Scott Stanton
@scott-stanton.bsky.social
I'm a pragmatic cybersecurity executive.
Reposted by Scott Stanton
Wrote up some thoughts for how Okta is getting squeezed from all sides: squished by Rippling at the bottom, Msft at the top, and other markets and startups in the middle.
I hope you love some red string diagrams 🤣
ventureinsecurity.net/p/the-unbund...
I hope you love some red string diagrams 🤣
ventureinsecurity.net/p/the-unbund...
The unbundling of Okta: are startups chipping away at Okta?
A guest post from Maya Kaczorowski who breaks down Okta’s competition and how Okta is not being unbundled, but rather squeezed from all sides.
ventureinsecurity.net
September 4, 2025 at 5:33 PM
Wrote up some thoughts for how Okta is getting squeezed from all sides: squished by Rippling at the bottom, Msft at the top, and other markets and startups in the middle.
I hope you love some red string diagrams 🤣
ventureinsecurity.net/p/the-unbund...
I hope you love some red string diagrams 🤣
ventureinsecurity.net/p/the-unbund...
What is RC4?
Your #DFIU category today is OG HACKER SHIRTS
This Ron Rivest 1987 cipher, illegal to export from the US (mathematical munitions), fit on 3 lines of Perl and adorned t-shirts as a form of civil disobedience before becoming the WEP protocol's greatest weakness
This Ron Rivest 1987 cipher, illegal to export from the US (mathematical munitions), fit on 3 lines of Perl and adorned t-shirts as a form of civil disobedience before becoming the WEP protocol's greatest weakness
September 1, 2025 at 5:30 PM
What is RC4?
Reposted by Scott Stanton
A lone cybercriminal used Anthropic's vibe-coding LLM to automate a massive spree that hacked and extorted 17 companies. It did almost everything for him: Scoped out who to hack and how, organized the hacked material, helped him decide how much to ask each company for and wrote his extortion emails.
A hacker used AI to automate an 'unprecedented' cybercrime spree, Anthropic says
The company behind the Claude chatbot said it caught a hacker using its chatbot to identify, hack and extort at least 17 companies.
www.nbcnews.com
August 27, 2025 at 12:59 PM
A lone cybercriminal used Anthropic's vibe-coding LLM to automate a massive spree that hacked and extorted 17 companies. It did almost everything for him: Scoped out who to hack and how, organized the hacked material, helped him decide how much to ask each company for and wrote his extortion emails.
Reposted by Scott Stanton
New from me: A previously unreported, AI-driven bot network on X has consistently supported MAGA figures and causes since last year. But with the movement fractured over the administration's handling of the Epstein Files, it's flooding conservatives' replies with contradictory messages.
A MAGA bot network on X is divided over the Trump-Epstein backlash
Researchers have found hundreds of fake X accounts that support the Trump administration.
www.nbcnews.com
July 20, 2025 at 11:33 AM
New from me: A previously unreported, AI-driven bot network on X has consistently supported MAGA figures and causes since last year. But with the movement fractured over the administration's handling of the Epstein Files, it's flooding conservatives' replies with contradictory messages.
Reposted by Scott Stanton
Great reporting highlighting that TeleMessage was much more widely used in government than previously reported.
I'll say it again: every foreign intelligence service worth its salt had access to this data. This is a *monumental* security failure by the Trump admin.
www.reuters.com/world/us/hac...
I'll say it again: every foreign intelligence service worth its salt had access to this data. This is a *monumental* security failure by the Trump admin.
www.reuters.com/world/us/hac...
Exclusive: Hacker who breached communications app used by Trump aide stole data from across US government
A hacker who breached the communications service used by former Trump national security adviser Mike Waltz earlier this month intercepted messages from a broader swathe of American officials than has previously been reported, according to a Reuters review, potentially raising the stakes of a breach that has already drawn questions about data security in the Trump administration.
www.reuters.com
May 21, 2025 at 1:16 PM
Great reporting highlighting that TeleMessage was much more widely used in government than previously reported.
I'll say it again: every foreign intelligence service worth its salt had access to this data. This is a *monumental* security failure by the Trump admin.
www.reuters.com/world/us/hac...
I'll say it again: every foreign intelligence service worth its salt had access to this data. This is a *monumental* security failure by the Trump admin.
www.reuters.com/world/us/hac...
