Author | Lightnews

Reposted by Paul Dokas

Ian Coldwater 👻🌿 @lookitup.baby · 1d

Kubernetes SIG Security is updating the OWASP Top 10 for Kubernetes, and we're seeking community input on it!

What do you think should be included? Fill out our survey here!

OWASP Kubernetes Top 10 2025 Survey

Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awarenes...

docs.google.com

25 52

Reposted by Paul Dokas

InfoSec @infosec.skyfleet.blue · 3d

NFC Relay Malware Exploits Android Tap-to-Pay for Fraudulent Transactions

NFC Relay Malware Exploits Android Tap-to-Pay for Fraudulent Transactions - Cyberwarzone

Zimperium zLabs has discovered hundreds of malicious Android apps using NFC relay and Host Card Emulation to steal payment data from tap-to-pay transactions, turning infected phones into tools for payment fraud.

cyberwarzone.com

2 3

Paul Dokas @pauldokas.bsky.social · 8d

“Nearly half (45%) of C-level respondents — including CISOs and CIOs — describe themselves as "very confident" in their organization's readiness. Yet among mid-level managers, that number drops sharply to just 19%.”

They’re both optimists.
thehackernews.com/2025/10/the-...

The Cybersecurity Perception Gap: Why Executives and Practitioners See Risk Differently

Bitdefender 2025 report exposes a widening cybersecurity perception gap between executives and frontline teams.

thehackernews.com

1

Paul Dokas @pauldokas.bsky.social · 8d

“The root cause was a race condition in DynamoDB's automated DNS management system that left an empty DNS record for the service's regional endpoint.”
www.theregister.com/2025/10/23/a...

A single DNS race condition brought AWS to its knees

: Fault in DynamoDB system cascaded through AWS services, knocking major sites offline for hours

www.theregister.com

1 1

Reposted by Paul Dokas

Rory McCune @mccune.org.uk · 9d

You've got just over a week to contribute feedback for the new OWASP Kubernetes Top 10 docs.google.com/forms/d/e/1F... . Thanks to all the people who have taken the time to contribute already!

OWASP Kubernetes Top 10 2025 Survey

Kubernetes SIG Security Docs subproject is starting an update of the OWASP Kubernetes Top 10 and as such want to canvas ideas on what should be included. The goal of the Top 10 is to provide awarenes...

docs.google.com

6 12

Reposted by Paul Dokas

Joseph Cox @josephcox.bsky.social · 10d

The AWS outage bricked people's $2,700 smartbeds, leaving them in a reclining position or with the heat up. People were unable to use them, basically. A GitHub repo exists that lets people operate their beds without reliance on the normal infrastructure

www.404media.co/the-aws-outa...

The AWS Outage Bricked People’s $2,700 Smartbeds

When Amazon Web Services went offline, people lost control of their cloud-connected smart beds, getting stuck in reclined positions or roasting with the heat turned all the way up.

www.404media.co

74 200 640

Paul Dokas @pauldokas.bsky.social · 12d

“Google has suddenly confirmed privacy initiatives ‘are being phased out.’ The Privacy Sandbox, now in its sixth year, has essentially ended just months after Google confirmed tracking is here to stay and there are no viable alternatives.”
www.forbes.com/sites/zakdof...

‘Phased Out’—Google Confirms Bad News For All 3 Billion Chrome Users

Is it time to quit the world’s most popular browser as privacy nightmare comes true?

www.forbes.com

2 4

Reposted by Paul Dokas

Nahal Toosi @nahaltoosi.bsky.social · 15d

I’d like to attend a rodeo just so I can say, “This is my first rodeo.”

2 2 20

Paul Dokas @pauldokas.bsky.social · 16d

“The End of Cybersecurity: America’s Digital Defenses Are Failing—but AI Can Save Them”
www.foreignaffairs.com/united-state...

a man is eating a can of soda .

Alt: a man is eating a can of soda .

media.tenor.com

2

Paul Dokas @pauldokas.bsky.social · 17d

“Close to half of the gain in gross domestic product this year will come from data center construction, and around 80 percent of stock market gains are attributable to a handful of AI-heavy tech companies.”
🤔
prospect.org/world/2025-1...

Why China Can Collapse the U.S. With One Decree

China holds a virtual monopoly over a product needed to produce the only thing holding up our economy right now. And it’s preparing to use that leverage.

prospect.org

4

Reposted by Paul Dokas

Pavel @spavel.bsky.social · 20d

bitch what

Onedrive settings. A toggle for using AI to detect and identify faces is set to on. The caption says, you can only turn off this setting 3 times per year.

94 1.3K 4K

Reposted by Paul Dokas

Damien Miller @damienmiller.bsky.social · 22d

OpenSSH 10.2 has just been released.

This release contains only non-security bugfixes, most notably for a bad regression that made interactive that used ControlPersist basically unusable

Full release notes at openssh.com/releasenotes...

OpenSSH: Release Notes

OpenSSH release notes

openssh.com

7 14

Reposted by Paul Dokas

Chris Smolinski W3HFU @hfunderground.com · 27d

Shortwave pirate radio station Rolling Stones Radio has been on 6850 USB since about 1100 UTC with a very good signal here in Westminster MD USA. And they've already sent the #eQSL !

www.hfunderground.com/board/index....

