Author | Lightnews

Alex Pinto

@alexcp.bsky.social

620 followers 720 following 110 posts

Cybersecurity data storytelling. DBIR at Verizon Business. Previously serial founder and parallel shitposter. He/him.

Posts Media Videos Starter Packs

Pinned

Alex Pinto @alexcp.bsky.social · Apr 23

The 2025 #DBIR is out! Go get it.

Verizon.com/dbir

2025 Data Breach Investigations Report

The 2025 Data Breach Investigations Report (DBIR) from Verizon is here! Get the latest updates on real-world breaches and help safeguard your organization from cybersecurity attacks.

Verizon.com

7 10

Alex Pinto @alexcp.bsky.social · 1d

Your reading is correct, but there is also a fair bit of “it wasn’t us, it was the algorithm” blame shifting when the models do bad things.

As if it weren’t them choosing the training data / creating the reinforcement learning loop.

1 1

Alex Pinto @alexcp.bsky.social · 1d

Didn’t mean to be disparaging, Cynthia, and I am also aware you probably have no control over the social media post or maybe even the headline.

I do believe it’s important to be a moderating force against hype of things that are not confirmed to exist.

There are enough real threats to worry about.

Alex Pinto @alexcp.bsky.social · 1d

Thanks for sharing this, this was a very good article.

I haven’t met the other 2 researchers but I am generally a fan of @morecoffeeplz.bsky.social ‘s work.

1 1

Alex Pinto @alexcp.bsky.social · 1d

What is an “AI-enabled Ransomware”?

CSOonline @csoonline.bsky.social · 1d

As ransomware attacks accelerate in speed and sophistication, 38% of security leaders rank AI-enabled ransomware as their top concern — the most frequently cited worry about AI-related security issues according to CSO’s new 2025 Security Priorities study. www.csoonline.com/article/4075...

AI-enabled ransomware attacks: CISO’s top security concern — with good reason

New surveys from CSO and CrowdStrike reveal growing fears that generative AI is accelerating ransomware attacks while defenders rush to harness the same technology to fight back.

www.csoonline.com

Alex Pinto @alexcp.bsky.social · 8d

Glad to know I am not the only one with this problem.

Alex Pinto @alexcp.bsky.social · 17d

Botei no wishlist. Nada como um bom retrô survival horror.

1 2

Reposted by Alex Pinto

lauren @lauren.rotatingsandwiches.com · 20d

i'm inventing a new kind of roguelike where instead of poker, slot machines or coin flipping you play as a little guy with a sword

29 43 530

Reposted by Alex Pinto

holden m. accountable @noahs.bsky.social · 24d

THE MEME IS REAL

60 2.8K 9.3K

Reposted by Alex Pinto

Adam Shostack :donor: :rebelverified: @adamshostack.infosec.exchange.ap.brid.gy · 26d

I did a long, in depth podcast with Shannon Lantzy, you can listen at https://www.shannonlantzy.com/post/from-microsoft-s-crisis-to-medical-device-revolution-the-evolution-of-threat-modeling

From Microsoft's Crisis to Medical Device Revolution: The Evolution of Threat Modeling

The year 2002 marked a turning point in cybersecurity history, though few realized it at the time. Microsoft was hemorrhaging customers due to security vulnerabilities, worms were spreading unchecked, and patching costs were mounting. In the midst of this crisis, Bill Gates penned his famous memo on "trustworthy computing," setting the stage for a fundamental transformation in how we approach software security.At the center of this transformation was Adam Shostack, a critic-turned-insider who wo

www.shannonlantzy.com

1 1

Alex Pinto @alexcp.bsky.social · Sep 22

Enjoy! It’s a delightful game. The language is fully translatable as well, but that was beyond my reach when I played it.

Alex Pinto @alexcp.bsky.social · Sep 22

Oh, man! Really want to hear your thoughts on this one!

Alex Pinto @alexcp.bsky.social · Sep 17

Most impactful project I’ve ever been involved with for sure.

The Sony Hack Attribution Generator was a close second.

Alex Pinto @alexcp.bsky.social · Sep 16

Putting the whole “chat bots are bad for your psyche” thing aside, this is brilliant experiment design.

www.businessinsider.com/reddit-aita-...

