Metacurity - The Solution to Infosec News Overload

Metacurity is pleased to offer our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush. This week's selection covers --China's Typhoons are the biggest cyber threat in a decade, --Community Notes won't save us, --Messing with adversaries' minds as a cyber defense, --The real-life fake porn horror story in Levittown, --When Russia burned $300K of Bitcoin https://lnkd.in/eSRB8qNB

Federal prosecutors indicted former NFL and University of Michigan assistant football coach Matt Weiss for hacking into the computer accounts of thousands of college athletes seeking intimate photos and videos. Don't leave for the weekend until you check out today's Metacurity for more on this development and other critical infosec news you should know, including --N. Korea establishes a new hacking group, --Dutch parliament criminalizes foreign influence-related espionage, --Sophisticated phishing attack mounted against Mac users, --Google sues scammers behind fake Google Maps listings, --Signal will leave France if encryption backdoor law is passed, --much more https://lnkd.in/eRqZzQGk

Several US national security agencies have halted work on a coordinated effort to counter Russian sabotage, disinformation, and cyberattacks, easing pressure on Moscow as the Trump Administration pushes Russia to end its war in Ukraine. Don't miss today's Metacurity for more on this development and other critical infosec news you should know today, including --SpyX spyware suffered a breach, --Baidu denies breach after exec's teen daughter spills PII, --Nation-states exploit Windows .lnk files flaw, --NCSC issues a post-quantum warning, --Ukraine warns of attacks on Signal, --Ukraine's IT Army still going strong, --Capital One hacker to face harsher sentence, --much more https://lnkd.in/e6aqAQgV

Check out my latest CSO piece, which examines how CISOs can more effectively talk to the board and C-Suite about the costs of a cyber incident. Thanks to Amanda Draeger of Liberty Mutual Insurance, Gary Brickhouse of GuidePoint Security and Stephen Boyer of Bitsight for their insight. https://lnkd.in/ewf-fxgG

Researchers at the University of Toronto's Citizen Lab report that the governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of Israeli spyware maker Paragon Solutions. Check out today's Metacurity for more on this critical development and other top infosec news you should know, including --China's MSS says Taiwan conducted cyberattacks and pushed fake news, --The Dutch seek to escape US tech, --Organized crime uses AI intertwined with state-sponsored campaigns, --Apple's Passwords apps had a serious flaw, --Oracle eyes TikTok deal, --Crims stole 2.1b creds with infostealers in 2024, -- much more https://lnkd.in/ed8ey3B7

The tide could be turning for the federal cybersecurity workforce after a judge’s ruling and a White House plea offer a glimmer of hope that they may be spared the worst of DOGE’s slash-and-burn strategy. Check out my latest news item for CSO for more. Thanks to Richard F. and Nate Allen for their quick insight. https://lnkd.in/e4tyhfQF

In a situation characterized by a massive conflict of interest and a host of cybersecurity concerns, Starlink, the satellite internet service operated by Elon Musk’s SpaceX, is now accessible across the White House campus, routing itself through a White House data center with existing fiber cables miles from the complex. Don't miss today's packed Metacurity for more on this critical development and other top infosec news you should know, including --CISA seeks to rehire fired employees, --US Commerce Department bans DeepSeek, --House panel asks Noem for Volt Typhoon and Salt Typhoon documents, --Carney and Macron discuss deal on intel and cyber, --Big sperm and egg bank breach exposes files, --Alphabet to buy Wiz for $32b, --much more https://lnkd.in/eYqSJmf8

An open source package, tj-actions/changed-files, part of tj-actions, a collection of files used by more than 23,000 organizations, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer account Check out today's Metacurity for more on this development and the other critical infosec news you might have missed over the weekend, including --12K GitHub repos targeted with fake security alerts, --All Echo voice requests will be stored in Amazon's cloud, --OKX suspends service used to launder Bybit stolen funds, --Infosys to pay $17.5m over 2023 breach, --NIST removes safety from AI safety, --S. Korea urges better cyber for drones, --much more https://lnkd.in/eD2cJFbg

Metacurity is pleased to offer our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush. This week's selection covers --Musk's DOGE crew has siphoned massive volumes of Americans' data, --A crypto password-cracking firm hid its infamous hacker co-founder, --An online abuse campaign tortured a young woman for years, --Software developed by academics might prevent AI art theft, --New details on the US-UK Cloud Act's impact https://lnkd.in/e3_5cEbB

Greg Barbaccia, the United States federal chief information officer, emailed federal agencies urging them to refrain from laying off their cybersecurity teams as they scrambled to comply with a Thursday deadline to submit mass layoff plans to slash their budgets Before you head out for the weekend, check out today's Metacurity for more on this development and other top infosec news stories you should know, including --Musk visits NSA after saying it needs an overhaul,? --UK urged to hold an open meeting on back door proposal,? --MSFT warns of Booking [dot] com scam, --Ukraine says Signal no longer gives Russian threat info,? --DeepSeek can generate keylogger and ransomware code,? --Emergency Junos OS patch released, --much more https://lnkd.in/e7ph7Y3Y