Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

• TryHackMe – Hashing – Crypto 101 – In Progress

Videos

Articles

• Security Bite: Hackers breach CISA, forcing the agency to take some systems offline – CISA says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrastructure.
• Roku hackers breach 15,000 accounts and are selling them online – After gaining access to customer accounts, hackers attempted to purchase streaming subscriptions within Roku.
• Stanford: Data of 27,000 people stolen in September ransomware attack – Stanford University says the personal information of 27,000 individuals was stolen in a ransomware attack impacting its Department of Public Safety (SUDPS) network.
• Biden’s budget proposal boosts CISA funding to $3B – US President Joe Biden has asked Congress to approve an extra $103 million in funding for the Cybersecurity and Infrastructure Security Agency, bringing CISA’s total budget to $3 billion.
• LockBit ransomware affiliate gets four years in jail, to pay $860k – Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to four years in prison by an Ontario court for his involvement in the LockBit ransomware operation.
• ChatGPT Plugin Vulnerabilities Exposed Data, Accounts – Three types of vulnerabilities related to ChatGPT plugins could have led to data exposure and account takeovers.
• US Seizes $1.4 Million in Cryptocurrency From Tech Scammers – The US seized approximately $1.4 million worth of Tether tokens suspected of being fraud proceeds from tech scams.
• Acer confirms Philippines employee data leaked on hacking forum – Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company’s employee attendance data after a threat actor leaked the data on a hacking forum.
• Nissan to let 100,000 Aussies and Kiwis know their data was stolen in cyberattack – Akira ransomware crooks brag of swiping thousands of ID documents during break-in
• SIM swappers hijacking phone numbers in eSIM attacks – SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
• Former telecom manager admits to doing SIM swaps for $1,000 – A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts.
• Alabama Under DDoS Cyberattack by Russian-Backed Hacktivists – The hacktivist group Anonymous Sudan claims credit for a cyberattack that disrupted Alabama state government earlier this week.
• French unemployment agency data breach impacts 43 million people – France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.
• Gone in (less than) 60 Seconds: How My Mercedes was Hacked and Stolen While My Family Slept – A month ago, my car was hacked and stolen in the middle of the night. So, for the first (and hopefully last) time, I’m the subject of my own article.
• Leak of Acer Philippines employee database appears on hacking forum – An attacker called “ph1ns” posted a link on a hacking forum to a stolen database containing employee attendance data from Acer Philippines. The database reportedly included workers’ names, usernames, passwords, roles, departments, employer’s name, birthdates, mobile numbers, and email addresses.
• International Monetary Fund email accounts hacked in cyberattack – The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year.

Podcasts

Smashing Security – 363: Stuck streaming sticks, TikTok conspiracies, and spying cars