Chris Krebs
@thekrebscycle.bsky.social
Aka @c_c_krebs over there
Just the Russian GRU doing Russian GRU type stuff. Kudos to all agencies (USG and allies) for getting this out.
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
Russian GRU Targeting Western Logistics Entities and Technology Companies | CISA
Executives and network defenders should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and IOCs, and posture network defenses with a presu...
www.cisa.gov
May 21, 2025 at 3:39 PM
Just the Russian GRU doing Russian GRU type stuff. Kudos to all agencies (USG and allies) for getting this out.
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
Reposted by Chris Krebs
Hardcoded credentials in the Signal archiving tool used by the White House is a five-alarm security dumpster fire.
The source code for the TM SGNL apps (basically a backdoored version of Signal used by Trump officials) is public! Since it's open source, I've pushed it to github for easier research micahflee.com/heres-the-so...
Here's the source code for the unofficial Signal app used by Trump officials
Yesterday, I published an analysis of what I could publicly find about TM SGNL, the obscure and unofficial Signal app used by Mike Waltz, and presumably also by Pete Hegseth, JD Vance, Tulsi Gabbard, ...
micahflee.com
May 3, 2025 at 9:42 PM
Hardcoded credentials in the Signal archiving tool used by the White House is a five-alarm security dumpster fire.
Put it in the Louvre
May 2, 2025 at 10:45 PM
Put it in the Louvre
Reposted by Chris Krebs
"Make CISA great again."
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
Krebs: People should be ‘outraged’ at efforts to shrink federal cyber efforts
At the RSA Conference, former CISA chief Chris Krebs said recent efforts by China-linked hacking groups makes it more important than ever to grow the federal cyber workforce.
therecord.media
April 29, 2025 at 12:22 AM
"Make CISA great again."
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
“I dOn’T ThInK I eVeR MeT hIm”
April 26, 2025 at 12:54 AM
“I dOn’T ThInK I eVeR MeT hIm”
Reposted by Chris Krebs
Chris Krebs is America’s next profile in courage. The entire nation should support this honorable and courageous fellow citizen.
April 17, 2025 at 9:38 PM
Chris Krebs is America’s next profile in courage. The entire nation should support this honorable and courageous fellow citizen.
Reposted by Chris Krebs
Let the cybering begin! Happy to see my friend @thekrebscycle.bsky.social here @cyberlawcon.bsky.social and talking about not only what matters in cyber, but why cyber lawyering matters too.
February 28, 2025 at 2:19 PM
Let the cybering begin! Happy to see my friend @thekrebscycle.bsky.social here @cyberlawcon.bsky.social and talking about not only what matters in cyber, but why cyber lawyering matters too.
Reposted by Chris Krebs
🗼 🇨🇳 "The Chinese are preparing for war. Are we?" SentinelOne’s @thekrebscycle.bsky.social weighs in on how China's access to the cranes at key U.S. ports could impact homeland security and even the U.S. military.
📺 To learn more, watch the full video clip: s1.ai/CBS-Cranes
📺 To learn more, watch the full video clip: s1.ai/CBS-Cranes
February 13, 2025 at 2:16 AM
🗼 🇨🇳 "The Chinese are preparing for war. Are we?" SentinelOne’s @thekrebscycle.bsky.social weighs in on how China's access to the cranes at key U.S. ports could impact homeland security and even the U.S. military.
📺 To learn more, watch the full video clip: s1.ai/CBS-Cranes
📺 To learn more, watch the full video clip: s1.ai/CBS-Cranes
RIP Dry January. HTTC
January 19, 2025 at 4:39 AM
RIP Dry January. HTTC
It finally happened. In a recent move I threw out my "box o' cables." I thought, "nah, I'll never need those old things, I'm all modernized and stuff." Welp, today I needed a VGA cord to hook up an old monitor to an old DVR.....
a woman in a hijab says shame in front of a crowd of people
ALT: a woman in a hijab says shame in front of a crowd of people
media.tenor.com
January 15, 2025 at 7:03 PM
It finally happened. In a recent move I threw out my "box o' cables." I thought, "nah, I'll never need those old things, I'm all modernized and stuff." Welp, today I needed a VGA cord to hook up an old monitor to an old DVR.....
