Tim Starks
@timstarks.bsky.social
Senior reporter, CyberScoop, covering spyware, cyber policy and more. Russia-sanctioned. Former Washington Post, POLITICO, CQ Roll Call. @timstarks.02 on Signal. [email protected]. Mastodon [email protected], X timstarks, Threads tstarks2.
What’s left to worry (and not worry) about in the F5 breach aftermath by @mattkapko.com @cyberscoop.bsky.social cyberscoop.com/f5-vulnerabi...
What’s left to worry (and not worry) about in the F5 breach aftermath
Researchers say the nation-state attacker could cause more serious problems with the BIG-IP source code it nabbed during the attack on F5’s systems.
cyberscoop.com
November 11, 2025 at 2:41 PM
What’s left to worry (and not worry) about in the F5 breach aftermath by @mattkapko.com @cyberscoop.bsky.social cyberscoop.com/f5-vulnerabi...
Reposted by Tim Starks
so if i’m reading this correctly, the North Koreans are wiping the phones of young defectors not to conceal evidence of compromise — because nothing draws attention to a compromise like a a wipe — but to just demoralize and terrorize.
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
www.bleepingcomputer.com
November 11, 2025 at 1:12 AM
so if i’m reading this correctly, the North Koreans are wiping the phones of young defectors not to conceal evidence of compromise — because nothing draws attention to a compromise like a a wipe — but to just demoralize and terrorize.
Reposted by Tim Starks
Tbh It would be really embarrassing to have a whole infamous spy agency and then be defeated in military operations by a reporter. Zero offense or Bellingcat.
Russian state media are today alleging that a Bellingcat reporter was involved in an attempt to hijack a Russian fighter plane.
We would like to make clear that Bellingcat had absolutely no involvement in the alleged activities and the accusations towards us are entirely false.
We would like to make clear that Bellingcat had absolutely no involvement in the alleged activities and the accusations towards us are entirely false.
November 11, 2025 at 2:12 PM
Tbh It would be really embarrassing to have a whole infamous spy agency and then be defeated in military operations by a reporter. Zero offense or Bellingcat.
Reposted by Tim Starks
And how about when they seize reporters’ phone records without telling us?
www.nytimes.com/2025/11/10/u...
www.nytimes.com/2025/11/10/u...
Spending Bill Would Pave Way for Senators to Sue Over Phone Searches
www.nytimes.com
November 11, 2025 at 2:08 AM
And how about when they seize reporters’ phone records without telling us?
www.nytimes.com/2025/11/10/u...
www.nytimes.com/2025/11/10/u...
Reposted by Tim Starks
"NSO Group, the Israeli company behind Pegasus spyware, says a group of investors led by Hollywood producer Robert Simonds has acquired a controlling stake in the firm, which has named a former Trump official to lead an effort to restore its battered reputation." www.wsj.com/tech/israeli...
Israeli Spyware Maker NSO Gets New Owners, Leadership and Seeks to Mend Reputation
Investors led by Hollywood producer Robert Simonds have taken a controlling stake in the company behind Pegasus, and former Trump official David Friedman has been named executive chairman.
www.wsj.com
November 10, 2025 at 2:08 PM
"NSO Group, the Israeli company behind Pegasus spyware, says a group of investors led by Hollywood producer Robert Simonds has acquired a controlling stake in the firm, which has named a former Trump official to lead an effort to restore its battered reputation." www.wsj.com/tech/israeli...
Reposted by Tim Starks
I know everyone is rightfully worked up over this govt funding bill but @timstarks.bsky.social and I found the cyber angle: if passed, CISA 2015 would go back into law until Jan 30 2026 cyberscoop.com/cisa-2015-sh...
Cyber information sharing law would get extension under shutdown deal bill
The Cybersecurity and Information Sharing Act of 2015 would go from expired to extended through Jan. 30.
cyberscoop.com
November 10, 2025 at 2:11 PM
I know everyone is rightfully worked up over this govt funding bill but @timstarks.bsky.social and I found the cyber angle: if passed, CISA 2015 would go back into law until Jan 30 2026 cyberscoop.com/cisa-2015-sh...
