Ok for some reason when I mentioned non-human identities and tracking them, a number of people assumed aliens or something, or just AI agents. What I am looking for are some insights into authentication actions on computer systems - using tokens, APIs, stored secrets, and so on - where a human is not directly involved in the interaction. Yes, AI could be involved, think MCP especially. I know there are tools out there to manage this, just wondering. Think using Okta SSO etc but not human users at all. Thoughts? Opinions? To me this is the next step in zero trust, in that one should have the same principles in place between any and all systems be they human or automated in that are they who or what they claim to be and are they authorized to do go forward and do what they are trying to do. #infosec #security #zerotrust
#zerotrust
99% of IT/security pros want to redesign their access setup. Why?
VPNs are clunky. Identity is half-baked. Workarounds are everywhere.
New report from Tailscale reveals what’s broken—and what’s next.
https://tailscale.com/resources/report/zero-trust-report-2025?utm_source=Mastodon&utm_medium=owned-social&utm_campaign=zero-trust-survey-2025
#ZeroTrust #CyberSecurity #ZTNA
IT Essentials: AI agents – a licence to underwhelm
Whether ‘secret’ or ‘AI’, agents need trust to do their job For all the fanfare, AI agents are…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Computing #Artificialintelligence #CIO #CISO #EDITORIAL #GenAI #Google #GoogleCloud #Technology #ZeroTrust
https://www.newsbeep.com/us/25835/
In this #InfoQ #virtualpanel, security experts discuss designing for defense & architecting #APIs with #ZeroTrust principles. 
Understand Zero Trust concepts Learn about common API vulnerabilities Hear how developers are tackling real-world security challenges
Watch now: https://bit.ly/4eVVn56
#transcript included
Thousands of screens. Dozens of firewalls. One solution.
DEEL Media built a remote support workflow that just works — with Tailscale.
Secure
Instant
Scalable
How they did it: https://tailscale.com/customers/deel-media
#RemoteAccess #ZeroTrust #Tailscale #DigitalSignage
Spotlight: ThreatLocker has partnered with TWiT for over a year, delivering Zero Trust solutions that empower IT professionals. “It’s been natural & rewarding,” says David Coovert. Take back control—start your free 30-day trial at https://threatlocker.com/twit
Read more: https://twit.tv/posts/inside-twit/sponsor-spotlight-threatlocker
#ZeroTrust #Cybersecurity #Sponsor
The FBI has issued a stark warning: 2FA bypass attacks are on the rise, especially in the transportation sector.
What you need to know: SMS and standard MFA aren’t full-proof, attackers are finding ways around them.
Recommended defenses include push‑based 2FA, hardware tokens, and stricter verification workflows
Staff training is now mission‑critical to spot phishing, social engineering, and unusual login behavior
MFA still matters, but it must evolve. This is a wake‑up call: re‑audit your authentication stack and level‑up your defense posture today.
How are you adapting your 2FA strategies to guard against these advanced threats?
#CyberSecurity #MFA #2FA #ZeroTrust #ThreatIntel
https://www.forbes.com/sites/daveywinder/2025/06/28/fbi-warning-issued-as-2fa-bypass-attacks-surge---act-now/
A new maturity model for browser security addresses the critical blind spot in enterprise protection. With 85% of work happening in browsers, it's time to secure the last mile of enterprise risk. #BrowserSecurity #Cybersecurity #ZeroTrust
Four ways to build a zero-trust program for the AI world:
Think of AI as just another identity.
https://www.scworld.com/perspective/four-ways-to-build-a-zero-trust-program-for-the-ai-world
#why2025 has accepted my talk on
"Can we trust the Zero in #Zerotrust?"
ZT has evolved from pure network access to hype. ZT Everywhere became a buzzword. If you ask during presentations, the sales guy sometimes runs out of the meeting.
https://cfp.why2025.org/why2025/talk/review/HA9UVTVW3HFBCMCEZMD9RW3LCZDKTXSS
ZT requires trust in strange containers, ex-employees and attestation processes and a CI/CD pipeline for microcode in the cloud. What questions should we ask?
See you next month at the camp in NL!
Thanks for organizing @milliways !
See how Pomerium secures access to MCP servers with fine-grained policies, including allowing or denying specific MCP server tool calls.
Watch the walkthrough 
Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.
748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.
Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your network
Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.
Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.
Need help testing your network for exploitable print devices? Contact us and our pentest team can help!
Read the Dark Reading article for more details on the Brother Printers vulnerability: https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug
How the US Military Is Redefining #ZeroTrust
Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
https://www.darkreading.com/vulnerabilities-threats/how-us-military-redefining-zero-trust
The U.S. role in #NATO resembles an insider threat in #cybersecurity
The alliance would be unwise to place more than #ZeroTrust in #Trump
My coworker Bobby opened an issue in the Model Context Protocol (MCP) repo proposing some security improvements to the spec. It’s now a discussion.
Would love to hear your thoughts!
#ztna #zerotrust #mcp #security
https://github.com/modelcontextprotocol/modelcontextprotocol/discussions/804
What Happens When AI Goes Rogue?
From blackmail to whistleblowing to strategic deception, today's AI isn't just hallucinating — it's scheming.
In our new Cyberside Chats episode, LMG Security’s @sherridavidoff and @MDurrin share new AI developments, including:
• Scheming behavior in Apollo’s LLM experiments
• Claude Opus 4 acting as a whistleblower
• AI blackmailing users to avoid shutdown
• Strategic self-preservation and resistance to being replaced
• What this means for your data integrity, confidentiality, and availability
Watch the video: https://youtu.be/k9h2-lEf9ZM
Listen to the podcast: https://www.chatcyberside.com/e/ai-gone-rogue-from-schemes-to-whistleblowing/?token=a0a79bc031829d23746df1392fa6122a
Wenn der #Praktikant die #Zugangsdaten in dein #Unternehmen im #Darknet verkauft: Was zunächst völlig abstrus klingt, hat sich leider in dieser Form beim bekannten Personaldienstleister "#Adecco" in #Frankreich ereignet.
Adecco jedenfalls dürfte in den nun anstehenden Gerichtsprozessen um Millionenschäden die Frage zu beantworten haben, warum man keine vernünftige #Zerotrust-Architektur realisiert hat und es so zu dem Vorfall überhaupt erst kommen konnte:
https://www.watson.ch/digital/online-sicherheit/473164418-nach-cyberangriff-auf-adecco-junge-hacker-und-betrueger-vor-gericht #cybersecurity
Non-Human Identities: The Hidden Risk in Your Stack
Non-human identities (NHIs)—like API keys, service accounts, and OAuth tokens—now outnumber human accounts in many enterprises. But are you managing them securely? With 46% of organizations reporting compromises of NHI credentials just this year, it’s clear: these powerful, often-overlooked accounts are the next cybersecurity frontier.
Read The Hacker News article for more details: https://thehackernews.com/2025/06/the-hidden-threat-in-your-stack-why-non.html
We’re at #AWSSummit Sydney! 
Find the Tailscale team at booth B19 at ICC Sydney on June 4–5. Let’s chat secure networking, access controls, or just grab some swag.
Big news: I’ve joined @tailscale as a Customer Support Engineer!
As a homelabber and self-hoster, I fell in love with Tailscale for how effortlessly it makes private networking just work. Now I get to be part of the team building the new internet—one that’s secure by default, peer-to-peer, and built around people, not infrastructure.
I’m beyond excited to be part of this team.