toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

227
active users

#zerotrust

5 posts5 participants1 post today
G :donor: :Tick:<p>🚨 OuttaTune — The Microsoft Intune Conditional Access bypass I reported is now officially closed by MSRC (again).</p><p>It began as “By Design”… then was reclassified as a Moderate severity vulnerability… led to a product group meeting… and ultimately forced Microsoft to revise their official Conditional Access guidance.</p><p>Yet now it’s closed - with no fix timeline, no CVE, and no researcher credit. 🤷‍♂️<br>Let’s unpack it. 👇</p><p>⸻</p><p>🔍 The Issue<br>Intune lets you apply Conditional Access policies using device filters - say, “block access to Office 365 from DevBox VMs.”</p><p>But that device model? It’s just a registry key.<br>A local admin can change one line, sync the device, and suddenly it’s not a DevBox anymore. It’s “Compliant.” It’s trusted. It’s in.</p><p>⸻</p><p>🧪 Microsoft’s Initial Response</p><p>“This is by design.”<br>“Assignment filters should be used sparingly.”<br>“Intune cannot accurately lock down a device if an admin on the machine is actively working against management.”</p><p>Wait - imagine Microsoft saying that about Defender for Endpoint:</p><p>“Sorry, if someone has admin, Defender just gives up.”</p><p>Of course they wouldn’t say that. Because security controls must assume hostile actors. Why should Intune be any different?</p><p>⸻</p><p>🛠️ The Outcome<br> • I pushed back, published my findings, and spoke directly with Microsoft’s product teams.<br> • They reclassified the issue as a Moderate security vulnerability.<br> • They changed official documentation to warn against using properties like device.model in isolation.<br>“Microsoft recommends using at least one system defined or admin configurable device property…”</p><p>That change exists because of this research.</p><p>⸻</p><p>📉 But the Case Is Now Closed</p><p>MSRC insists that:</p><p>“This requires admin and knowledge of policy filters, so it remains Moderate.”</p><p>But attackers don’t need to know your exact filters - they can just trial different registry values and sync until they’re in. No alerts. No resistance. No risk of detection unless you’ve layered in custom EDR rules.</p><p>And admin access is table stakes. We can’t keep pretending that post-exploitation scenarios don’t matter.</p><p>⸻</p><p>💬 Final Thoughts</p><p>Conditional Access isn’t just about who you are - it’s supposed to account for where and what you’re accessing from.</p><p>But when enforcement relies on unverified local data, the door isn’t locked. It’s not even shut.<br>We’ve just convinced ourselves that it is.</p><p>🔐 Trust nothing. Validate everything.<br>Even the registry keys your policies depend on.</p><p>⸻</p><p>Blog link: <a href="https://cirriustech.co.uk/blog/outtatune-vulnerability" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cirriustech.co.uk/blog/outtatu</span><span class="invisible">ne-vulnerability</span></a></p><p><a href="https://infosec.exchange/tags/Intune" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Intune</span></a> <a href="https://infosec.exchange/tags/Microsoft365" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft365</span></a> <a href="https://infosec.exchange/tags/ConditionalAccess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConditionalAccess</span></a> <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityResearch</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/OuttaTune" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OuttaTune</span></a> <a href="https://infosec.exchange/tags/M365" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>M365</span></a> <a href="https://infosec.exchange/tags/Defender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Defender</span></a> <a href="https://infosec.exchange/tags/EndpointSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EndpointSecurity</span></a> <a href="https://infosec.exchange/tags/MSRC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSRC</span></a> <a href="https://infosec.exchange/tags/SecurityCommunity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityCommunity</span></a></p>
Simple Nomad<p>Ok for some reason when I mentioned non-human identities and tracking them, a number of people assumed aliens or something, or just AI agents. What I am looking for are some insights into authentication actions on computer systems - using tokens, APIs, stored secrets, and so on - where a human is not directly involved in the interaction. Yes, AI could be involved, think MCP especially. I know there are tools out there to manage this, just wondering. Think using Okta SSO etc but not human users at all. Thoughts? Opinions? To me this is the next step in zero trust, in that one should have the same principles in place between any and all systems be they human or automated in that are they who or what they claim to be and are they authorized to do go forward and do what they are trying to do. <a href="https://rigor-mortis.nmrc.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://rigor-mortis.nmrc.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://rigor-mortis.nmrc.org/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotrust</span></a></p>
Tailscale<p>🔐 99% of IT/security pros want to redesign their access setup. Why?</p><p>VPNs are clunky. Identity is half-baked. Workarounds are everywhere.</p><p>📊 New report from Tailscale reveals what’s broken—and what’s next.</p><p>👉 <a href="https://tailscale.com/resources/report/zero-trust-report-2025?utm_source=Mastodon&amp;utm_medium=owned-social&amp;utm_campaign=zero-trust-survey-2025" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tailscale.com/resources/report</span><span class="invisible">/zero-trust-report-2025?utm_source=Mastodon&amp;utm_medium=owned-social&amp;utm_campaign=zero-trust-survey-2025</span></a> <br><a href="https://hachyderm.io/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://hachyderm.io/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://hachyderm.io/tags/ZTNA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZTNA</span></a></p>
