marcwrogers · TEXXR

/

Navigation

C

Chronicles

Browse all articles

C

E

Explore

Semantic exploration

E

R

Research

Entity momentum

R

N

Nexus

Correlations & relationships

N

~

Story Arc

Topic evolution

S

↻

Drift Map

Semantic trajectory animation

D

P

Posts

Analysis & commentary

P

Browse

@

Entities

Companies, people, products, technologies

◇

Domains

Browse by publication source

☉

Handles

Browse by social media handle

Detection

?

Concept Search

Semantic similarity search

!

High Impact Stories

Top coverage by position

+

Sentiment Analysis

Positive/negative coverage

*

Anomaly Detection

Unusual coverage patterns

Analysis

vs

Rivalry Report

Compare two entities head-to-head

/\

Semantic Pivots

Narrative discontinuities

!!

Crisis Response

Event recovery patterns

Connected

Nav: C E R N

Search: /

Command: ⌘K

Embeddings: large

2024-04-12

Sisense has released specific instructions to its customers. On the one hand it's easy to be mad at this situation, the plaintext storage of credentials and the insecure storage of data at rest. On the other had I want to give them props for reaching this point in under 24... [image]

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

The nature of sisense is they require access to their customers confidential data sources. They have direct access to JDBC connections, to SSH, and to SaaS platforms like Salesforce and many more. It also means they have tokens, credentials, certificates often upscoped. 1/2

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

The data stolen from sisense contained all these tokens, credentials and access configurations. This is a worst case scenario for many sisense customers. These are often literally the keys to their kingdoms. Treat as an EXTREMELY serious event. 2/2

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

STRONG RECOMMENDATION - If you are a CISO and you have a 3rd party (Automation, AI, Analytics) that uses Sisense or you SUSPECT uses Sisense INSIST on an impact statement NOW. I can 100% guarantee there are a lot of you with impact. Your data was accessed by a threat actor.

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

Once the dust settles on the sisense breach, can we all sit down and have a serious conversation about access and score? Not having a traditional perimeter doesn't mean throwing your doors open and allowing uncontrolled access into critical systems.

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

If you are, or ever were a sisense customer, Treat this extremely seriously. Members of the cyber community and agencies all over the world have worked this over the last few days. Do not underestimate the risk. Expire any exposed credentials. Check all exposed infrastructure.

2024-04-12 View on X

Krebs on Security

CISA is investigating a breach at business intelligence company Sisense; sources: the attackers copied several terabytes of customer data, including credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence …

View original

2023-03-12

Great chatting with @johnnysaks130 about the risks of blindly moving everything into the cloud. How understanding systemic cloud risks is key to realizing the true benefits and ultimately achieving the dream of Cloud Security pushed by providers today. https://www.politico.com/...

2023-03-12 View on X

Politico

Worried that cloud giants offer concentrated targets, the US plans to regulate the security practices of cloud providers like Amazon, Microsoft, and Google

Governments and businesses have spent two decades rushing to the cloud — trusting some of their most sensitive data to tech giants …

View original

2021-04-26

I guess theres no hiding it now. We lost @dakami yesterday. One of the brightest lights in infosec and probably the kindest soul I knew. The vacuum he leaves behind is impossible to measure. Please keep speculation to yourself and be respectful of his family and friends.

2021-04-26 View on X

CircleID

Dan Kaminsky, the celebrated security researcher widely known for his work on discovering crucial DNS security flaws and Sony Rootkit infections, has died at 42

Saddened by news of the death of Dan Kaminsky, a member of the ICANN Trusted … Pierluigi Paganini / Security Affairs : The cybersecurity researcher Dan Kaminsky has died Tweets: Sa...

View original

2021-04-25

I guess theres no hiding it now. We lost @dakami yesterday. One of the brightest lights in infosec and probably the kindest soul I knew. The vacuum he leaves behind is impossible to measure. Please keep speculation to yourself and be respectful of his family and friends.

2021-04-25 View on X

CircleID

Dan Kaminsky, the celebrated security researcher widely known for his work on discovering crucial DNS security flaws and Sony Rootkit infections, has died at 42

The celebrated security researcher, Dan Kaminsky, widely known for his work on discovering crucial DNS security flaws …

View original

2020-05-10

DEF CON is officially cancelled. https://forum.defcon.org/... we will be putting on an online event instead. Details in the post. #DEFCON #DEFCONisCANCELLED

2020-05-10 View on X

Wired

Both Defcon and Black Hat, originally scheduled for August, have cancelled in-person events, instead opting to host conferences online

and I, for one, am looking forward to it 😈 https://twitter.com/... Marc Rogers / @marcwrogers : DEF CON is officially cancelled. https://forum.defcon.org/... we will be putting on ...

View original

2020-05-09

DEF CON is officially cancelled. https://forum.defcon.org/... we will be putting on an online event instead. Details in the post. #DEFCON #DEFCONisCANCELLED

2020-05-09 View on X

Wired

Both Defcon and Black Hat, originally scheduled for August, have cancelled in-person events, instead opting to host conferences online

For real this time. Its sister conference, Black Hat, has also been called off. — For years, a simple and elegant inside joke has permeated Defcon, the influential hacking confe...

View original