Tootfinder

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks
https://www.cybersecuritydive.com/news/cisa-hiring-workforce-strategy/805733/

CISA, eyeing China, plans hiring spree to rebuild its depleted ranks
The agency will also change some of its workforce policies to avoid driving away talented staff.

So one of the authors of the Le Monde story about the secretive US unit called Group 78 contacted me to tell me I had misinterpreted the story published by his outlet and Die Zeit.
I explain everything in this thread on BlueSky (it's hard to thread things here).
Take a look:
https://bsky.app/pro…

Cynthia Brumfield (@metacurity.com)
OK, I misinterpreted the LeMonde/DieZeit story on the secret US cybercrime fighting unit called Group 78. Martin Untersinger, https://bsky.app/profile/untersin.gr, one of the Le Monde story authors, got in touch with me to explain. Here goes 1/8 https://www.lemonde.fr/pixels/article/2025/10/16/revelations-sur-le-group-78-une-unite-secrete-americaine-chargee-de-la-lutte-contre-les-cybercriminels_6647096_4408996.html https://www.zeit.de/digital/2025-10/ransomware-blackbasta-fbi-bka/komplettans…

Many mainstream media reporters no longer seem to have the morality or incentive to check sources, verify stories or offer retractions when they screw up.
For reporters in nearly every field, Clicks & Scoop > Accuracy & Ethics
😢
From: @…

I've probably mentioned that I'm working on switching #Gentoo from our half-broken eselect-ldso logic to #FlexiBLAS. This also involves a transition period where both setups would be supported.
A good thing is that the switch is ABI-compatible with the previous state (or at least it's supposed to be — we're working with upstream on fixing function coverage). Since libblas.so, liblapack.so and the rest are replaced by symlinks, programs that link to them will simply start using FlexiBLAS. So far, so good.
Unfortunately, switching the other way doesn't work as well. Stuff newly built against our libblas.so & co. symlinks naturally reads FlexiBLAS's SONAME from them, and links to libflexiblas directly. So should you decide to switch back, some packages will stay linked to FlexiBLAS and will need to rebuilt.
In order to avoid this, I would have to replace the symlinks with wrapper libraries, having libblas.so.3 and so on SONAMEs, and linking to libflexiblas. Unfortunately, a dummy wrapper isn't going to work — the linker will complain about using indirect symbols from libflexiblas.so. So I would probably have to "reexport" their symbols somehow, and ideally split into appropriate libraries, so that `-Wl,--as-needed` wouldn't drop some of them. But how to do that?
Well, let's look at the existing logic for eselect-ldso — clearly both BLIS and OpenBLAS create some wrappers. So I've spent some time investigating upstream Makefiles, and literally couldn't find the respective targets. I mean, these are quite complex Makefiles, but I'm grepping hard and can't find even a partial match.
As it turns out, these Makefile targets are added by Gentoo-specific patches. And these patches are just horrible. In case of OpenBLAS, they create the wrapper libraries by linking all the relevant .o files from OpenBLAS build, plus the shared OpenBLAS library. So the OpenBLAS symbols relevant to each interface end up duplicated in libblas.so, liblapack.so, etc., and apparently the symbols needed by them are taken from libopenblas.so. The individual interface libraries aren't even linked to one another, so they expose their own duplicate symbols, but use the implementation from OpenBLAS instead.
BLIS is even worse — the patch is simply creating libblas.so and libcblas.so, using all BLIS objects directly, plus symbol visibility to hide symbols irrelevant to the library. So yes, libblis.so, libblas.so and libcblas.so are roughly three separate copies of the same library, differing only in symbol visibility. And of course libcblas.so doesn't use libblas.so.
Truly #GSoC quality.

Wow, don't miss the intense amount of cybersecurity news in today's Metacurity, including
--AI cyber risks are more evolutionary than revolutionary, experts say,
--Gucci parent Kering is a victim of an attack claimed by ShinyHunters,
--Jaguar extends its shutdown after ShinyHunters attack,
--Google confirms LE platform attack claimed by ShinyHunters,
--ShinyHunters claims attack on SK Telecom,
--Poland boosts cyber budget after attacks,
--China…

AI cyber risks are more evolutionary than revolutionary, experts
Gucci parent Kering is a victim of an attack claimed by ShinyHunters, Jaguar extends its shutdown after ShinyHunters attack, Google confirms LE platform attack claimed by ShinyHunters, ShinyHunters claims attack on SK Telecom, Poland boosts cyber budget after attacks, much more

Neuro-Symbolic AI for Cybersecurity: State of the Art, Challenges, and Opportunities
Safayat Bin Hakim, Muhammad Adil, Alvaro Velasquez, Shouhuai Xu, Houbing Herbert Song
https://arxiv.org/abs/2509.06921

Neuro-Symbolic AI for Cybersecurity: State of the Art, Challenges, and Opportunities
Traditional Artificial Intelligence (AI) approaches in cybersecurity exhibit fundamental limitations: inadequate conceptual grounding leading to non-robustness against novel attacks; limited instructibility impeding analyst-guided adaptation; and misalignment with cybersecurity objectives. Neuro-Symbolic (NeSy) AI has emerged with the potential to revolutionize cybersecurity AI. However, there is no systematic understanding of this emerging approach. These hybrid systems address critical cybers…

Next Gen Stats: New advanced metrics you NEED to know for the 2025 NFL season https://www.nfl.com/news/next-gen-stats-new-advanced-metrics-you-need-to-know-for-the-2025-nfl-season

Cyprus's financial regulator grants a crypto license to Revolut, allowing the startup to offer crypto services across the EU under new regulations (Elizabeth Howcroft/Reuters)
https://www.reuters.com/sustainability/boa

Integrating Generative AI into Cybersecurity Education: A Study of OCR and Multimodal LLM-assisted Instruction
Karan Patel, Yu-Zheng Lin, Gaurangi Raul, Bono Po-Jen Shih, Matthew W. Redondo, Banafsheh Saber Latibari, Jesus Pacheco, Soheil Salehi, Pratik Satam
https://arxiv.org/abs/2509.02998

Integrating Generative AI into Cybersecurity Education: A Study of OCR and Multimodal LLM-assisted Instruction
This full paper describes an LLM-assisted instruction integrated with a virtual cybersecurity lab platform. The digital transformation of Fourth Industrial Revolution (4IR) systems is reshaping workforce needs, widening skill gaps, especially among older workers. With rising emphasis on robotics, automation, AI, and security, re-skilling and up-skilling are essential. Generative AI can help build this workforce by acting as an instructional assistant to support skill acquisition during experien…

Two European incidents revealed last week -- an attack on a Norwegian dam by a Russia-friendly group known as Z-Pentest Alliance and a supposedly Russia-linked attack on a Polish city's water supply -- underscore that water utilities should intensify their focus on cybersecurity.
Check out my latest CSO piece. Thanks to former White House cyber official Jake Braun and ICS security specialist Ron Fabela for their insights.
Russia-linked European attacks renew concerns over wat…

Russia-linked European attacks renew concerns over water cybersecurity
Suspected sabotage in Norway and a foiled cyberattack in Poland highlight the growing risk to under-protected water utilities, experts warn.