Greg Otto
@gregotto.bsky.social
@gregotto from twitter, now on bluesky. Editor-in-Chief at CyberScoop. Host of Safe Mode. Better with words than I am with code.
Pinned
Greg Otto
@gregotto.bsky.social
· Feb 18
Our reporting at @cyberscoop.bsky.social doesn’t happen without our sources’ insights. If you have information that you would like to share, scan the code below to contact me via signal:
I know everyone is rightfully worked up over this govt funding bill but @timstarks.bsky.social and I found the cyber angle: if passed, CISA 2015 would go back into law until Jan 30 2026 cyberscoop.com/cisa-2015-sh...
Cyber information sharing law would get extension under shutdown deal bill
The Cybersecurity and Information Sharing Act of 2015 would go from expired to extended through Jan. 30.
cyberscoop.com
November 10, 2025 at 2:11 PM
I know everyone is rightfully worked up over this govt funding bill but @timstarks.bsky.social and I found the cyber angle: if passed, CISA 2015 would go back into law until Jan 30 2026 cyberscoop.com/cisa-2015-sh...
NEW: @timstarks.bsky.social and I confirmed WaPo story that CBO was hacked by a suspected foreign actor - cyberscoop.com/congressiona...
Agency that provides budget data to Congress hit with security incident
A spokesperson for the Congressional Budget Office (CBO) acknowledged the incident Thursday, with the attackers potentially accessing communications between lawmakers and researchers at the agency.
cyberscoop.com
November 6, 2025 at 10:37 PM
NEW: @timstarks.bsky.social and I confirmed WaPo story that CBO was hacked by a suspected foreign actor - cyberscoop.com/congressiona...
my response to this is the loudest OK BRO you've ever heard in your life
Famed Russian spy hunter Christo Grozev claimed on this podcast four months ago that North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. 🤔 #infosec Passage at 13m 31s:
www.youtube.com/watch?v=dimh...
www.youtube.com/watch?v=dimh...
November 6, 2025 at 10:10 PM
my response to this is the loudest OK BRO you've ever heard in your life
oh inject this directly into my veins
In 2023, students at Ohio State blocked the doors to the president's office.
Little did they know, live video from campus CCTVs were being fed straight to DHS.
It's part of a little-known, decades-long surveillance effort built on the back of college football.
www.foiaball.com/p/dhs-colleg...
Little did they know, live video from campus CCTVs were being fed straight to DHS.
It's part of a little-known, decades-long surveillance effort built on the back of college football.
www.foiaball.com/p/dhs-colleg...
Scoop: Inside DHS's vast college football surveillance effort
If you go to a college football game, the feds have cameras on you.
www.foiaball.com
November 6, 2025 at 8:38 PM
oh inject this directly into my veins
Tried to buy one at the height of the market and I’ll never forget the Ford dealership I called laughing at me and hanging up when I asked what was in stock. Really wanted these to succeed www.wsj.com/business/aut...
Exclusive | Ford Considers Scrapping Electric Version of F-150 Truck
Once hyped as a ‘smartphone that can tow,’ production of money-losing EV pickup may be shut down for good.
www.wsj.com
November 6, 2025 at 7:36 PM
Tried to buy one at the height of the market and I’ll never forget the Ford dealership I called laughing at me and hanging up when I asked what was in stock. Really wanted these to succeed www.wsj.com/business/aut...
NEW: After all of that, a federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. cyberscoop.com/court-reimpo...
Court reimposes original sentence for Capital One hacker
A federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than...
cyberscoop.com
November 5, 2025 at 8:45 PM
NEW: After all of that, a federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. cyberscoop.com/court-reimpo...
Can you send it to Nate Cohn in the company Slack?
November 5, 2025 at 3:29 PM
Can you send it to Nate Cohn in the company Slack?
Another update: Participants tell @timstarks.bsky.social: “Post-shutdown deferments will do little to help our situation — our biggest blocker is the crusade against federal hiring and public sector cybersecurity overall...please, let’s keep the conversation going.” cyberscoop.com/opm-nsf-cybe...
November 4, 2025 at 2:53 PM
Another update: Participants tell @timstarks.bsky.social: “Post-shutdown deferments will do little to help our situation — our biggest blocker is the crusade against federal hiring and public sector cybersecurity overall...please, let’s keep the conversation going.” cyberscoop.com/opm-nsf-cybe...
