Reposted by Sam Sabin
NEWS: After sustained attacks from House Republicans, the Stanford Internet Observatory is being dismantled. A huge blow to academic freedom and our ability to understand platforms and influence operations www.platformer.news/stanford-int...
43 replies
569 reposts
987 likes
Smith says he hasn't read the ProPublica story yet between DC meetings.
"This is the classic 'Let's have an article published the morning of a hearing so we spend the hearing talking about it,' and then by a week from now I'll actually have a chance to go back and learn about everything in it." π
0 replies
0 reposts
0 likes
Rep. Gonzales (R-Texas) says he is now increasingly hearing from DoD members and other agency officials who no longer want to use Microsoft Teams in their everyday work because of the lack of trust in MSFT's security π
1 replies
0 reposts
0 likes
Smith's response: "It's fine, go tell people you have something better, but we have to have a higher cause here. We are not the adversaries with each other, even though we might compete."
1 replies
0 reposts
0 likes
This is a bit unexpected, but MTG is now up and focusing on how Microsoft isn't on the CSRB and drilling into the fact that MSFT's competitors are on the board.
MTG: "With your competitors on the board helping produce the report, was this used in any other way in the marketplace?"
1 replies
0 reposts
0 likes
Rep. Carter is asking Smith why it took so long for MSFT to expand security log access (a big issue w/ the China hack)
Smith: "I wish we had moved faster and had gone further. I think there was a real focus on the real costs with keeping and retaining logs, but we should have recognized sooner."
1 replies
0 reposts
0 likes
Smith: "The truth is when shots are being fired, people end up being hit, and they take their turn being the patient in the back of the ambulance. Everybody else: You're either going to be an ambulance driver or you're going to be an ambulance chaser. Let's be ambulance drivers together."
1 replies
0 reposts
1 likes
"Somebody said that there's no Plan B. I think about 2/3rds of the folks who are sitting behind me in this room are trying to sell Plan B to you in one way or another β and that's OK," Smith said.
1 replies
0 reposts
0 likes
Ranking member Thompson is now asking why it was the State Department that first detected last July's China hack.
"When somebody else sees it, we should applaud and say, 'Thank you,' not 'Oh, I wish I had found it instead,'" Smith said.
1 replies
0 reposts
0 likes
Chair Green focused his (first) round of questions on Microsoft's presence in China.
Smith says the company is working to dwindle its presence in the region, noting the recent relocation offers. Adds that, "anytime thereβs anything remotely close to a request [for data], we say no."
1 replies
0 reposts
0 likes
"If we improve Microsoft alone, that won't be enough," Smith said.
Russia, China, Iran and North Korea are "getting better, they're getting more aggressive. We should all expect them to work together," he added
1 replies
0 reposts
0 likes
Brad Smith has now started his opening remarks: "The most important for me to say [...] is that we accept responsibility for each and every finding in the CSRB report."
1 replies
0 reposts
0 likes
Rep. Thompson is now the first to bring up today's ProPublica whistleblower investigation.
"Transparency is the foundation of trust, and Microsoft needs to be more transparent," he said.
1 replies
0 reposts
0 likes
"As someone responsible for overseeing the security of federal networks that rely heavily on Microsoft, and as a user of Microsoft products myself, I find these observations deeply troubling," ranking member Bennie Thompson (D-Miss.) says in his opening remarks.
1 replies
0 reposts
0 likes
Chair Mark Green (R-Tenn.) cautions members to save confidential security Qs for closed session.
"China and Russia, Beijing and Moscow, are watching us right now. If you don't think that's true, you're naive" Green said. "The last thing we want to do is empower our adversary in anyway."
1 replies
0 reposts
0 likes
Brad Smith is here and seated!
1 replies
0 reposts
0 likes
ahead of the hearing kicking off in a few minutes, Microsoft has released Brad's full remarks β including a new addendum that says the board has approved changes to tie security improvements to executive compensation
blogs.microsoft.com/on-the-issue...
1 replies
1 reposts
1 likes
locked & loaded for a packed afternoon π«‘
Microsoft hearing will be streamed here: homeland.house.gov/hearing/a-ca...
1 replies
0 reposts
0 likes
this feels like the other shoe that everyone has been waiting literal years to see drop
www.propublica.org/article/micr...
0 replies
1 reposts
0 likes
Microsoft's Brad Smith is heading to Capitol Hill tomorrow to face the fallout from last year's China hack, the recent Russia hack and the CSRB report.
Here's what he plans to say: www.axios.com/2024/06/12/m...