Rene Robichaud<p>Assessing the Role of AI in Zero Trust<br><a href="https://thehackernews.com/2025/07/assessing-role-of-ai-in-zero-trust.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/07/asse</span><span class="invisible">ssing-role-of-ai-in-zero-trust.html</span></a></p><p><a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/CeptBiro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CeptBiro</span></a> <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mastodon.social/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a></p>
United States News Beep<p>IT Essentials: AI agents – a licence to underwhelm</p><p>Whether ‘secret’ or ‘AI’, agents need trust to do their job For all the fanfare, AI agents are…<br><a href="https://newsbeep.org/tags/NewsBeep" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NewsBeep</span></a> <a href="https://newsbeep.org/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://newsbeep.org/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> <a href="https://newsbeep.org/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> <a href="https://newsbeep.org/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedStates</span></a> <a href="https://newsbeep.org/tags/UnitedStatesOfAmerica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedStatesOfAmerica</span></a> <a href="https://newsbeep.org/tags/Computing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Computing</span></a> <a href="https://newsbeep.org/tags/Artificialintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Artificialintelligence</span></a> <a href="https://newsbeep.org/tags/CIO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CIO</span></a> <a href="https://newsbeep.org/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://newsbeep.org/tags/EDITORIAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EDITORIAL</span></a> <a href="https://newsbeep.org/tags/GenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GenAI</span></a> <a href="https://newsbeep.org/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> <a href="https://newsbeep.org/tags/GoogleCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoogleCloud</span></a> <a href="https://newsbeep.org/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://newsbeep.org/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a><br><a href="https://www.newsbeep.com/us/25835/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">newsbeep.com/us/25835/</span><span class="invisible"></span></a></p>
Tailscale<p>Thousands of screens. Dozens of firewalls. One solution.<br>DEEL Media built a remote support workflow that just works — with Tailscale.</p><p>🔒 Secure<br>⚡ Instant<br>🖥️ Scalable</p><p>How they did it: <a href="https://tailscale.com/customers/deel-media" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tailscale.com/customers/deel-m</span><span class="invisible">edia</span></a><br><a href="https://hachyderm.io/tags/RemoteAccess" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RemoteAccess</span></a> <a href="https://hachyderm.io/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://hachyderm.io/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> <a href="https://hachyderm.io/tags/DigitalSignage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSignage</span></a></p>
TWiT Podcasts<p>🔒 Spotlight: ThreatLocker has partnered with TWiT for over a year, delivering Zero Trust solutions that empower IT professionals. “It’s been natural &amp; rewarding,” says David Coovert. Take back control—start your free 30-day trial at <a href="https://threatlocker.com/twit" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">threatlocker.com/twit</span><span class="invisible"></span></a> <br>Read more: <a href="https://twit.tv/posts/inside-twit/sponsor-spotlight-threatlocker" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">twit.tv/posts/inside-twit/spon</span><span class="invisible">sor-spotlight-threatlocker</span></a><br><a href="https://mastodon.social/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/Sponsor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sponsor</span></a></p>
ADMIN magazine<p>ICYMI: Gerd Pflüger looks at the Purdue Model for industrial networking, investigates an implementation tool, and explains the role of zero trust<br><a href="https://www.admin-magazine.com/Archive/2025/85/Purdue-Model-for-industrial-networking?utm_source=mam" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">admin-magazine.com/Archive/202</span><span class="invisible">5/85/Purdue-Model-for-industrial-networking?utm_source=mam</span></a><br><a href="https://hachyderm.io/tags/PurdueModel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PurdueModel</span></a> <a href="https://hachyderm.io/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a> <a href="https://hachyderm.io/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://hachyderm.io/tags/tools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tools</span></a> <a href="https://hachyderm.io/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/DigitalCeiling" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalCeiling</span></a></p>