Reposted by Chris Krebs
The US says the FBI hacked ~4.2K devices in the US to delete PlugX, malware used by China-backed hackers since 2014, after obtaining warrants in August 2024 (Carly Page/TechCrunch)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
January 14, 2025 at 6:36 PM
The US says the FBI hacked ~4.2K devices in the US to delete PlugX, malware used by China-backed hackers since 2014, after obtaining warrants in August 2024 (Carly Page/TechCrunch)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
This never happened. Nope. Never.
January 10, 2025 at 11:42 PM
This never happened. Nope. Never.
Had a blast in Sydney, AUS recording a live "Wide World of Cyber" podcast w/ @patrick.risky.biz. Awesome crowd, timely content, & even better weather (early summer in Sydney ain't bad!). Sadly, no Kangaroo 🦘 sightings, but the biggest bats🦇I've ever seen! 10/10, would do again!
🇦🇺 SentinelOne's @thekrebscycle.bsky.social and @patrick.risky.biz dive deep into China's cyber activities, such as its Salt Typhoon intrusions into American telcos and Volt Typhoon prepositioning within critical infrastructure. What's coming in the next 12-24 months?
👉Watch more: s1.ai/WWC-ccp
👉Watch more: s1.ai/WWC-ccp
December 19, 2024 at 11:49 PM
Had a blast in Sydney, AUS recording a live "Wide World of Cyber" podcast w/ @patrick.risky.biz. Awesome crowd, timely content, & even better weather (early summer in Sydney ain't bad!). Sadly, no Kangaroo 🦘 sightings, but the biggest bats🦇I've ever seen! 10/10, would do again!
Reposted by Chris Krebs
🇦🇺 SentinelOne's @thekrebscycle.bsky.social and @patrick.risky.biz dive deep into China's cyber activities, such as its Salt Typhoon intrusions into American telcos and Volt Typhoon prepositioning within critical infrastructure. What's coming in the next 12-24 months?
👉Watch more: s1.ai/WWC-ccp
👉Watch more: s1.ai/WWC-ccp
December 19, 2024 at 10:55 PM
🇦🇺 SentinelOne's @thekrebscycle.bsky.social and @patrick.risky.biz dive deep into China's cyber activities, such as its Salt Typhoon intrusions into American telcos and Volt Typhoon prepositioning within critical infrastructure. What's coming in the next 12-24 months?
👉Watch more: s1.ai/WWC-ccp
👉Watch more: s1.ai/WWC-ccp
Reposted by Chris Krebs
Guess you could argue that volt only matters if activated whereas salt matters right now (God these terms are maddening)
Either way, I still think that focussing on ripping out whatever remains of Chinese infrastructure as the top priority response to salt flies in the face of the evidence about it
Either way, I still think that focussing on ripping out whatever remains of Chinese infrastructure as the top priority response to salt flies in the face of the evidence about it
December 18, 2024 at 10:37 PM
Guess you could argue that volt only matters if activated whereas salt matters right now (God these terms are maddening)
Either way, I still think that focussing on ripping out whatever remains of Chinese infrastructure as the top priority response to salt flies in the face of the evidence about it
Either way, I still think that focussing on ripping out whatever remains of Chinese infrastructure as the top priority response to salt flies in the face of the evidence about it
Reposted by Chris Krebs
Also think salt, whilst important, is spying. Volt is more strategically significant as it’s a precursor to the disruption of civilian CNI, so way more serious & unlike salt a major departure from (a) norms & (b) previous Chinese ops
December 18, 2024 at 10:24 PM
Also think salt, whilst important, is spying. Volt is more strategically significant as it’s a precursor to the disruption of civilian CNI, so way more serious & unlike salt a major departure from (a) norms & (b) previous Chinese ops
Reposted by Chris Krebs
Absolutely - it’s salt & the naming are silly & unhelpful (I also posted about that!).