Am I the jerk? Redditors say yes — but ChatGPT and other bots say no.

ChatGPT and other AI bots tell posters from Reddit's "AITA" board that, actually, they're not the jerks.

www.businessinsider.com

Alex Pinto @alexcp.bsky.social · Sep 13

Missed you, man.

Alex Pinto @alexcp.bsky.social · Sep 11

As a Brazilian-American, my feelings about 9/11 are now very conflicted.

The Guardian @theguardian.com · Sep 11

Brazil’s supreme court finds Bolsonaro guilty of plotting military coup

Former president faces decades-long jail sentence for seeking to forcibly cling to power after losing 2022 election * Anatomy of a coup plot: why Jair Bolsonaro is on trial A majority of Brazil’s supreme court judges have voted to convict the country’s former president Jair Bolsonaro of plotting a military coup, leaving the far-right populist facing a decades-long sentence for leading the criminal conspiracy. Justice Cármen Lúcia Antunes Rocha ruled on Thursday that Bolsonaro – a former paratrooper who was elected president in 2018 – was guilty of seeking to forcibly cling to power after losing the 2022 election, meaning three of the five judges involved in the trial had found Brazil’s former leader guilty. Continue reading...

www.theguardian.com

Alex Pinto @alexcp.bsky.social · Sep 11

This one did make the DBIR Breach Hall Of Fame 2019. First and only breach where the threat actor was outside planet Earth.

github.com/vz-risk/VCDB...

Reposted by Alex Pinto

Cyber Threat Alliance @cyberalliance.bsky.social · Sep 11

Now available on-demand.
What Gets Measured, Gets Done: A National Dashboard for Cybersecurity
www.youtube.com/watch?v=yBeV...
with lumanaries in the cyber measurement field.
#cybersecurity #cybermetrics #threatintelligence

CTA Webinar What Gets Measured, Gets Done A National Dashboard for Cybersecurity

YouTube video by Cyber Threat Alliance

www.youtube.com

1 1

Alex Pinto @alexcp.bsky.social · Sep 3

If AI models were able to do all the things people claim they do, the foundational model companies would be raking in Trillions from the additional output and they would keep the AI itself under lock and key.

It’s like buying a “how to get rich” course off the internet.

hrbrmstr 🇺🇦 🇬🇱 🇨🇦 🏳️‍🌈 @hrbrmstr.dev · Sep 3

AI is going GREAT!

substack.com/inbox/post/1...

(apologies for a substack link but it's a good post)

Where's the Shovelware? Why AI Coding Claims Don't Add Up

78% of developers claim AI makes them more productive. 14% say it's a 10x improvement. So where's the flood of new software? Turns out those productivity claims are bullshit.

substack.com

10 13

Alex Pinto @alexcp.bsky.social · Sep 3

I love the methodology. The author makes a lot of sense here.

Alex Pinto @alexcp.bsky.social · Aug 27

Yes, please.

Reposted by Alex Pinto

hrbrmstr 🇺🇦 🇬🇱 🇨🇦 🏳️‍🌈 @hrbrmstr.dev · Aug 14

PHENOMENAL work by @censys.bsky.social w/special shout out to one of the best cyber researchers out there (Himaja, who is smartly not on social media).

They discovered sophisticated proxy infra designed for long-term espionage operations, & most victims probably have no idea they're compromised.

2025 State of the Internet: Digging into Residential Proxy Infrastructure

In-depth analysis of the PolarEdge botnet (first reported on by Sekoia in early 2025) a suspected ORB targeting edge devices since mid-2023. This blog covers infrastructure patterns, profiles current ...

censys.com

4 3

Alex Pinto @alexcp.bsky.social · Aug 10

What a sweetie! Congrats, Leigh!

Alex Pinto @alexcp.bsky.social · Aug 9

Are there any good write ups on the Salesforce data exfils that have been happening?

Did ShinyHunters create a mass credential dump tool just like the one we had last year with Snowflake?

Alex Pinto @alexcp.bsky.social · Aug 8

Take your like and leave.

Alex Pinto @alexcp.bsky.social · Aug 8

Holding a bowl of berries at arms length to keep the AI Hunter Killers at bay during the Water Wars.