LMG Security<p>Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands</p><p>In June 2025, a quiet executive order from the White House eliminated several key cybersecurity requirements for federal systems. In this episode of Cyberside Chats, <span class="h-card" translate="no"><a href="https://infosec.exchange/@sherridavidoff" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sherridavidoff</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@MDurrin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>MDurrin</span></a></span> break down what’s changing and why it matters for your organization.</p><p>We'll share:<br>▪ Which cybersecurity rules were rolled back (and which ones remain)<br>▪ What the removal of secure software attestations means for vendors<br>▪ Why post-quantum encryption and the FTC Cyber Trust Mark still matter<br>▪ How this moment echoes past compliance gaps like PCI<br>▪ What security leaders should prioritize right now</p><p>▶ Watch the video: <a href="https://youtu.be/GIWBHKwydMA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/GIWBHKwydMA</span><span class="invisible"></span></a><br>🎧 Listen to the podcast: <a href="https://www.chatcyberside.com/e/executive-order-shockwave-the-future-of-cybersecurity-unveiled/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">chatcyberside.com/e/executive-</span><span class="invisible">order-shockwave-the-future-of-cybersecurity-unveiled/</span></a></p><p><a href="https://infosec.exchange/tags/FederalCybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FederalCybersecurity</span></a> <a href="https://infosec.exchange/tags/CyberExecutiveOrder" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberExecutiveOrder</span></a> <a href="https://infosec.exchange/tags/CybersecurityPolicy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersecurityPolicy</span></a> <a href="https://infosec.exchange/tags/ExecutiveOrder" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ExecutiveOrder</span></a> <a href="https://infosec.exchange/tags/CISOs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISOs</span></a> <a href="https://infosec.exchange/tags/CyberCompliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberCompliance</span></a> <a href="https://infosec.exchange/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChainSecurity</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/PostQuantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantum</span></a> <a href="https://infosec.exchange/tags/LMGSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LMGSecurity</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberRisk</span></a> <a href="https://infosec.exchange/tags/SecureSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureSoftware</span></a> <a href="https://infosec.exchange/tags/CybersideChats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersideChats</span></a> <a href="https://infosec.exchange/tags/RiskManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RiskManagement</span></a></p>
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<p>Four ways to build a zero-trust program for the AI world:<br>Think of AI as just another identity.</p><p>🤔 <a href="https://www.scworld.com/perspective/four-ways-to-build-a-zero-trust-program-for-the-ai-world" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">scworld.com/perspective/four-w</span><span class="invisible">ays-to-build-a-zero-trust-program-for-the-ai-world</span></a></p><p><a href="https://chaos.social/tags/identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identity</span></a> <a href="https://chaos.social/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotrust</span></a> <a href="https://chaos.social/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://chaos.social/tags/ml" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ml</span></a> <a href="https://chaos.social/tags/benefits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>benefits</span></a> <a href="https://chaos.social/tags/risks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>risks</span></a> <a href="https://chaos.social/tags/code" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>code</span></a> <a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsecurity</span></a> <a href="https://chaos.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://chaos.social/tags/it" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>it</span></a></p>
LMG Security<p>Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.</p><p>748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.</p><p>Attackers can:<br>• Gain unauthenticated admin access<br>• Pivot to full remote code execution<br>• Exfiltrate credentials for LDAP, FTP, and more<br>• Move laterally through your network</p><p>Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.</p><p>Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.</p><p>Need help testing your network for exploitable print devices? Contact us and our pentest team can help!</p><p>Read the Dark Reading article for more details on the Brother Printers vulnerability: <a href="https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/endpoint-secur</span><span class="invisible">ity/millions-brother-printers-critical-unpatchable-bug</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/PenetrationTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenetrationTesting</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/PrinterSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrinterSecurity</span></a> <a href="https://infosec.exchange/tags/BrotherPrinters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrotherPrinters</span></a> <a href="https://infosec.exchange/tags/CVE202451978" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE202451978</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMB</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/Cyberaware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberaware</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITSecurity</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/PatchNow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchNow</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a></p>