UPDATE: OPM tells @timstarks.bsky.social that once the shutdown is over, it plans to grant CyberCorps participants more time to find jobs without fear the gov't will collect on the student loans cyberscoop.com/opm-nsf-cybe...
November 3, 2025 at 10:15 PM
UPDATE: OPM tells @timstarks.bsky.social that once the shutdown is over, it plans to grant CyberCorps participants more time to find jobs without fear the gov't will collect on the student loans cyberscoop.com/opm-nsf-cybe...
NEW: Federal prosecutors allege that 3 cybersecurity professionals, whose job was to help companies respond to ransomware attacks, instead used ALPHV/BlackCat to carry out their own attacks against five U.S. businesses in 2023. cyberscoop.com/incident-res...
Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks
The alleged cybersecurity turncoats attacked at least five U.S. companies while working for their respective employers, officials said.
cyberscoop.com
November 3, 2025 at 7:53 PM
NEW: Federal prosecutors allege that 3 cybersecurity professionals, whose job was to help companies respond to ransomware attacks, instead used ALPHV/BlackCat to carry out their own attacks against five U.S. businesses in 2023. cyberscoop.com/incident-res...
NEW: @timstarks.bsky.social spoke with some CyberCorps participants who have had federal agency job and internship offers rescinded this year due to cutbacks. Those who can’t find employment there will see their grants, often reaching six-figure sums, converted into loans after 18 months.
October 30, 2025 at 10:03 PM
NEW: @timstarks.bsky.social spoke with some CyberCorps participants who have had federal agency job and internship offers rescinded this year due to cutbacks. Those who can’t find employment there will see their grants, often reaching six-figure sums, converted into loans after 18 months.
Shot in the dark here: Any lawyer out there that can help me decipher a federal sentencing document ASAP? DM me
October 29, 2025 at 10:08 PM
Shot in the dark here: Any lawyer out there that can help me decipher a federal sentencing document ASAP? DM me
One of the nicest and well-liked dudes ive ever come across in my professional career. RIP
Radio Remembers Pierre Robert
Beasley Media Group has announced the passing of 93.3 WMMR Philadelphia midday host Pierre Robert.
Beasley Media Group has announced the passing of 93.3 WMMR Philadelphia midday host Pierre Robert.
Radio Remembers Pierre Robert
Beasley Media Group has announced the passing of 93.3 WMMR Philadelphia midday host Pierre Robert.
radioinsight.com
October 29, 2025 at 7:08 PM
One of the nicest and well-liked dudes ive ever come across in my professional career. RIP
An ex-L3 Harris executive pleaded guilty to two counts of theft of trade secrets Wednesday, admitting to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars. cyberscoop.com/peter-willia...
Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker
An ex-L3 Harris executive pleaded guilty to two counts of theft of trade secrets Wednesday, admitting to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars.
cyberscoop.com
October 29, 2025 at 6:14 PM
An ex-L3 Harris executive pleaded guilty to two counts of theft of trade secrets Wednesday, admitting to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars. cyberscoop.com/peter-willia...
BREAKING: ex-L3Harris exec Peter Williams pleads guilty to two counts of theft of trade secrets, sold eight exploits to Russian zero-day purchasing company. Sentencing in January 2026. Story to come.
October 29, 2025 at 4:05 PM
BREAKING: ex-L3Harris exec Peter Williams pleads guilty to two counts of theft of trade secrets, sold eight exploits to Russian zero-day purchasing company. Sentencing in January 2026. Story to come.
Guess we are asking too much of DHS to have contractors refer to its subagencies by their correct title
October 28, 2025 at 8:10 PM
Guess we are asking too much of DHS to have contractors refer to its subagencies by their correct title
Does Issac Chotiner, like, spoof his phone calls or lie to people he interviews? How does he keep getting away with it?
October 28, 2025 at 5:33 PM
Does Issac Chotiner, like, spoof his phone calls or lie to people he interviews? How does he keep getting away with it?
NEW: Researchers show how websites can secretly show crawlers in OpenAI's new browser negative or misleading content, triggering everything from misinfo to fake job promotions—without any visible changes for real users. @derekbjohnson.bsky.social with the scoop: cyberscoop.com/openai-atlas...