1 2

Reposted by Paul Dokas

🎃 Like Mucas 🎃 @mwl.io · 27d

60 hours left to get 3 sysadmin books for the price of 1!

The #kickstarter for "Networking for System Administrators" has gone beyond what I hoped. My next hope is that it makes your #sysadmin job suck less.

mwl.io/ks

Networking for System Administrators (2nd Edition)

The critically-acclaimed sysadmin reference, updated for modern Windows and Unix

mwl.io

1 4

Paul Dokas @pauldokas.bsky.social · 28d

Reading between the lines, that article if full of examples of how NOT to write secure software.

1

Paul Dokas @pauldokas.bsky.social · 28d

“‘given the current security posture of the platform and the hosted 3rd party applications the likelihood of an adversary gaining persistent undetectable access to the platform requires the system be treated as very high risk.’”
finance.yahoo.com/news/anduril...

Anduril and Palantir battlefield communication system 'very high risk,' US Army memo says

WASHINGTON (Reuters) -The much-needed modernization of the U.S. Army's battlefield communications network being undertaken by Anduril, Palantir and others is rife with "fundamental security" problems ...

finance.yahoo.com

1 1

Paul Dokas @pauldokas.bsky.social · Oct 2

👀

Financial Times @financialtimes.com · Oct 2

Japan days away from running out of Asahi Super Dry after cyber attack on.ft.com/4nH4Hxl

Japan days away from running out of Asahi Super Dry after cyber attack

Vast majority of factories of nation’s most popular beer have stopped work this week

on.ft.com

2

Reposted by Paul Dokas

Securitycipher @securitycipher.bsky.social · Sep 30

`use-mcp`'s oauth2 process uses a window.open call with untrusted mcp server provided data allowing for code execution under the page using it

https://hackerone.com/reports/3211031

1 1

Reposted by Paul Dokas

Joe Tidy BBC News @joetidy.bsky.social · Sep 29

'You'll never need to work again': Criminals offer reporter money to hack BBC.
I recently got offered millions of pounds to give cyber criminals from the Medusa gang my BBC login. I played along to learn about how these 'insider threat' deals work.
www.bbc.co.uk/news/article...

'You'll never need to work again': Criminals offer reporter money to hack BBC

Reporter Joe Tidy was offered money if he would help cyber criminals access BBC systems.

www.bbc.co.uk

7 71 110

Reposted by Paul Dokas

Gergely Orosz @gergely.pragmaticengineer.com · Sep 28

How is this not bigger news in tech/security circles.

Jaguar Land Lover lost $250M (£200M) and counting thanks to a cyberattack that it still couldn’t mitigate. This is growing every week.

The cost of underinvesting in security is very real. 1+ month recovery is bonkers

60 250 900

Paul Dokas @pauldokas.bsky.social · Sep 25

OH: "I will say that my friend Gemini is more like Forest Gump than Rain Man."

This is true of all LLMs. They are tools, nothing more.

Paul Dokas @pauldokas.bsky.social · Sep 23

"... Secret Service agents discovered more than 300 co-located SIM servers and 100,000 SIM cards ..."

"'These devices allowed anonymous, encrypted communications between potential threat actors and criminal enterprises ...'"

🤔
www.nbcnews.com/politics/nat...

Secret Service agents dismantle network that could shut down New York cellphone system

Agents discovered electronic devices in five locations in and around the city that could be used to disable cellphone towers. The system could also be used for criminal activites.

www.nbcnews.com

3

Paul Dokas @pauldokas.bsky.social · Sep 23

“Someone allegedly found an MGM Grand employee on LinkedIn and impersonated them, calling the company IT department to ask for a password reset. Once the reset was granted, the hacker reportedly had access to MGM’s internal systems ‘in 10 minutes.’”

Of course. 🙄
www.sfgate.com/travel/artic...

Teen arrested on suspicion of Vegas Strip attack that cost $100M

A teenager has been arrested on suspicion of orchestrating a “sophisticated” hack.

www.sfgate.com

1 1 4

Paul Dokas @pauldokas.bsky.social · Sep 22

“However, when speed becomes more important than strategy, you don’t get stronger results. You get a company full of people who are busy but not effective.”
💯
www.inc.com/david-finkel...

Stop Rewarding Urgency and Build a Culture That Prioritizes Value Instead

A culture built on value prioritizes moving intentionally. Here is how leaders can break the cycle of urgency in the workplace.

www.inc.com

1

Paul Dokas @pauldokas.bsky.social · Sep 22

“Google's PSP shares some concepts with IPsec ESP and is an encryption encapsulation layer on top of IP for large-scale data center needs.”
www.phoronix.com/news/PSP-Enc...

Linux Ready To Upstream Support For Google's PSP Encryption For TCP Connections

Not to be confused with AMD's Platform Security Processor (PSP), but Google's PSP Security Protocol (PSP) for encryption in-transit for TCP network connections is now ready for the mainline kernel

www.phoronix.com