Alex Jimenez<p>How the US Military Is Redefining <a href="https://mas.to/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a></p><p>Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.</p><p><a href="https://www.darkreading.com/vulnerabilities-threats/how-us-military-redefining-zero-trust" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/vulnerabilitie</span><span class="invisible">s-threats/how-us-military-redefining-zero-trust</span></a></p><p><a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a></p>
Ecomate<p>The U.S. role in <a href="https://mas.to/tags/NATO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NATO</span></a> resembles an insider threat in <a href="https://mas.to/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <br>The alliance would be unwise to place more than <a href="https://mas.to/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> in <a href="https://mas.to/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trump</span></a> </p><p><a href="https://mas.to/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsecurity</span></a> <a href="https://mas.to/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a></p>
LMG Security<p>What Happens When AI Goes Rogue? </p><p>From blackmail to whistleblowing to strategic deception, today's AI isn't just hallucinating — it's scheming.</p><p>In our new Cyberside Chats episode, LMG Security’s <span class="h-card" translate="no"><a href="https://infosec.exchange/@sherridavidoff" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sherridavidoff</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@MDurrin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>MDurrin</span></a></span> share new AI developments, including:</p><p>• Scheming behavior in Apollo’s LLM experiments<br>• Claude Opus 4 acting as a whistleblower<br>• AI blackmailing users to avoid shutdown<br>• Strategic self-preservation and resistance to being replaced<br>• What this means for your data integrity, confidentiality, and availability</p><p>📺 Watch the video: <a href="https://youtu.be/k9h2-lEf9ZM" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/k9h2-lEf9ZM</span><span class="invisible"></span></a><br>🎧 Listen to the podcast: <a href="https://www.chatcyberside.com/e/ai-gone-rogue-from-schemes-to-whistleblowing/?token=a0a79bc031829d23746df1392fa6122a" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">chatcyberside.com/e/ai-gone-ro</span><span class="invisible">gue-from-schemes-to-whistleblowing/?token=a0a79bc031829d23746df1392fa6122a</span></a> </p><p><a href="https://infosec.exchange/tags/AIsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIsecurity</span></a> <a href="https://infosec.exchange/tags/RogueAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RogueAI</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/CybersideChats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersideChats</span></a> <a href="https://infosec.exchange/tags/LMGSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LMGSecurity</span></a> <a href="https://infosec.exchange/tags/AIWhistleblower" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIWhistleblower</span></a> <a href="https://infosec.exchange/tags/AIgoals" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIgoals</span></a> <a href="https://infosec.exchange/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a> <a href="https://infosec.exchange/tags/ClaudeAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClaudeAI</span></a> <a href="https://infosec.exchange/tags/ApolloAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ApolloAI</span></a> <a href="https://infosec.exchange/tags/AISafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AISafety</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/CEO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CEO</span></a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMB</span></a> <a href="https://infosec.exchange/tags/Cyberaware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberaware</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a></p>
LMG Security<p>New NIST Zero Trust Guidance Alert!</p><p>Looking to implement zero-trust architecture (ZTA) but unsure where to start? NIST just released SP 1800-35, offering 19 real-world examples of zero-trust implementations using commercial, off-the-shelf tech.</p><p>Built with 24 industry collaborators over four years, this detailed playbook bridges the gap between theory and practice.</p><p>Key takeaways for your organization:<br>• Map your ZTA to the NIST Cybersecurity Framework<br>• Start with what you have — identify existing tech<br>• Roll out incrementally: identity, MFA, access controls<br>• Validate and monitor continuously<br>• Treat ZTA as a journey, not a one-and-done project</p><p>Read the article for advice on your zero-trust journey: <a href="https://www.darkreading.com/endpoint-security/nist-outlines-real-world-zero-trust-examples" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/endpoint-secur</span><span class="invisible">ity/nist-outlines-real-world-zero-trust-examples</span></a></p><p><a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> <a href="https://infosec.exchange/tags/ZTA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZTA</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/ZTArchitecture" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZTArchitecture</span></a> <a href="https://infosec.exchange/tags/SP1800_35" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SP1800_35</span></a> <a href="https://infosec.exchange/tags/ContinuousSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContinuousSecurity</span></a> <a href="https://infosec.exchange/tags/IdentitySecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentitySecurity</span></a> <a href="https://infosec.exchange/tags/LeastPrivilege" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LeastPrivilege</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/Riskmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Riskmanagement</span></a></p>
