NEW @citizenlab report -- extensive analysis of censored search results in 8 #China accessible search platforms.
#MicrosoftBing's "political censorship rules" found to be "broader and affected more search results than Baidu."
Authors: Jeffrey Knockel, Ken Kato & @emiledirks
Over 1 million people have joined Mastodon since October 27. Between that and those who returned to their old accounts, the number of active users has risen to over 1.6 million today, which, for context, is over 3 times what it was just about two weeks ago!
It must've seemed like a clever PR idea. But Loblaws' "price freeze" on no-name products has turned out to be an own goal. My take for @TorontoStar@StarBusiness today: https://t.co/3EFmKLSL3R. Plus: the surge in corporate profits amidst inflation is a an economy-wide problem. /2
While exploits get a lot of attention, widely distributed malware -- the stuff that I believe accounts for a sizable % of the "initial entry vector was valid creds" seen in IR reports -- is often underestimated.
My first blog with @MicrosoftDART!
This is a post incident report, talking about some of the TTPs we saw in a recent ransomware incident. This really emphasizes the importance of doing a post ransomware IR.
https://t.co/NXPOqR5EST
In this excellent #CTIS2022 presentation @xme quoted https://t.co/VxYL5Pa2f6 , ~50% of ransomware cases they analyzed began with use of valid RDP/VPN creds, but ~27% came from maldocs (#QAKBOT etc.). They also had one case of #RACCOON. The valid credentials come from somewhere!
But IR teams often run into issues trying to determine the initial access vector as @bmcder02 noted -- data retention limits and re-imaging compromised hosts etc. (https://t.co/pKhheLYIGV).
@wesdrone@pmelson Some interpret the industry or geographical impact from their telemetry data (which is often skewed by the distribution of the company’s customer base) as evidence of “targeting”.
@wesdrone@pmelson Some interpret automated personalization, or replyto threads as “targeted”, others take things like language of the lure, or geofencing as indicating “targeting”.
I'm incredibly proud of @selenalarson and @dansomware's report on COVID social engineering. Telling threat stories over long periods of time is not our strength, they tackled this with grace and integrity. https://t.co/ZJucpm3xVA
As we begin the new legislative session at Queen’s Park, I have one question for Doug Ford: What does ‘getting it done’ mean to you?
This was your commitment to Ontarians during the spring campaign. But if this summer is an example, ppl are in for a hard 4 years. 1/ #onpoli
Great to see @ShaneHuntley testify before @HouseIntel today. I'm really proud of the work @Google TAG has been doing to combat spyware & speak out against the industry.
Adaptation of Shane's remarks here:https://t.co/mIxhtonFKh