Exclusive: OpenAI’s Atlas browser — and others — can be tricked by manipulated web content
Researchers are poking holes in OpenAI’s new browser as international standards bodies fear U.S. businesses may be “sleepwalking” into an AI governance crisis.
cyberscoop.com
October 28, 2025 at 5:13 PM
NEW: Researchers show how websites can secretly show crawlers in OpenAI's new browser negative or misleading content, triggering everything from misinfo to fake job promotions—without any visible changes for real users. @derekbjohnson.bsky.social with the scoop: cyberscoop.com/openai-atlas...
Wild, wild, wild
cyberscoop.com/ex-l3harris-...
cyberscoop.com/ex-l3harris-...
Ex-L3Harris executive accused of selling trade secrets to Russia
Federal prosecutors have accused a former executive at L3Harris Technologies’ cyber division of stealing trade secrets and selling them to an undisclosed buyer in Russia.
cyberscoop.com
October 23, 2025 at 4:53 PM
Wild, wild, wild
cyberscoop.com/ex-l3harris-...
cyberscoop.com/ex-l3harris-...
Wait if i'm reading this complaint right, the russians (allegedly) gave this dude multiple FAKE watches????? Selling zero-days for dupes??????
a man in a chef 's uniform says pathetic with his hands on his hips
ALT: a man in a chef 's uniform says pathetic with his hands on his hips
media.tenor.com
October 23, 2025 at 4:30 PM
Wait if i'm reading this complaint right, the russians (allegedly) gave this dude multiple FAKE watches????? Selling zero-days for dupes??????
Last week, CISA said it needed to order an emergency directive to find out how widespread F5 was across gov agencies. I asked "wait, shouldn't CDM be able to answer that question?" @timstarks.bsky.social dug further and answered the question cyberscoop.com/f5-vulnerabi...
F5 vulnerability highlights weak points in DHS’s CDM program
The Continuous Diagnostics and Mitigation program is oft-praised, but there are areas where it doesn’t yet excel, as a recent CISA emergency directive shows.
cyberscoop.com
October 23, 2025 at 2:21 PM
Last week, CISA said it needed to order an emergency directive to find out how widespread F5 was across gov agencies. I asked "wait, shouldn't CDM be able to answer that question?" @timstarks.bsky.social dug further and answered the question cyberscoop.com/f5-vulnerabi...
Following a funding scare that nearly shuttered the CVE program, outside experts and CISA are positioning to take charge of the 25-year-old system before the next funding crisis hits. The mighty @metacurity.com goes behind the struggle for control of the CVE program cyberscoop.com/cve-program-...
Behind the struggle for control of the CVE program
Following a funding scare that nearly shuttered the CVE program, outside experts and CISA are positioning to take charge of the 25-year-old system before the next funding crisis hits.
cyberscoop.com
October 20, 2025 at 1:19 PM
Following a funding scare that nearly shuttered the CVE program, outside experts and CISA are positioning to take charge of the 25-year-old system before the next funding crisis hits. The mighty @metacurity.com goes behind the struggle for control of the CVE program cyberscoop.com/cve-program-...
NEW from @mattkapko.com: CISA warns of imminent risk posed by thousands of F5 products in federal agencies
cyberscoop.com/cisa-emergen...
cyberscoop.com/cisa-emergen...
CISA warns of imminent risk posed by thousands of F5 products in federal agencies
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services.
cyberscoop.com
October 15, 2025 at 6:27 PM
NEW from @mattkapko.com: CISA warns of imminent risk posed by thousands of F5 products in federal agencies
cyberscoop.com/cisa-emergen...
cyberscoop.com/cisa-emergen...
This is probably bad: "In September, the Department of Justice permitted F5 to withhold public disclosure of the breach, which the government allows if a breach is determined to be a substantial risk to national security or public safety. " cyberscoop.com/f5-breach-na...
F5 disclosures breach tied to nation-state threat actor
F5 disclosed Wednesday that it had been the target of what it’s calling a “highly sophisticated” cyberattack, which it attributes to a nation-state actor.
cyberscoop.com
October 15, 2025 at 2:38 PM
This is probably bad: "In September, the Department of Justice permitted F5 to withhold public disclosure of the breach, which the government allows if a breach is determined to be a substantial risk to national security or public safety. " cyberscoop.com/f5-breach-na...