#threat-modeling
LightNews LightNews
ajsdecepida.bsky.social
🔃 {𝗮𝙅𝙎𝘿} My notes about the article… ⤵
{𝗮𝙅𝙎𝘿} My notes about the article… Claim set A peer-reviewed study documents active predation by brown rats on bats at two urban hibernacula in northern Germany.1 Observations include aerial snatches, ground kills, 13 confirmed kills in five weeks, and a cache of 52 bat carcasses; modeled impact could reach ~7% in one winter at Segeberg.1,3 Experts say rats could function as a ❝bridging host,❞ but the immediate human risk is low; conservation impacts on bats are the primary concern.2 Researchers are coordinating with Germany’s Umweltbundesamt to test humane rat-reduction near bat sites.2 Corroboration & Context The paper reports systematic predation by Rattus norvegicus at Segeberg and Lüneburg-Kalkberg using infrared/thermal cameras (2020-2024).1,3 NPR interviews underscore potential spillover pathways via synanthropic rats, while noting no evidence of a present pandemic threat.2 Bat ecosystem services (insect control, pollination, seed dispersal) heighten the conservation stakes.2 Evidence Chain / What’s Confirmed Now Video-verified rat attacks on swarming/grounded bats at two sites.1,3 Quantified kills and carcass cache; preliminary impact modeling for a ~30,000-bat site.1,3 Urban settings and tourism trash plausibly elevate rat presence near bat hubs.2,4 Chronology & Sequence 2020-2024: Field recording at Segeberg and Lüneburg-Kalkberg.1,3 Mon. 27-Oct-2025: Berlin museum press note flags threats to bats.4 Tue. 28-Oct-2025: Phys.org summarizes methods, counts, and impact estimate.3 Sat. 01-Nov-2025: Journal article posts online.1 Sat. 08-Nov-2025: NPR piece frames risks and conservation response.2 Risks & Trade-offs Zoonotic spillover: pathway plausible via rats but currently unobserved; vigilance warranted.2 Conservation: seasonal predation during swarming/hibernation could depress local populations.1,3 Management trade-offs: rodent control near hibernacula must be humane, targeted, and ecosystem-sensitive.2 Disagreement Radar (Fact / Interpretation / Method) Fact: Predation events and counts are documented on video.1,3 Interpretation: Bridging-host potential vs. low immediate human risk — tension between precaution and current evidence.2 Method: Camera-based inference of population impact relies on local parameters; generalization elsewhere remains uncertain.1,3 Confidence Bands (Mon. 10-Nov-2025) High: Rat-on-bat predation at two German sites is real and repeated.1,3 Medium-High: Local impacts may be material during vulnerable periods.1,3 Medium: Rats as bridging hosts in this context; plausible but unproven.2 Indicators to Watch Follow-up counts of bat mortality at Segeberg/Lüneburg.1,3 Implementation outcomes from Umweltbundesamt-supported rat-reduction trials.2 Any detection of bat-borne viruses in sympatric rat populations near hibernacula.2 What Would Change This Verified pathogen transfer (bat→rat or rat→human) linked to these sites.2 Replication of predation magnitude across additional regions and seasons.1 Method & Scope Primary: Peer-reviewed study (IR/thermal video, site counts, impact modeling).1 Secondary: Press summary and NPR reporting with expert commentary; institutional press release.2,3,4 Bottom Line Rats hunting bats at urban hibernacula is now documented on video; conservation risk is tangible, while pandemic risk remains hypothetical.1,2,3 Quantified kills and carcass caches suggest non-trivial seasonal impact.1,3 Urbanization likely amplifies rat-bat contact near tourist hubs.2,4 Management focus: humane rat control to protect bat populations and reduce theoretical spillover.2
November 10, 2025 at 5:26 PM
mommabear87.bsky.social
think that is a threat? Do you really think they care? The Republican party has taken this country and the world into the Age of Manipulation. Not only has the citizens of this country started modeling Republican behaviors but so has the rest of the world. They will have
4/5
November 10, 2025 at 2:54 PM
blueeyedhexe.bsky.social
Fascists have notoriously bad threat-modeling abilities.
November 8, 2025 at 6:33 AM
shinysentry1137.bsky.social
A lot of security instructing involves teaching empathy disguised as threat modeling. Always remember that your students are watching how you react to chaos.
November 8, 2025 at 2:28 AM
infinitehorizxn.bsky.social
+ Threat Modeling. When you lump hundreds of xenophile scientists into a blacksite in the middle of galactic nowhere... Me, I'm actually pretty vanilla for only being into humanlike women."

