Projects

• TryHackMe – Network Services Room – Complete
• EdX – EC-Council | Ethical Hacking Essentials – Complete

Videos

Articles

• How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity – Once, drug dealers and money launderers saw cryptocurrency as perfectly untraceable. Then a grad student named Sarah Meiklejohn proved them all wrong—and set the stage for a decade-long crackdown.
• Hyundai Motor India fixes bug that exposed customers’ personal data – Hyundai’s India subsidiary has fixed a bug that exposed its customers’ personal information in the South Asian market.
• Hackers can hijack your Bosch Thermostat and Install Malware – Firmware Vulnerability Found in Bosch Thermostat Model BCC100: Patch Now or Freeze.
• 29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services – A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits.
• Jira down: Atlassian outage affecting multiple cloud services – Multiple Atlassian Jira products are experiencing an ongoing outage as of this morning.
• New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic – Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy.
• Bigpanzi botnet infects 170,000 Android TV boxes with malware – A previously unknown cybercrime syndicate named ‘Bigpanzi’ has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.
• School software breach reveals private data on millions of users – Four million student, parents, and staff records exposed
• Have I Been Pwned adds 71 million emails from Naz.API stolen account list – Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service.
• Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software – Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines.
• 35.5 million customers of major apparel brands have their data breached after ransomware attack – Bought some Timberland shoes? Wear a North Face jacket? You, and millions of purchasers of other popular high-street brands, could have had their data stolen by the ALPHV ransomware group.
• US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities – CISA, FBI and EPA document aims to help water and wastewater organizations improve their cyber resilience and incident response.
• Top Official Says Kansas Courts Need at Least $2.6 Million to Recover From Cyberattack – Kansas Courts needs funding to cover the costs of bringing computer systems back online, pay vendors, improve cybersecurity and hire three additional cybersecurity officials.
• Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks – Lax email security practices are prompting cyber leaders to take drastic action against staff who are duped by cyber criminals via databreaches.net

Podcasts

• CyberWire | Ep 1985 | 1.18.24 – A credential dump hits the online underground.