Cyber information sharing law would get extension under shutdown deal bill cyberscoop.com/cisa-2015-sh...
Cyber information sharing law would get extension under shutdown deal bill
The Cybersecurity and Information Sharing Act of 2015 would go from expired to extended through Jan. 30.
cyberscoop.com
November 10, 2025 at 1:31 PM
Cyber information sharing law would get extension under shutdown deal bill cyberscoop.com/cisa-2015-sh...
Reposted by Tim Starks
this is a big and extremely dangerous deal. pegasus has been a tool of repression around the world.
is this the pivot to attacking american journalists, lawyers, civil society activists?
is this the pivot to attacking american journalists, lawyers, civil society activists?
UPDATE: NSO just hired former Trump ambassador to Israel.
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
They're trying to push Pegasus spyware to 🇺🇸America.
Your rights and freedoms are in danger.
NSO Group is no friend to the US & has spent years undermining our security & values 1/
November 9, 2025 at 10:14 PM
this is a big and extremely dangerous deal. pegasus has been a tool of repression around the world.
is this the pivot to attacking american journalists, lawyers, civil society activists?
is this the pivot to attacking american journalists, lawyers, civil society activists?
Reposted by Tim Starks
Aleksei Olegovich Volkov served as an initial access broker and was involved in attacks on seven U.S. businesses from July 2021 through November 2022. via @mattkapko.com cyberscoop.com/russian-alek...
Russian national pleads guilty to breaking into networks for Yanluowang ransomware attacks
Aleksei Olegovich Volkov served as an initial access broker and was involved in attacks on seven U.S. businesses from July 2021 through November 2022.
cyberscoop.com
November 7, 2025 at 9:53 PM
Aleksei Olegovich Volkov served as an initial access broker and was involved in attacks on seven U.S. businesses from July 2021 through November 2022. via @mattkapko.com cyberscoop.com/russian-alek...
Reposted by Tim Starks
A digital privacy group says agencies are collecting too much data on Americans and using AI tools to make connections that may not be valid. via @derekbjohnson.bsky.social cyberscoop.com/government-d...
Report: Government data mining has gone too far – and AI will make it worse
A digital privacy group says agencies are collecting too much data on Americans and using AI tools to make connections that may not be valid.
cyberscoop.com
November 7, 2025 at 9:53 PM
A digital privacy group says agencies are collecting too much data on Americans and using AI tools to make connections that may not be valid. via @derekbjohnson.bsky.social cyberscoop.com/government-d...
Reposted by Tim Starks
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
November 6, 2025 at 11:35 PM
About 70% of orgs still haven't patched those Cisco ASA vulns btw. If I was a ransomware group I'd invest in n-day (old) Cisco ASA AnyConnect vulns, as vast majority of orgs don't bother patching as they're too busy having a mass wank about quantum and AI risks.
cyberplace.social/@GossiTheDog...
cyberplace.social/@GossiTheDog...
Reposted by Tim Starks
The Pentagon on Thursday rolled out the final version of the latest model for how the U.S. military will build its cyber forces over the next several years, an approach that is unlikely to quell growing calls for a separate service.
On @therecordmedia.bsky.social
therecord.media/revised-cybe...
On @therecordmedia.bsky.social
therecord.media/revised-cybe...
Don't call it Cyber Command 2.0: Master plan for digital forces will take years to implement
The latest model for improving U.S. Cyber Command is circulating at the Pentagon. Some of the initiatives will spill into the next decade — an approach that is sure to create friction on Capitol Hill ...
therecord.media
November 7, 2025 at 7:35 PM
The Pentagon on Thursday rolled out the final version of the latest model for how the U.S. military will build its cyber forces over the next several years, an approach that is unlikely to quell growing calls for a separate service.
On @therecordmedia.bsky.social
therecord.media/revised-cybe...
On @therecordmedia.bsky.social
therecord.media/revised-cybe...
New Landfall spyware apparently targeting Samsung phones in Middle East cyberscoop.com/landfall-spy...