Reposted by Scott Stanton
We're live! 📢 Get your @eff.org NSA Eagle "All Your Data" badge for @defcon.bsky.social to support digital freedom! In line with the #defcon theme, we offer global shipping so you don't miss out! 🌏 #DC33 #EFF #NSAEagle nsaeagle.eventbrite.com
EFF NSA Eagle "All Your Data" Badge
Support digital privacy at DEF CON 33 with a custom PCB badge featuring the Electronic Frontier Foundation's (EFF) iconic NSA Eagle!
nsaeagle.eventbrite.com
April 30, 2025 at 10:34 PM
We're live! 📢 Get your @eff.org NSA Eagle "All Your Data" badge for @defcon.bsky.social to support digital freedom! In line with the #defcon theme, we offer global shipping so you don't miss out! 🌏 #DC33 #EFF #NSAEagle nsaeagle.eventbrite.com
Reposted by Scott Stanton
This is a really good thread…about a precursor to the Black Basta leaks.
If you've been following #BlackBasta (and the recent leak), this thread might be of interest.
Last December, out of the blue, a source reached out to me (and, as I was to find out, to @valerymarchive.bsky.social as well) offering to doxx the leader of that ransomware-operation, known as "tramp".
Last December, out of the blue, a source reached out to me (and, as I was to find out, to @valerymarchive.bsky.social as well) offering to doxx the leader of that ransomware-operation, known as "tramp".
March 2, 2025 at 10:14 PM
This is a really good thread…about a precursor to the Black Basta leaks.
Reposted by Scott Stanton
The moment has arrived - the #DEFCON33 Call Season is officially afoot! There are a bunch of Calls to peruse at leisure from Contests to Soundtrack to Vendors, and all the info you need to get started is @ defcon.org/html/defcon-....
Don’t let your dreams be dreams! Let's get after it!
#defcon
Don’t let your dreams be dreams! Let's get after it!
#defcon
February 7, 2025 at 8:24 PM
The moment has arrived - the #DEFCON33 Call Season is officially afoot! There are a bunch of Calls to peruse at leisure from Contests to Soundtrack to Vendors, and all the info you need to get started is @ defcon.org/html/defcon-....
Don’t let your dreams be dreams! Let's get after it!
#defcon
Don’t let your dreams be dreams! Let's get after it!
#defcon
Reposted by Scott Stanton
Politics should not interfere with safe-guarding the lives of the American public, but it certainly does and will continue to do so in the foreseeable future. Reasonable people may disagree on the methods of maintaining public health and safety, but they should not disagree on the goals.
January 31, 2025 at 1:20 AM
Politics should not interfere with safe-guarding the lives of the American public, but it certainly does and will continue to do so in the foreseeable future. Reasonable people may disagree on the methods of maintaining public health and safety, but they should not disagree on the goals.
Reposted by Scott Stanton
Not that Google was ever good, but this cartoon is a good summary of now.
December 28, 2024 at 5:53 PM
Not that Google was ever good, but this cartoon is a good summary of now.
Reposted by Scott Stanton
Friends, FBI has responded to my FOIA request for Kevin Mitnick's files, and have made them available to everyone via the FBI public portal here: vault.fbi.gov/kevin-mitnic...
Kevin Mitnick Part 01 (Final)
vault.fbi.gov
December 15, 2024 at 7:14 PM
Friends, FBI has responded to my FOIA request for Kevin Mitnick's files, and have made them available to everyone via the FBI public portal here: vault.fbi.gov/kevin-mitnic...
Reposted by Scott Stanton
Dear every app developer:
It is not 2011. I am not sitting at a desktop computer with a CRT clicking links in emails. I am using an app. Please just keep me inside the app.
Send me a code by text or email if you must. Don’t make me set passwords. Don’t make me leave your app to use a browser.
It is not 2011. I am not sitting at a desktop computer with a CRT clicking links in emails. I am using an app. Please just keep me inside the app.
Send me a code by text or email if you must. Don’t make me set passwords. Don’t make me leave your app to use a browser.
December 13, 2024 at 10:18 PM
Dear every app developer:
It is not 2011. I am not sitting at a desktop computer with a CRT clicking links in emails. I am using an app. Please just keep me inside the app.
Send me a code by text or email if you must. Don’t make me set passwords. Don’t make me leave your app to use a browser.
It is not 2011. I am not sitting at a desktop computer with a CRT clicking links in emails. I am using an app. Please just keep me inside the app.
Send me a code by text or email if you must. Don’t make me set passwords. Don’t make me leave your app to use a browser.
Say it louder for the people in the back!
And this is why, despite loud assertions to the contrary, social media/“citizen journalism (*especially* Xitter) cannot & never will replace *actual* journalism as a source for “truth.” SM is too impatient & lacking in traditional journalistic standards to wait for the truth to emerge.
December 11, 2024 at 7:12 PM
Say it louder for the people in the back!