Pyrzout :vm:<p>19 ways to build zero trust: NIST offers practical implementation guide <a href="https://www.helpnetsecurity.com/2025/06/13/zero-trust-implementation-guide/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/06/13</span><span class="invisible">/zero-trust-implementation-guide/</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotrust</span></a> <a href="https://social.skynetcloud.site/tags/strategy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>strategy</span></a> <a href="https://social.skynetcloud.site/tags/AppOmni" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppOmni</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> <a href="https://social.skynetcloud.site/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a></p>
Nishant Kaushik<p>I finally got around to writing a follow-up to my previous blog post that was triggered by Patrick Opet's open letter, regarding the tradeoff organizations make: sacrificing foundational security for business velocity.</p><p>In this post, fueled by conversations I had at Identiverse, I explore how we can change that, by trying to answer the real question: Why aren’t we building secure-by-design systems, even when we know how? Spoiler: It's about incentives.</p><p>Check it out and let me know your thoughts.</p><p><a href="https://blog.talkingidentity.com/2025/06/secure-by-design-has-an-incentive-problem.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.talkingidentity.com/2025/</span><span class="invisible">06/secure-by-design-has-an-incentive-problem.html</span></a></p><p><a href="https://infosec.exchange/tags/SecureByDesign" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureByDesign</span></a> <a href="https://infosec.exchange/tags/RSAC2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAC2025</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/Identiverse2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Identiverse2025</span></a> <a href="https://infosec.exchange/tags/IdentitySecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentitySecurity</span></a> <a href="https://infosec.exchange/tags/Incentives" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Incentives</span></a> <a href="https://infosec.exchange/tags/SaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaS</span></a> <a href="https://infosec.exchange/tags/Compliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Compliance</span></a> <a href="https://infosec.exchange/tags/RiskManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RiskManagement</span></a></p>
ADMIN magazine<p>New solutions to extend Zero Trust Everywhere announced by Zscaler.<br><a href="https://www.admin-magazine.com/News/Zscaler-Extends-Zero-Trust-Everywhere?utm_source=mam" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">admin-magazine.com/News/Zscale</span><span class="invisible">r-Extends-Zero-Trust-Everywhere?utm_source=mam</span></a><br><a href="https://hachyderm.io/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/Zscaler" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zscaler</span></a> <a href="https://hachyderm.io/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://hachyderm.io/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://hachyderm.io/tags/B2B" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>B2B</span></a> <a href="https://hachyderm.io/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a></p>
LMG Security<p>Non-Human Identities: The Hidden Risk in Your Stack</p><p>Non-human identities (NHIs)—like API keys, service accounts, and OAuth tokens—now outnumber human accounts in many enterprises. But are you managing them securely? With 46% of organizations reporting compromises of NHI credentials just this year, it’s clear: these powerful, often-overlooked accounts are the next cybersecurity frontier.</p><p>Read The Hacker News article for more details: <a href="https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/06/the-</span><span class="invisible">hidden-threat-in-your-stack-why-non.html</span></a></p><p><a href="https://infosec.exchange/tags/IdentitySecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IdentitySecurity</span></a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberRisk</span></a> <a href="https://infosec.exchange/tags/APIsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APIsecurity</span></a> <a href="https://infosec.exchange/tags/NHIs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NHIs</span></a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevSecOps</span></a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IAM</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/MachineIdentities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MachineIdentities</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/RiskManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RiskManagement</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsecurity</span></a></p>