banner
LightNews
gregotto.bsky.social
Greg Otto
@gregotto.bsky.social
5.3K followers 410 following 570 posts
@gregotto from twitter, now on bluesky. Editor-in-Chief at CyberScoop. Host of Safe Mode. Better with words than I am with code.
Posts Media Videos Starter Packs
Pinned
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · Feb 18
Our reporting at @cyberscoop.bsky.social doesn’t happen without our sources’ insights. If you have information that you would like to share, scan the code below to contact me via signal:
A QR code that will open the Signal messaging app, allowing you to contact Greg Otto
2 4
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 22h
NEW from @mattkapko.com: CISA warns of imminent risk posed by thousands of F5 products in federal agencies
cyberscoop.com/cisa-emergen...
CISA warns of imminent risk posed by thousands of F5 products in federal agencies
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services.
cyberscoop.com
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
UPDATE: F5 rolled out updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM. Brought in NCC Group, IOActive, and CrowdStrike for IR/supply chain security assessment. More updates to come cyberscoop.com/f5-breach-na...
F5 disclosures breach tied to nation-state threat actor
F5 disclosed Wednesday that it had been the target of what it’s calling a “highly sophisticated” cyberattack, which it attributes to a nation-state actor.
cyberscoop.com
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
I think part of the problem is they fail to understand the general population. Sure, powerful people reading the NYT may care, the vast majority don't have the brain power to understand what congressional district they are in, let alone the budget impacts.
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
This is probably bad: "In September, the Department of Justice permitted F5 to withhold public disclosure of the breach, which the government allows if a breach is determined to be a substantial risk to national security or public safety. " cyberscoop.com/f5-breach-na...
F5 disclosures breach tied to nation-state threat actor
F5 disclosed Wednesday that it had been the target of what it’s calling a “highly sophisticated” cyberattack, which it attributes to a nation-state actor.
cyberscoop.com
1 3 2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
Adelman Kings/Pre-KD Warriors
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 1d
Thank you WSJ for writing about the plight of parents everywhere

www.wsj.com/lifestyle/si...
The Numbers Six and Seven Are Making Life Hell for Math Teachers
‘Six seven’ sends teens into a frenzy that schools have been powerless to stop. ‘It’s like throwing catnip at cats.’
www.wsj.com
1 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
STORY: LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation cyberscoop.com/cybereason-l...
1 1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
Apparently so did the market if you follow the past decade
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
LevelBlue, formerly the cybersecurity wing of AT&T, announces it acquired Cybereason. Financials not known at the moment - www.businesswire.com/news/home/20...
www.businesswire.com
3 3 5
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 2d
For more than a year, hackers from a Chinese state-backed espionage group maintained backdoor access to a popular software mapping tool by turning one of its own features into a webshell, according to new research from ReliaQuest.

cyberscoop.com/flax-typhoon...
Flax Typhoon can turn your own software against you
Chinese state-backed hackers from the Flax Typhoon group exploited ArcGIS servers by weaponizing built-in extensions, evading detection, and persisting through system backups, revealing critical risks...
cyberscoop.com
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 7d
Voting rights groups are asking a court to block an ongoing Trump administration effort to merge disparate federal and state voter data into a massive citizenship and voter fraud database. cyberscoop.com/voting-right...
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal d...
cyberscoop.com
2 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
🤭🫣💀

www.flawtinet.com
Flawtinet - Your Most Trusted Vulnerable Product
www.flawtinet.com
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
Who said there is no cybersecurity knowledge exchange on this app????
3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 9d
Every day we stray further from god's light 😔
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 9d
I said the same thing but we couldn’t challenge it bc we burned it earlier in the game
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 9d
1 4
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 9d
The teenagers are making fun of CrowdStrike in their super secret telegram clubhouse
1 5
Reposted by Greg Otto
cyberscoop.bsky.social
CyberScoop @cyberscoop.bsky.social · 10d
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem. via @mattkapko.com cyberscoop.com/okta-zscaler...
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.
cyberscoop.com
1 7 8
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 9d
I get that enterprise patch/vuln management is more than just clicking "update now" but 2010???? Do better, everyone
List of CVEs from CISA KEV list, starting with two from 2010, two from 2011, and one from 2013
3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 10d
170,000 x $80/yr = $13.6m in revenue. But worth $150m. Sure sure.
maxtani.bsky.social
max tani @maxtani.bsky.social · 10d
David Ellison’s note to staff on Paramount’s acquisition of the Free Press
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 13d
I went to find the article and was shocked it wasn’t a Issac Chotiner interview. Thought Remnick was his boy!
1 4
Reposted by Greg Otto
couts.bsky.social
Andrew Couts @couts.bsky.social · 13d
NEW: ICE is planning to hire a team of nearly 30 people to surveil social media 24/7, build dossiers on people, and flag them for arrest and deportation. @dell.bsky.social has the scoop: www.wired.com/story/ice-so...
ICE Wants to Build Out a 24/7 Social Media Surveillance Team
Documents show ICE plans to hire dozens of contractors to scan X, Facebook, TikTok, and other platforms to target people for deportation.
www.wired.com
800 4.9K 6.5K
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 13d
Anyone who says someone is "asymmetric in sympathy and generosity" needs to be shoved into a locker forever. Big Seth Milchick hours
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 13d
The cyber girlies are fighting in the chats
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 13d
Red Hat confirms breach of GitLab instance, which stored company’s consulting data cyberscoop.com/red-hat-gitl...
Red Hat confirms breach of GitLab instance, which stored company’s consulting data
The open-source software company said exposure is limited to consulting engagements, adding that it hasn’t found evidence of personal or sensitive data theft.
cyberscoop.com
1