banner
LightNews
gregotto.bsky.social
Greg Otto
@gregotto.bsky.social
5.3K followers 410 following 560 posts
@gregotto from twitter, now on bluesky. Editor-in-Chief at CyberScoop. Host of Safe Mode. Better with words than I am with code.
Posts Media Videos Starter Packs
Pinned
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · Feb 18
Our reporting at @cyberscoop.bsky.social doesn’t happen without our sources’ insights. If you have information that you would like to share, scan the code below to contact me via signal:
A QR code that will open the Signal messaging app, allowing you to contact Greg Otto
2 4
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 18h
Adelman Kings/Pre-KD Warriors
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 20h
Thank you WSJ for writing about the plight of parents everywhere

www.wsj.com/lifestyle/si...
The Numbers Six and Seven Are Making Life Hell for Math Teachers
‘Six seven’ sends teens into a frenzy that schools have been powerless to stop. ‘It’s like throwing catnip at cats.’
www.wsj.com
1 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 21h
STORY: LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation cyberscoop.com/cybereason-l...
1 1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 21h
Apparently so did the market if you follow the past decade
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 23h
LevelBlue, formerly the cybersecurity wing of AT&T, announces it acquired Cybereason. Financials not known at the moment - www.businesswire.com/news/home/20...
www.businesswire.com
3 3 5
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 23h
For more than a year, hackers from a Chinese state-backed espionage group maintained backdoor access to a popular software mapping tool by turning one of its own features into a webshell, according to new research from ReliaQuest.

cyberscoop.com/flax-typhoon...
Flax Typhoon can turn your own software against you
Chinese state-backed hackers from the Flax Typhoon group exploited ArcGIS servers by weaponizing built-in extensions, evading detection, and persisting through system backups, revealing critical risks...
cyberscoop.com
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 6d
Voting rights groups are asking a court to block an ongoing Trump administration effort to merge disparate federal and state voter data into a massive citizenship and voter fraud database. cyberscoop.com/voting-right...
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
In a court filing, the groups argued court action was needed to prevent permanent privacy harm from the government’s “illegal and secretive consolidation of millions of Americans’ sensitive personal d...
cyberscoop.com
2 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 7d
🤭🫣💀

www.flawtinet.com
Flawtinet - Your Most Trusted Vulnerable Product
www.flawtinet.com
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 7d
Who said there is no cybersecurity knowledge exchange on this app????
3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 7d
Every day we stray further from god's light 😔
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
I said the same thing but we couldn’t challenge it bc we burned it earlier in the game
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
1 4
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
The teenagers are making fun of CrowdStrike in their super secret telegram clubhouse
1 5
Reposted by Greg Otto
cyberscoop.bsky.social
CyberScoop @cyberscoop.bsky.social · 8d
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem. via @mattkapko.com cyberscoop.com/okta-zscaler...
Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks
Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.
cyberscoop.com
1 7 8
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
I get that enterprise patch/vuln management is more than just clicking "update now" but 2010???? Do better, everyone
List of CVEs from CISA KEV list, starting with two from 2010, two from 2011, and one from 2013
3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 8d
170,000 x $80/yr = $13.6m in revenue. But worth $150m. Sure sure.
maxtani.bsky.social
max tani @maxtani.bsky.social · 9d
David Ellison’s note to staff on Paramount’s acquisition of the Free Press
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 11d
I went to find the article and was shocked it wasn’t a Issac Chotiner interview. Thought Remnick was his boy!
1 4
Reposted by Greg Otto
couts.bsky.social
Andrew Couts @couts.bsky.social · 12d
NEW: ICE is planning to hire a team of nearly 30 people to surveil social media 24/7, build dossiers on people, and flag them for arrest and deportation. @dell.bsky.social has the scoop: www.wired.com/story/ice-so...
ICE Wants to Build Out a 24/7 Social Media Surveillance Team
Documents show ICE plans to hire dozens of contractors to scan X, Facebook, TikTok, and other platforms to target people for deportation.
www.wired.com
800 4.9K 6.5K
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 11d
Anyone who says someone is "asymmetric in sympathy and generosity" needs to be shoved into a locker forever. Big Seth Milchick hours
1 6
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 11d
The cyber girlies are fighting in the chats
2
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
Red Hat confirms breach of GitLab instance, which stored company’s consulting data cyberscoop.com/red-hat-gitl...
Red Hat confirms breach of GitLab instance, which stored company’s consulting data
The open-source software company said exposure is limited to consulting engagements, adding that it hasn’t found evidence of personal or sensitive data theft.
cyberscoop.com
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
Oracle confirmed it’s aware some customers have received extortion emails.

“Our ongoing investigation has found the potential use of previously identified vulnerabilities that are addressed in the July 2025 critical patch update,” Rob Duhart, CSO at Oracle Security, said in a blog post.
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
NEW: @mattkapko.com got his hands on the email being sent to oracle customers. Lots of broken english and pressure applied to pay up or see data leaked cyberscoop.com/extortion-em...
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.
cyberscoop.com
1
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
George Cheeks
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
NEW: @mattkapko.com got his hands on the email being sent to oracle customers. Lots of broken english and pressure applied to pay up or see data leaked cyberscoop.com/extortion-em...
Here is the email Clop attackers sent to Oracle customers
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.
cyberscoop.com
2 3
gregotto.bsky.social
Greg Otto @gregotto.bsky.social · 12d
🤔🤔🤔
CISA KEV email that has CVEs from 2015 and 2017.