Every week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – Active Directory Basics – Complete
- TryHackMe – What is Shell? – In Progress
Videos
Articles
- AT&T Says Data on 73 Million Customers Leaked on Dark Web – AT&T used the Easter holiday weekend to quietly share details on data that surfaced on the dark web roughly two weeks ago.
- AT&T faces lawsuits over data breach affecting 73 million customers – AT&T is facing multiple class-action lawsuits following the company’s admission to a massive data breach that exposed the sensitive data of 73 million current and former customers.
- US State Department investigates alleged theft of government data – The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor.
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers – The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year.
- Number of Chinese Devices in US Networks Growing Despite Bans – An analysis by Forescout shows 300,000 Chinese devices in the US, up 40% compared to the previous year, despite bans.
- Why Cybersecurity Is a Whole-of-Society Issue – Working together and integrating cybersecurity as part of our corporate and individual thinking can make life harder for hackers and safer for ourselves.
- ‘Unfaking’ News: How to Counter Disinformation Campaigns in Global Elections – What cybersecurity professionals around the world can do to defend against the scourge of online disinformation in this year’s election cycle.
- NIST Wants Help Digging Out of Its NVD Backlog – The National Vulnerability Database can’t keep up, and the agency is calling for a public-private partnership to manage it going forward.
- Prudential Financial Data Breach Impacts 36,000 – Prudential Financial says the names, addresses, and ID numbers of over 36,000 were stolen in a February data breach.
- XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack – Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.
- FTC: Americans lost $1.1 billion to impersonation scams in 2023 – Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020.
- Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia – The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams.
- Oil & Gas Sector Falls for Fake Car Accident Phishing Emails – Effective Rhadamanthys phishing campaign spoofs nonexistent “Federal Bureau of Transportation” to compromise recipients, analysts discover.
- SurveyLama Alarmed Over Data Breach of 4.4 Million Users – Monetized survey completion platform SurveyLama, has reportedly been alerted by data breach alerting service Have I Been Pwned (HIBP) after it found that a hacking incident has exposed the sensitive data of 4.4 million SurveyLama users, first reported by Bleeping Computer.
- Poland launches inquiry into previous government’s spyware use – Poland has launched an investigation into its previous government’s use of the controversial spyware Pegasus, with a parliamentary inquiry under way and the possibility of criminal charges being brought against former government officials in future.
- Highly Sensitive Files Mysteriously Disappeared From Europol Headquarters – A batch of highly sensitive files containing the personal information of top Europol executives mysteriously disappeared last summer