The legion of holographic Katzenartig Imperium soldiers who just materialized, with air and artillery +
a black cat is standing next to a pink shirt on a tiled floor .
ALT: a black cat is standing next to a pink shirt on a tiled floor .
media.tenor.com
November 7, 2025 at 12:33 PM
japi.bsky.social
"MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic #AI."

cloudsecurityalliance.org/blog/2025/02... #cybersecurity
Agentic AI Threat Modeling Framework: MAESTRO | CSA
MAESTRO (Multi-Agent Environment, Security, Threat, Risk, & Outcome) is a novel threat modeling framework for Agentic AI. Assess risks across the AI lifecycle.
cloudsecurityalliance.org
November 7, 2025 at 6:25 AM
danielaquirke.bsky.social
If I had a dollar for every time I tried to convince some company I worked for or consulted with to do the most basic threat modeling and use the simplest tools to protect their digital assets, I'd be a techbro.
November 6, 2025 at 11:47 PM
eyalestrin.bsky.social
How Google Does It: Threat modeling, from basics to AI #machinelearning #ai
How Google Does It: Threat modeling, from basics to AI
Eyal Estrin unread,    to https://cloud.google.com/transform/how-google-does-it-threat-modeling-from-basics-to-ai Eyal Estrin CISSP, CCSP, CISM, CISA, CDPSE, CCSK Blog: https://security-24-7.com | Books: https://amzn.to/42Xai9A | https://amzn.to/3Sggbtv Twitter: @eyalestrin | Bluesky: @eyalestrin.bsky.social Reply all Reply to author Forward
groups.google.com
November 6, 2025 at 5:30 AM
lookitup.baby
Yeah so they’re cutting flights at the 40 busiest airports starting with 4% on Friday and ramping up to 10% through the weekend, and that includes ATL. If you’re attending #KubeCon and you aren’t threat modeling around this and making contingency plans already, strongly recommend starting now
lookitup.baby Ian Coldwater 📦💥 @lookitup.baby · 5d
So, uh, KubeCon attendees: how we feeling about the threat model of them shutting down the airspace? Are we all moving to Atlanta
November 6, 2025 at 3:32 AM
fernand0.bsky.social
How Google Does It: Threat modeling, from basics to AI | Google Cloud Blog
How Google Does It: Threat modeling, from basics to AI | Google Cloud Blog
cloud.google.com
November 6, 2025 at 1:10 AM
layer8masters.bsky.social
#PlanetCyberSec OC 2026 CFP closes on Nov 10!

Submit your educational, vendor-neutral insights in topics such as AI, Cloud Defense and Architecture, Threat modeling and incident response, Mobile privacy, Application Security, Blockchain, Risk, and Compliance Management

forms.gle/KRekuHJGBS83...
November 5, 2025 at 11:37 PM
privsecacademy.bsky.social
Join the “Privacy Threat Modeling Genomic Workflows” session at the Privacy + Security Forum, – Nov. 12-14, 2025: Register today www.privacysecurityacademy.com/psf-fall-aca... #privacy #privsecforum
November 5, 2025 at 3:15 PM
rahaeli.bsky.social
And the reason I'm harping on it is because if a platform is failing this badly at the literal most fundamental, well-solved, widely-understood threat model in the entire industry, it says a lot of things about how much you can trust their threat modeling overall, and thus their mitigation!
November 4, 2025 at 7:30 AM
satyrosphilbrucato.bsky.social
Black Flag, Minor Threat and Ani DiFranco - the patron saints of recording and distributing your own work. Lots of people before and after them did it too, but those artists probably made the biggest impact in terms of modeling the process, at least in terms of rock.
November 3, 2025 at 5:56 PM
johnnybgetgoode.bsky.social
Did some modeling on a new boss enemy for my #gamedev project, Fury's Sky: Vagabond! This one is called the "Rook." It will be a bulky, formidable threat that can fold it's front claws into a shield and counterattack when struck at certain times.

#videogame #doom #gamedevelopment #indiegame
November 2, 2025 at 11:42 AM
undercode.bsky.social
The Ultimate Threat Modeling Playbook: From STRIDE to AI-Assisted Attacks

Introduction: Threat modeling has evolved from a basic security exercise into a critical, AI-powered discipline essential for modern cloud defense. As revealed in Google Cloud's methodologies, this structured approach to…
The Ultimate Threat Modeling Playbook: From STRIDE to AI-Assisted Attacks
Introduction: Threat modeling has evolved from a basic security exercise into a critical, AI-powered discipline essential for modern cloud defense. As revealed in Google Cloud's methodologies, this structured approach to identifying and mitigating risks is now integral to securing everything from application design to complex AI systems. This guide provides the actionable commands and techniques used by top security teams to build resilient systems.
undercodetesting.com
November 2, 2025 at 10:54 AM
madelyn.dev
I believe something like this would need to be paired with tooling and processes that insert such "watermarks" in sensitive assets, but in general this kind of insider threat modeling is fun and creative. I'm curious to see how this will be iterated upon!

