Little behind this week. It’s been busy. Still plugging away at learning all I can though.

Webinars

• (ICS)2 – The Impact of Artificial Intelligence on the Cybersecurity Industry – 8/30/23 – The impact of artificial intelligence (AI) on the cybersecurity industry is among the hottest topics discussed and debated amongst security professionals. From a positive perspective, AI has infused a myriad of threat detection and prevention platforms with newfound methods for uncovering sophisticated threats. It has also helped short-staffed security teams automate complex processes, such as incident validation and response. But AI also comes at a price. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he addresses the good, the bad, and the ugly outcomes of artificial intelligence.

Articles

• New York Times Spoofed to Hide Russian Disinformation Campaign – “Operation Doppelganger” has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms.
• US says it and partners have taken down notorious ‘Qakbot’ hacking network – U.S. authorities on Tuesday said an international law enforcement operation had taken down the notorious “Qakbot” malware platform used extensively by cybercriminals in a variety of financial crimes.
• University of Michigan shuts down network after cyberattack – The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started.
• US govt email servers hacked in Barracuda zero-day attacks – Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway (ESG) zero-day, with a focus on entities across the Americas.
• Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks – Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model.
• London Police Warned to Stay Vigilant Amid Major Data Breach – Hackers hit a third-party contractor’s IT systems, but they didn’t steal any addresses or financial details, officials say.
• It’s a Zero-day? It’s Malware? No! It’s Username and Password – Surprisingly, one of the most potent weapons in their arsenal is not malicious code but simply stolen or weak usernames and passwords.

Podcasts

• Smashing Security 337: The DEA’s crypto calamity, and scammers’ blue tick bonanza
• Darknet Diaries EP 135: THE D.R. INCIDENT

Projects

TryHackMe – SOC Level 1: Introduction to SIEM, Investigating with ELK 101, ItsyBitsy – Complete