I do wonder though if this is a distraction: afaik from the publicly available info Salt wasn’t primarily due to Chinese kit but weaknesses in US (& other western) built, US operated infrastructure 1/2
I do wonder though if this is a distraction: afaik from the publicly available info Salt wasn’t primarily due to Chinese kit but weaknesses in US (& other western) built, US operated infrastructure 1/2
December 18, 2024 at 10:24 PM
Absolutely - it’s salt & the naming are silly & unhelpful (I also posted about that!).
I do wonder though if this is a distraction: afaik from the publicly available info Salt wasn’t primarily due to Chinese kit but weaknesses in US (& other western) built, US operated infrastructure 1/2
I do wonder though if this is a distraction: afaik from the publicly available info Salt wasn’t primarily due to Chinese kit but weaknesses in US (& other western) built, US operated infrastructure 1/2
Reposted by Chris Krebs
US Government moving on China associated TP Link as another concern in our cyber supply chain. Growing to dominate the residential WiFi and router market, they are seen as vulnerable and a tool used in hacks. Similar to advisories on Huawei and Kaspersky, move away!
www.bloomberg.com/news/article...
www.bloomberg.com/news/article...
US Probes China-Founded Router Maker on National Security Fears
The US government has launched a national-security investigation into TP-Link, the China-founded router maker whose equipment now dominates the American market and has been targeted in repeated Chines...
www.bloomberg.com
December 18, 2024 at 4:17 PM
US Government moving on China associated TP Link as another concern in our cyber supply chain. Growing to dominate the residential WiFi and router market, they are seen as vulnerable and a tool used in hacks. Similar to advisories on Huawei and Kaspersky, move away!
www.bloomberg.com/news/article...
www.bloomberg.com/news/article...
Reposted by Chris Krebs
Reposted by Chris Krebs
'A dozen Western countries - Britain, Germany, Poland, the Netherlands, five Nordic nations and the three Baltic states - agreed on Monday to "disrupt and deter" Russia's shadow fleet.' Including through forcible boarding. www.reuters.com/world/europe...
December 18, 2024 at 1:47 PM
'A dozen Western countries - Britain, Germany, Poland, the Netherlands, five Nordic nations and the three Baltic states - agreed on Monday to "disrupt and deter" Russia's shadow fleet.' Including through forcible boarding. www.reuters.com/world/europe...
Reposted by Chris Krebs
December 18, 2024 at 4:23 AM
Reposted by Chris Krebs
Workers are adopting generative AI faster than companies can issue guidelines on how to do so; a survey says ~25% the US workforce already uses the tech weekly (Stephanie Stacey/Financial Times)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
December 16, 2024 at 9:40 AM
Workers are adopting generative AI faster than companies can issue guidelines on how to do so; a survey says ~25% the US workforce already uses the tech weekly (Stephanie Stacey/Financial Times)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
Reposted by Chris Krebs
Great convo here between @patrick.risky.biz and some guy named @thekrebscycle.bsky.social with medium fashion sense.
If listening to @thekrebscycle.bsky.social and yours truly talking about Chinese cyber operations for an hour in front of a live audience in Sydney sounds like a good time to you, boy do I have some great news
www.youtube.com/watch?v=MQaV...
www.youtube.com/watch?v=MQaV...
Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations
YouTube video by Risky Business Media
www.youtube.com
December 16, 2024 at 2:15 AM
Great convo here between @patrick.risky.biz and some guy named @thekrebscycle.bsky.social with medium fashion sense.
Reposted by Chris Krebs
If listening to @thekrebscycle.bsky.social and yours truly talking about Chinese cyber operations for an hour in front of a live audience in Sydney sounds like a good time to you, boy do I have some great news
www.youtube.com/watch?v=MQaV...
www.youtube.com/watch?v=MQaV...
Wide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operations
YouTube video by Risky Business Media
www.youtube.com
December 16, 2024 at 12:07 AM
If listening to @thekrebscycle.bsky.social and yours truly talking about Chinese cyber operations for an hour in front of a live audience in Sydney sounds like a good time to you, boy do I have some great news
www.youtube.com/watch?v=MQaV...
www.youtube.com/watch?v=MQaV...