New Landfall spyware apparently targeting Samsung phones in Middle East
A new commercial-grade spyware has apparently been targeting Samsung Galaxy phones in the Middle East, but it’s not clear who’s behind it, researchers said in a blog post Friday.
cyberscoop.com
November 7, 2025 at 8:03 PM
New Landfall spyware apparently targeting Samsung phones in Middle East cyberscoop.com/landfall-spy...
Reposted by Tim Starks
Suspected foreign hackers reportedly breached Congressional Budget Office, possibly exposing communications with lawmakers. via @timstarks.bsky.social cyberscoop.com/congressiona...
Agency that provides budget data to Congress hit with security incident
A spokesperson for the Congressional Budget Office (CBO) acknowledged the incident Thursday, with the attackers potentially accessing communications between lawmakers and researchers at the agency.
cyberscoop.com
November 6, 2025 at 10:32 PM
Suspected foreign hackers reportedly breached Congressional Budget Office, possibly exposing communications with lawmakers. via @timstarks.bsky.social cyberscoop.com/congressiona...
Reposted by Tim Starks
🚨 SCOOP: Congressional Budget Office believed to be hacked for foreign actor
Congressional Budget Office believed to be hacked by foreign actor
The Congressional Budget Office formulates economic projections for lawmakers, and every bill taken up in either chamber of Congress gets a CBO “score” of how much it would add to the national debt.
www.washingtonpost.com
November 6, 2025 at 9:42 PM
🚨 SCOOP: Congressional Budget Office believed to be hacked for foreign actor
Reposted by Tim Starks
This will be *interesting*: Tinder to begin accessing your camera roll for “insight” & training its AI models #privacy #AI techcrunch.com/2025/11/05/t...
Tinder to use AI to get to know users, tap into their Camera Roll photos | TechCrunch
Tinder is testing a feature called Chemistry that will get to know users through questions and, with permission, will access Camera Roll photos on their phones to learn more about their interests and ...
techcrunch.com
November 6, 2025 at 4:02 PM
This will be *interesting*: Tinder to begin accessing your camera roll for “insight” & training its AI models #privacy #AI techcrunch.com/2025/11/05/t...
Reposted by Tim Starks
Vital piece of investigative reporting from Sky. They've uncovered the X algorithm which feeds users extremist right wing material from the moment they join the site. It is a far-right radicalisation engine, by design.
news.sky.com/story/the-x-...
news.sky.com/story/the-x-...
Elon Musk is boosting the British right - and this shows how
Elon Musk is boosting the British right - and this shows how
news.sky.com
November 6, 2025 at 7:23 AM
Vital piece of investigative reporting from Sky. They've uncovered the X algorithm which feeds users extremist right wing material from the moment they join the site. It is a far-right radicalisation engine, by design.
news.sky.com/story/the-x-...
news.sky.com/story/the-x-...
Reposted by Tim Starks
Meta earns $3.5 billion every six months from showing Faceboon and Instagram users 15 billion “higher legal risk” scam ad impressions a day, internal documents state.
That haul vastly exceeds how much the company expects regulators
To fine it for running scam ads.
www.reuters.com/investigatio...
That haul vastly exceeds how much the company expects regulators
To fine it for running scam ads.
www.reuters.com/investigatio...
www.reuters.com
November 6, 2025 at 11:46 AM
Meta earns $3.5 billion every six months from showing Faceboon and Instagram users 15 billion “higher legal risk” scam ad impressions a day, internal documents state.
That haul vastly exceeds how much the company expects regulators
To fine it for running scam ads.
www.reuters.com/investigatio...
That haul vastly exceeds how much the company expects regulators
To fine it for running scam ads.
www.reuters.com/investigatio...
Reposted by Tim Starks
Cfius agreements with Chinese companies “do not protect national security,” said Matthew Pottinger, who now chairs the China program at the Foundation for Defense of Democracies. “It’s a fig leaf for capitulation.”
www.bloomberg.com/news/feature...
www.bloomberg.com/news/feature...
