Kevin Noble

Since the decline of peer-to-peer botnets it's been difficult to track malware infection externally. But smart contract based C2 infrastructure provided us with unique insights into this campaign.

expel.com/blog/clearfa...

America vs. the World President Trump wants to return to the 19th century’s international order. He will leave America less prosperous—and the whole world less secure.

This really is the article to read.

www.theatlantic.com/magazine/202...

My understanding is the vehicles are seized from the deported and the homes of the deported are used for staging. The article does not mention any of this.

This is the language of pedophiles.

The slow rise of SBOMs meets the rapid advance of AI Despite progress from CISA and global regulators, SBOM adoption in the private sector remains slow as experts debate if AI-driven coding will improve or undermine software security and transparency.

As SBOMs slowly progress at the federal level and in enterprises, the rise of AI coding assistants is fueling optimistic—and, some experts argue, “kind of insane”—claims about a future with vulnerability-free software.

Check out my latest CyberScoop piece. 1/2
cyberscoop.com/sbom-adoptio...

Why Signal’s post-quantum makeover is an amazing engineering achievement | Ars Technica Happy to read this, not least because I’ve often seen the push for rapid adoption of PQ as coming from intelligence agencies seeking to sow confusion & discord; having a well researched h…

Why Signal’s post-quantum makeover is an amazing engineering achievement | Ars Technica
https://alecmuffett.com/article/117370
#EndToEndEncryption #PostQuantum #signal

Poster with a gradient blue background. Large text reads “the web we’ve built.” Smaller text says “Celebrating 1 trillion web pages archived.” Pixelated 3D icons of a floppy disk, magnifying glass, cursor arrow, computer window, and others radiate outward from a bright starburst in the center. On the right, text lists event details: “Wednesday, October 22, 5–10PM PT. Live stream: 7–8PM PT. 300 Funston Avenue, San Francisco.” The Internet Archive logo appears in the bottom right corner.

📢 The #InternetArchive is celebrating an extraordinary milestone: 1 trillion web pages preserved by the #WaybackMachine. 🎉

Join us!
📆 Weds, Oct 22

🎟️ IN-PERSON: 5–10 PM PT (SF) ⤵️
www.eventbrite.com/e/1626438133...

💻 ONLINE: 7–8 PM PT ⤵️
www.eventbrite.com/e/1626431011...

#Wayback1T

How the Infamous APT 1 Report Exposing China’s PLA Hackers Came to Be This is the first in a series of pieces I’ll publish that take an in-depth look at significant events, people and cases in security and surveillance from the past. If there’s something you think would...

Fascinating article by @kimzetter.bsky.social about the 2013 Mandiant APT 1 report that revealed the identities of the Chinese PLA threat actors behind the attacks. Q&A with the main report's architect reveals behind-the-scenes details. It's a great read! www.zetter-zeroday.com/how-the-infa...

What are Republicans afraid of that they closed the People’s House instead of facing a public vote?

op: @ericswalwell.bsky.social (via IG)uhh

“Not vicious, or malicious, just de-lovely, and delicious”

New rules

How a Spyware App Compromised Assad’s Army An investigation reveals how a cyberattack exploited soldiers' vulnerabilities and may have changed the course of the Syrian conflict

How Syrian army officers in final days of war with opposition were duped into 1) disclosing info to fake website about their rank/location and corps/division/brigade and 2) installing phone app that was actually spyware that recorded keystrokes, stole files/photos/call log and spied thru camera/mic

Hack of Contractor Was at Root of Massive Federal Data Breach Failures in cybersecurity practices at a software company that helps federal agencies manage investigations and FOIA requests allowed two convicted hackers to delete databases, according to internal d...

Failures in cybersecurity practices at a software company that helps federal agencies manage investigations and FOIA requests allowed two employees who had previously been convicted of hacking to delete government databases

Three Buddy Problem Technology Podcast · Updated Weekly · The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware,...

HEADS-UP! Professor Thomas Rid is a guest buddy on the pod this week. Currently cooking in the lab 😍🔥 @ridt.bsky.social

Listen, watch, subscribe!

Apple: bit.ly/3budprob
YouTube: bit.ly/TBP-YT
Spotify: bit.ly/3DH5wEO

And no one in America doubts why he's doing this.

NSA director fired, Ivanti's 0day screw-up, backdoor in robot dogs - Security Conversations Three Buddy Problem – Episode 41: Costin and Juanito join the show from Black Hat Asia in Singapore. We discuss Bunnie Huang's keynote on hardware […]

NEW POD ALERT! We cover the NSA director firing, Ivanti's latest 0day screw-up, risks from China's robotics dominance, Microsoft AI finding bootloader vulns. @jags.bsky.social @craiu.bsky.social

PLUS, rave reviews for Bunnie Huang's Black Hat Asia keynote!
securityconversations.com/episode/nsa-...

Thanks again for having me on the Three Buddy (& a Buddy) Problem podcast @ryanaraine.bsky.social @jags.bsky.social & @craiu.bsky.social !
It was great chatting with you about Chinese threat intel, CISA cuts, & spyware that dare not speak its name. Turning this into a musical episode was a fun bonus

Same exact thing for generative AI output.

Speaking at Frontiers of Innovation Day at #SXSW at 1pm - free registration here ✌️ lu.ma/v4a9d6ix?tk=...

this is treason, and should be treated as such

Unsealed documents indicating significant Russian interference in domestic U.S. affairs. The thematic propaganda themes are interesting. Modern technologies in use to spread content & analyze its reach, including psychological operations. www.justice.gov/archives/opa...

Revisiting the Lamberts, i-Soon indictments, VMware zero-days - Security Conversations Three Buddy Problem – Episode 37: This week, we revisit the public reporting on a US/Russia cyber stand down order, CISA declaring no change to […]

NEW POD ALERT: Revisiting the US/Russia cyber stand down order and the diplomatic optics. Plus, a dissection of ‘The Lamberts’ and connections to US intelligence agencies, attribution around ‘Operation Triangulation’, VMware 0days and i-Soon indictments securityconversations.com/episode/revi...

From MAGA to monarchy: How tech billionaires are engineering American autocracy Common sense for the Trump age

Pay attention please. www.salon.com/2025/02/26/f...

Exclusive: Hegseth orders Cyber Command to stand down on Russia planning The secretary of Defense has ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, sources tell Recorded Future News.

In a normal relationship with an enemy turned ally, we wouldn’t immediately stop contingency planning.

Russia's “Firehose of Falsehood” Propaganda Model Russia's propaganda model is high-volume and multichannel, and it disseminates messages without regard for the truth. It is rapid, continuous, and repetitive, and it does not commit to consistency.

One of the best write ups I've found on the Russian propaganda model "Firehose of Falsehood" how it works and counter measures.

www.rand.org/pubs/perspec...

If you're having trouble tracking all of the executive orders, blog posts and other actions coming from the executive office, as well as policy changes and legislative developments, this site -- 47 Watch - is tracking them. It's bare bones, but useful

47-watch.com/index.html

Memory Safety Is this memory safety here in the room with us? Halvar Flake / Thomas Dullien DistrictCon 0 2025

I gave a day 1 closing keynote at DistrictCon yesterday. Surprisingly, it was a security talk about memory safety.

Slides are here:
docs.google.com/presentation...

I wonder if he mentioned this in his job interview for DOGE. I wonder if it helped him get the job.