0 replies
0 reposts
0 likes
Ascension confirmed in a new statement today that its recent cyberattack started with someone accidentally downloading a malicious file. Hackers also stole information from seven servers, including some personal health data. π
about.ascension.org/cybersecurit...
0 replies
0 reposts
1 likes
not sure that i've seen a medical facility make this type of public call after a ransomware attack. real-life patients' care being affected. absolutely brutal.
therecord.media/london-hospi...
1 replies
24 reposts
34 likes
apparently not! theyβre fast!
0 replies
0 reposts
1 likes
i found out about the verdict via an american girl meme account π
1 replies
0 reposts
3 likes
also,,,,bby's first (known) congressional letter mention π₯°
the OG story is hereβ www.axios.com/2024/05/17/p...
0 replies
0 reposts
0 likes
Exclusive for @axios.com: Sens. Schmitt and Wyden have "serious concern" about the Pentagon's reported plan to upgrade to Microsoft E5 licenses.
Microsoft has been facing scrutiny in Washington over its cybersecurity practices since last summer's China hack.
www.axios.com/2024/05/30/c...
1 replies
3 reposts
10 likes
prepping my inbox now: House Homeland Security says Brad Smith will testify on June 13 about last summer's China breach and the company's new internal security strategy
homeland.house.gov/2024/05/21/c...
0 replies
0 reposts
0 likes
will have to forever live with the fact that i saw the northern lights for the first time on a southwest flight π
0 replies
0 reposts
1 likes
tips for surviving #RSAC this week:
1- stay hydrated π₯€
2- text me all the goss you hear (signal # in bio) π«‘
0 replies
0 reposts
0 likes
congressional hearings go so hard sometimes.
this is Sen. Tillis holding up a "Hacking for Dummies" book while questioning UnitedHealthCEO Andrew Witty about the Change Healthcare ransomware attack π
0 replies
2 reposts
2 likes
important story from @sheeraf.bsky.social confirming that Israel is now using facial recognition tech in Gaza.
appears to go further than previous Israeli FRT use cases in the West Bank and East Jerusalem.
www.nytimes.com/2024/03/27/t...
1 replies
0 reposts
3 likes
some weird stuff is happening with the NVD β and no one will say why!
NIST spox were still trying this morning to get ppl internally to clarify what's happening for me.
think this description from one source puts it well: it's like "a bad 'Scooby-Doo' episode."
www.axios.com/2024/03/26/n...
0 replies
0 reposts
0 likes
a bit suss, tbh
0 replies
0 reposts
1 likes
psa: if you're emailing me asking if it's too early to schedule #RSAC meetings, you already know the answer!
see ya in my inbox next month β xoxo.
0 replies
0 reposts
0 likes
so much of this interview with LockBitSupp is so unhinged (expected, but omg)
therecord.media/after-lockbi...
0 replies
0 reposts
0 likes
new microsoft 8-k just dropped:
π, "the Company has determined that the threat actor used and continues to use information it obtained to gain, or attempt to gain, unauthorized access to some of the Companyβs source code repositories and internal systems."
www.sec.gov/ixviewer/ix....
0 replies
0 reposts
0 likes
A senior CISA official tells reporters the agency hasn't seen any "specific or credible" threats to today's Super Tuesday elections.
That also includes the ongoing social media outages: "At this time, we are not aware of any specific election nexus nor any specific malicious cyber activity nexus."
0 replies
1 reposts
1 likes
The Treasury Department sanctioned its first spyware vendor today.
Intellexa + its affiliates sold the Predator spyware to governments that then used the malware to surveil U.S. government officials, journalists and activists.
www.axios.com/2024/03/05/t...
0 replies
0 reposts
0 likes
the megabus dropping you off literally right outside of Lincoln Tunnel when you go to new york is such a vibe β bare minimum queen π
0 replies
0 reposts
0 likes
Reposted by Sam Sabin
"This is an odd one."
www.wired.com/story/lockbi...
1 replies
1 reposts
1 likes
π i'm working on an @axios.com story about the fallout from the Change Healthcare cyberattack.
if you haven't been able to get a prescription in the last week and/or you work at a pharmacy that's trying to fill prescriptions, hmu!
π© sam.sabin@axios[dot]com / signal: 202-642-4580
0 replies
1 reposts
0 likes
ALPHV/Black Cat has publicly listed Change Healthcare on its dark-web site.
They claim they were able to exfiltrate 6TB of "highly selective data," including health records and insurance info.
Is this all true? Probs not, but I wouldn't be shocked if they were able to grab some sensitive info.
0 replies
0 reposts
0 likes