- Microsoft Outlook flooded with spam due to broken email filters – Outlook inboxes have been flooded with spam emails because email spam filters are currently broken.
- Sensitive US military emails spill online – A government cloud email server was connected to the internet without a password
- Insider Threats Don’t Mean Insiders Are Threatening – By implementing tools that enable internal users to do their jobs efficiently and securely, companies reduce insider threat risk by building insider trust.
- Data center logins for Apple and others obtained by hackers; could have facilitated physical access – They were also able to access surveillance cameras remotely, and the privileges they had could even have allowed physical access to servers.
- NSA shares guidance on how to secure your home network – A good article for all those now working from home
- TELUS investigating leak of stolen source code, employee data – Canada’s second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data
- Student Medical Records Exposed After LAUSD Breach – “Hundreds” of special education students’ psych records have turned up on the Dark Web. School records like these are covered by FERPA, not HIPAA, so parents have little recourse.
- Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery – The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner.
- News Corp says state hackers were on its network for two years – Mass media and publishing giant News Corporation says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020.
TryHackMe – Working Through SOC Level 1 path, Pyramid of Pain and Cyber Kill Chain are my most recent completions.