Saga of Chinese Trucking Firm Exposes US National Security Gaps
American officials thought they’d secured a deal with TuSimple to protect autonomous-driving technology. It didn’t work.
www.bloomberg.com
November 6, 2025 at 11:18 AM
Cfius agreements with Chinese companies “do not protect national security,” said Matthew Pottinger, who now chairs the China program at the Foundation for Defense of Democracies. “It’s a fig leaf for capitulation.”
www.bloomberg.com/news/feature...
www.bloomberg.com/news/feature...
Reposted by Tim Starks
DHS says it’s proceeding with planned layoffs at the Cybersecurity and Infrastructure Security Agency, despite a recent court order barring workforce reductions across parts of the federal government during the ongoing shutdown:
www.nextgov.com/people/2025/...
www.nextgov.com/people/2025/...
DHS says shutdown layoffs at CISA will proceed despite court injunction
The cybersecurity agency says it has complied with the court’s order because the firing of 54 people in its Stakeholder Engagement Division was planned beforehand and doesn’t affect unionized employee...
www.nextgov.com
November 5, 2025 at 7:48 PM
DHS says it’s proceeding with planned layoffs at the Cybersecurity and Infrastructure Security Agency, despite a recent court order barring workforce reductions across parts of the federal government during the ongoing shutdown:
www.nextgov.com/people/2025/...
www.nextgov.com/people/2025/...
Reposted by Tim Starks
CISA's filing in the shutdown layoffs lawsuit provides the first confirmed count of laid-off employees in the Stakeholder Engagement Division: storage.courtlistener.com/recap/gov.us... (h/t www.nextgov.com/people/2025/...)
CISA says employees are exempt from injunction b/c they're not in a union.
CISA says employees are exempt from injunction b/c they're not in a union.
November 5, 2025 at 8:12 PM
CISA's filing in the shutdown layoffs lawsuit provides the first confirmed count of laid-off employees in the Stakeholder Engagement Division: storage.courtlistener.com/recap/gov.us... (h/t www.nextgov.com/people/2025/...)
CISA says employees are exempt from injunction b/c they're not in a union.
CISA says employees are exempt from injunction b/c they're not in a union.
With each cloud outage, calls for government action grow louder by @derekbjohnson.bsky.social @mirandanazzaro.bsky.social cyberscoop.com/with-each-cl...
With each cloud outage, calls for government action grow louder
Public interest groups want the feds to investigate the systemic risk from market consolidation, while tech and security experts worry about single points of failure.
cyberscoop.com
November 5, 2025 at 9:43 PM
With each cloud outage, calls for government action grow louder by @derekbjohnson.bsky.social @mirandanazzaro.bsky.social cyberscoop.com/with-each-cl...
Reposted by Tim Starks
An IG audit found that the CFPB hasn’t maintained “an effective level of awareness of security vulnerabilities” following staff departures and diminished contractor support. via @mattbracken.bsky.social fedscoop.com/cfpb-cyberse...
CFPB’s cybersecurity program ‘not effective’ after staff cuts, watchdog says
An IG audit found that the CFPB hasn’t maintained “an effective level of awareness of security vulnerabilities” following staff departures and diminished contractor support.
fedscoop.com
November 5, 2025 at 3:20 PM
An IG audit found that the CFPB hasn’t maintained “an effective level of awareness of security vulnerabilities” following staff departures and diminished contractor support. via @mattbracken.bsky.social fedscoop.com/cfpb-cyberse...
Reposted by Tim Starks
I think Google did a good job at not falling into the cyberslop bucket with this report.
There's nothing in the report to suggest orgs need to deviate from foundational security programmes - everything worked as it should.
There's nothing in the report to suggest orgs need to deviate from foundational security programmes - everything worked as it should.
November 5, 2025 at 4:14 PM
I think Google did a good job at not falling into the cyberslop bucket with this report.
There's nothing in the report to suggest orgs need to deviate from foundational security programmes - everything worked as it should.
There's nothing in the report to suggest orgs need to deviate from foundational security programmes - everything worked as it should.
Reposted by Tim Starks
NEW: After all of that, a federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. cyberscoop.com/court-reimpo...
Court reimposes original sentence for Capital One hacker
A federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than...
cyberscoop.com
November 5, 2025 at 8:45 PM
NEW: After all of that, a federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. cyberscoop.com/court-reimpo...