinating communication across your entire organization when Legal needs regulatory guidance, Sales is worried about customer retention, Engineering is weighing security vs. business continuity, and your biggest customer is demanding answers right now.</p><p>We've just created a new drill that puts you in the role of Security Incident Commander during a supply chain compromise. No technical deep-dives — just the messy, real-world communication challenges that make or break incident response.</p><p>What you'll practice: </p><p>✅ Managing competing stakeholder priorities <br>✅ Making information-sharing decisions <br>✅ Coordinating cross-functional teams </p><p>Perfect for security leaders, incident commanders, and anyone who's ever had to explain a complex security situation to executives, customers, or legal teams while the clock is ticking.</p><p>Ready to test your incident communication skills? </p><p>Link to subscribe: DiscernibleInc.com/drills</p>
Dissent Doe :cupofcoffee:<p>Attribution is hard, Thursday edition...</p><p>NEW by me: A guilty plea in the PowerSchool case still leaves unanswered questions</p><p><a href="https://databreaches.net/2025/06/12/a-guilty-plea-in-the-powerschool-case-still-leaves-unanswered-questions/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/12/a-</span><span class="invisible">guilty-plea-in-the-powerschool-case-still-leaves-unanswered-questions/</span></a></p><p><a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PowerSchool</span></a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hack</span></a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>extortion</span></a> <a href="https://infosec.exchange/tags/attribution" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>attribution</span></a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>douglevin</span></a></span> <span class="h-card" translate="no"><a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>funnymonkey</span></a></span> <span class="h-card" translate="no"><a href="https://journa.host/@mkeierleber" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mkeierleber</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brett</span></a></span></p>
Chum1ng0 - Security Research :verified:<p>As a researcher, have you ever been told this sentence?</p><p>"While we acknowledge the concern, we do not have the authority to<br>remove or restrict access to the reported content. We'd appreciate it<br>if you could consider reporting the issue to Google through their<br>official reporting channels."</p><p>JAPANCERT - JPCERT</p><p><a href="https://infosec.exchange/tags/CERT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CERT</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/research" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>research</span></a> <a href="https://infosec.exchange/tags/japan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>japan</span></a> <a href="https://infosec.exchange/tags/IR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IR</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a></p>
Redhotcyber<p>🎉 È finalmente arrivato il professionista che nessun SOC voleva, ma che tutti si meritano!</p><p>🎓 Addestrato in un gruppo Telegram.<br>🧠 Certificato da “CyberSecurity spiegata male S.r.l.”<br>💻 Specializzato in: “Non è colpa nostra, sarà mica l’IT esterno?”</p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacker</span></a> <a href="https://mastodon.bida.im/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bida.im/tags/infosecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosecurity</span></a> <a href="https://mastodon.bida.im/tags/quotes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quotes</span></a> <a href="https://mastodon.bida.im/tags/meme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meme</span></a> <a href="https://mastodon.bida.im/tags/comica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>comica</span></a> <a href="https://mastodon.bida.im/tags/vignette" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vignette</span></a> <a href="https://mastodon.bida.im/tags/citazioni" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>citazioni</span></a> <a href="https://mastodon.bida.im/tags/cybersec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersec</span></a> <a href="https://mastodon.bida.im/tags/sicurezzainformatica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sicurezzainformatica</span></a> <a href="https://mastodon.bida.im/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://mastodon.bida.im/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://mastodon.bida.im/tags/awareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>awareness</span></a> <a href="https://mastodon.bida.im/tags/meme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meme</span></a> <a href="https://mastodon.bida.im/tags/memetime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memetime</span></a> <a href="https://mastodon.bida.im/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://mastodon.bida.im/tags/SOCFail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOCFail</span></a> <a href="https://mastodon.bida.im/tags/Ammiocuggino" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ammiocuggino</span></a> <a href="https://mastodon.bida.im/tags/InfosecSatira" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfosecSatira</span></a> <a href="https://mastodon.bida.im/tags/CyberAwareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAwareness</span></a> <a href="https://mastodon.bida.im/tags/ITNonImprovvisato" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITNonImprovvisato</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload