Two years ago the SolarWinds hack made history as the boldest, most sophisticated supply chain hack ever pulled off. I dug into the detailed story about the ingenious way the hackers pulled it off - and then got caught - in this tale for WIRED magazine
Follow
Click to Follow KimZetter
Kim Zetter
@KimZetter
Journalist - cybersecurity/nat security. Author COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon.
Substack: zetter.substack.com
Kim Zetter’s Tweets
As bad as Musk is in this interview, it's equally bad that the interviewer appears to have never heard of Bellingcat
Quote Tweet
How does this CNBC reporter make it seem like he agrees with Musk by saying “right” after Musk calls Bellingcat (one of the most respected investigative journalism outlets in the world) a psy op?!
1:38
2M views
2
11
56
“Asked for comment by CNN on Twitter, Matveev replied with a video with a Russian man repeating the phrase, ‘I don’t give a f*** at all.’”
10
17
"There were no signs of forced entry" - the unasked/unanswered question in this story: Why was Sullivan's house unlocked? Is that common for a house protected by Secret Service to allow agents, for example, to use the bathroom, etc?
Quote Tweet
Secret Service investigating how an unidentified man was able to enter the home of Jake Sullivan - national security adviser to the president - without being detected/stopped by his round-the-clock Secret Service team. Man entered home around 3 am in April washingtonpost.com/nation/2023/05
Show this thread
1
4
7
Please, internet sleuths, find out who this is so we can see the photo he took
Quote Tweet
These dogs were spotted getting their picture taken mid-walk. They're doing so well and their walker is so proud and I can't handle it. 14/10 for all
read image description
ALT
1
9
40
DDoSecrets has posted the Discord leaks. "This dataset consists of photographs of top secret documents that were allegedly leaked by U.S. Airman Jack Teixeira..." Not posting the link because of Twitter's propensity to kick people off for posting links
1
11
18
"The intruder appeared to be intoxicated and confused about where he was...There is no evidence the person knew Sullivan or sought to harm him"
2
3
15
Show this thread
"Sullivan confronted the individual, instructing him to leave....There were no signs of forced entry at the home.... Agents stationed outside the house were unaware that an intruder had gotten inside...until the man had already left and Sullivan came outside to alert the agents"
1
7
21
Show this thread
Secret Service investigating how an unidentified man was able to enter the home of Jake Sullivan - national security adviser to the president - without being detected/stopped by his round-the-clock Secret Service team. Man entered home around 3 am in April
6
28
45
Show this thread
Put together my summer reading (and re-reading) list and it's more than 30 books long. 😲📚
7
1
15
I tweeted part 1 of this interview a while back. Part 2 is now up. It wasn't clear to me at the time why Cybersecurity Defenders was framing Stuxnet as a failure. Now it's more clear why they're calling it that.
Quote Tweet
Was Stuxnet a failure? @KimZetter joins us, on this episode of the Cybersecurity Defenders podcast, as we explore the fallout from the greatest cyber attack ever conceived.
lc.pub/3McbcXy
#cybersecurity #podcast #stuxnet
0:28
654 views
1
5
14
New: Justice Department's Disruptive Strike Force announces its first five cases.
2/5 cases include dismantling alleged procurement networks to help Russian intelligence gain access to sensitive tech including quantum cryptography.
2
26
43
Show this thread
Really nuanced and thoughtful piece on the challenges around how social media platforms handle state media accounts and their potential for sowing disinfo and other harms, based on Meta’s experiences and input from external experts
Quote Tweet
Proud to share this piece on state media policy development in @lawfareblog from myself, @ljhundley, @sarahshirazyan, and @leeyvonnem. This has been a long time coming and it’s very exciting to finally see this out there. lawfareblog.com/addressing-med
Show this thread
5
12
Telegram responds to tweet about vuln
Quote Tweet
Replying to @KimZetter
Only if:
1. You have *malware* with root access on your *Mac*.
2. You are using Telegram for *macOS*, downloaded from the *App Store* (update with fix is in review) – if you downloaded the app from our site, you’re not affected.
2
6
8
Vuln was discovered in Feb - not fixed
Quote Tweet
A new vulnerability found in Telegram that can grant access to your camera and microphone.
Found by an engineer at Google, reported to Telegram and they haven't addressed it.
So now we get a detailed public disclosure!
How this works and what it means for your privacy 
Show this thread
1
14
13
"episode was frightening on a number of levels: the power of right-wing media to muddy the truth and whip up a neo-authoritarian base, the difficulty of figuring out the true facts in real time on election night, and the risk that dirty tricks could lead to an election meltdown"
9
Show this thread
For those who haven't seen last night's all-too-real episode, fire breaks out at a vote center in Dem-leaning Milwaukee destroying 100,000 absentee ballots, and the Roy kids fight over whether to call the race based on existing ballots. Wisconsin has no law to address the problem
Quote Tweet
My new one @Slate: What the Courts Would Do if the Succession Fire Played Out in Real Life? (Major Spoilers!)
slate.com/news-and-polit
1
4
14
Show this thread
How do you define "insider threat"? Instead of referring to negligent employee or a malicious insider who steals data/abuses privileges, I see it being used to describe cases where external hackers obtain credentials of employee to impersonate them. Do people agree w/ that usage?
74
11
48
That was an incredible and incredibly tense episode of #Succession. Also way too realistic. It's PTSD-inducing. "We just made a night of good TV. Nothing happens."
8
Sued in a public records request case. They lost the case and judge ordered them to pay legal fees to me and the attorneys that represented me in the case. Six months later they still haven't paid the fees.
6
10
35
This is the Tik Tok guy who does kid's songs in the style of random bands that everyone is tweeting about this morning
Quote Tweet
Replying to @tkbeynon
Excellent. But he’s not just some guy. ksrhoads.com/info
3
6
I wrote about an Israeli company called Rayzone, which is using the advertising industry as a vehicle to collect vast amounts of data from mobile phones, then repurposing the data to help dozens of government agencies worldwide track people.
4
86
123
Scoop from & : Biden admin officials are scouring the globe for Russian spies held by allies that Moscow might accept in a trade for WSJ reporter Evan Gershkovich & Paul Whelan. Brazil, Germany & Norway among countries approached.
2
17
21
Show this thread
BREAKING: E Jean Carroll is weighing suing Donald for defamation again after his CNN appearance last night. An exclusive from at The Times:
1,793
5,239
32.6K
The Justice Department issued a press release in Russian when it announced its takedown of the FSB's Snake spy tool this week.
1
14
42
If states sue to avoid cybersecurity oversight of water and other critical infrastructure then does this mean they can’t claim federal assistance from CISA or disaster relief when they suffer a ransomware or other cyberattack that cripples critical services?
Quote Tweet
Republican states are suing the EPA to block its new cyber rule for water systems.
The case highlights tensions over creatively issued regulations that could upend the Biden admin's broader cyber agenda.
My new story for @WIRED: wired.com/story/epa-laws
Show this thread
4
40
79
"You do not have to like the former president's answers, but you can't say that we didn't get them," Licht tells staffers, many of whom are angry about the town hall. "Kaitlan pressed him again and again and made news. Made a LOT of news." And "that is our job."
2,806
2,021
2,476
Show this thread
On heel of Dominion suit against Fox News, , former exec dir of short-lived DHS unit established to monitor/address disinfo, has filed defamation suit against Fox saying network promoted lies about her that generated threats to her safety and harmed career prospects.
Quote Tweet
Fox News was hit on Wednesday with another defamation lawsuit, this one from a woman who said the network promoted lies about her that generated serious threats to her safety and harmed her career prospects. nyti.ms/44T6q9J
2
9
21
It appears that by unfollowing one of the accounts that's leading the Twitter Spaces session I was able to get Twitter to stop trying to push me into the Space.
Quote Tweet
How do I stop Twitter from continuously trying to push me into a Twitter Spaces session I have no interest in?
1
2
8
Targets include member of Ukraine military who works on critical infrastructure and multiple election officials running Russian referendums in Donetsk, Mariupol as well as an adviser to Russia's Central Election Commission. They took screenshots, siphoned docs and recorded audio
2
9
29
Show this thread
Mysterious new hacking group has been conducting spy ops against both pro-Ukraine targets in central Ukraine & pro-Russia targets in east Ukraine. Motives/allegiance unknown, but they're persistent/aggressive and lack ties to known actors. By
2
63
130
Show this thread
"this upcoming offensive is unlikely to end the conflict...History is an imperfect guide, but it suggests wars that endure for more than a year are likely to go on for at least several more and are exceedingly difficult to end."
Quote Tweet
3
9
I haven't been posting at Blue Sky very much but will try to do more of that going forward. I don't have plans to leave Twitter, but you can also find me on BlueSky at:
.bsky.social
4
1
3
Join me, , , and as we announce exciting new bipartisan legislation to reform the security classification system. Our bills will reduce overclassification, prevent mishandling of classified info, and restore public trust!
66
134
334
How do I stop Twitter from continuously trying to push me into a Twitter Spaces session I have no interest in?
6
2
16