research.eye.security/prompt-injec...
Battling Shadow AI: Prompt Injection for the Good
Explore how Eye Security tackles the rising threat of Shadow AI by using prompt injection for good: enhancing data security, boosting AI awareness, and defending corporate intelligence across LLMs lik...
research.eye.security
November 2, 2025 at 4:37 AM
anton1chuvakin.bsky.social
"How Google Does It: Threat modeling, from basics to AI" cloud.google.com/transform/ho... <- another HGD blog, very fun, and yes, with some details omitted :-)
How Google Does It: Threat modeling, from basics to AI | Google Cloud Blog
Threat modeling plays a critical role at Google in how we detect and respond to threats — and secure our use of the public cloud.
cloud.google.com
November 1, 2025 at 10:19 AM
modemrunner.vivaldi.net.ap.brid.gy
"Threat modeling is all about trade-offs. Understanding yours depends not only on the technology and its capabilities but also on your personal goals." - Bruce Schneier
November 1, 2025 at 9:24 AM
modemrunner.vivaldi.net.ap.brid.gy
https://www.schneier.com/blog/archives/2025/09/digital-threat-modeling-under-authoritarianism.html - Digital Threat Modeling Under Authoritarianism #security #privacy
Digital Threat Modeling Under Authoritarianism
Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments accordingly. Arriving at any conclusion is an exercise in threat modeling. In security, threat modeling is the process of determining what security measures make sense in your particular situation. It’s a way to think about potential risks, possible defenses, and the costs of both. It’s how experts avoid being distracted by irrelevant risks or overburdened by undue costs...
www.schneier.com
November 1, 2025 at 9:04 AM
linuxfoundation.org
🔐 Every design decision hides a security lesson.
Learn to identify risks early and build resilient systems with “Threat Modeling Essentials (SKF401)”—where technical skill meets leadership growth.
👉 Enroll: training.linuxfoundation.org/training/thr...

#Cybersecurity #DevSecOps #Developers #SRE
Threat Modeling Essentials: Identifying and Managing Risk Effectively (SKF401) | Linux Foundation Education
Turn theory into action—spot risks early, model threats effectively, and build security into every design.
training.linuxfoundation.org
October 30, 2025 at 4:10 PM
I am recruiting a postdoc for a new NIMH-funded R01 using neural and behavioral models to understand anxious avoidance. Please share with anyone who may be interested!

Link: faculty-emory.icims.com/jobs/155929/...
Screenshot with text: The Computational Mechanisms of Psychopathology Lab (COMPLab; PI: Vanessa Brown, PhD) is recruiting for a postdoctoral fellow to join the lab. Research in the lab uses behavioral tasks (administered in-lab and remotely), functional and structural imaging, computational modeling, and mechanistic interventions (brief psychotherapy, neuromodulation) to investigate learning alterations in anxiety and related disorders. In particular, this position will support research funded by a new NIH R01 using predictive and generative modeling of threat imminence to understand and manipulate avoidance in anxiety. This position is ideal for someone with a background in some combination of behavior/learning theory approaches to anxiety, computational modeling of behavior, and fMRI analysis; and who wishes to gain or deepen expertise in these areas. The postdoctoral fellow will be expected to design experiments, analyze data, present and publish findings, apply for external funding, and assist with training other lab members and with lab management. Dr. Brown and the COMP Lab are strongly committed to mentorship, and support will be provided to assist the postdoctoral fellow to prepare for an independent research career.
October 30, 2025 at 2:12 PM
jpdanner.com
Threat Modeling is a good place to start to make things a bit safer.

#CHCon2025 #CHCon
October 29, 2025 at 10:38 PM
signorina37.ransomnews.online
Le campagne di #awareness non sono mai abbastanza, soprattutto per chi crede "tanto io sto attento".

Questo #Halloween 🎃 ho ideato una mini campagna per vedere quanti ci cascano (alla faccia del threat modeling sbagliato, baby).

#PhishOrTreat
October 29, 2025 at 9:11 AM
adamshostack.bsky.social
Trick or treat, D.C.! 🎃

Don’t get haunted by AI bugs—join our Threat Modeling Intensive at OWASP Global AppSec USA, Nov 3–5! 👻 tinyurl.com/4t4df2p7
Training Courses ⇽ OWASP 2025 Global AppSec USA (Washington, DC) | The OWASP Foundation Inc.
tinyurl.com
October 28, 2025 at 5:02 PM