Every week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – What is Shell? – In Progress
Videos
Articles
- Missouri county declares state of emergency amid suspected ransomware attack – Outage occurs on same day as special election, but election offices remain open.
- Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access – Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices.
- DOJ-Collected Information Exposed in Data Breach Affecting 340,000 – Economic analysis and litigation support firm GMA says personal and medical information was stolen in a May 2023 data breach.
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks – Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.
- Targus discloses cyberattack after hackers detected on file servers – Laptop and tablet accessories maker Targus disclosed that it suffered a cyberattack disrupting operations after a threat actor gained access to the company’s file servers.
- Home Depot Hammered by Supply Chain Data Breach – SaaS vendor to blame for exposing employee data that was ultimately leaked on Dark Web forum, according to the home improvement retailer.
- Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability – Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.
- AT&T now says data breach impacted 51 million customers – AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained.
- 96% of US hospital websites share visitor info with Meta, Google, data brokers – Could have been worse – last time researchers checked it was 98.6%
- Thousands of LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one – LG patches four vulnerabilities that allow malicious hackers to commandeer TVs.
- Why CISA is Warning CISOs About a Breach at Sisense – The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack – Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wild.
- FBI warns of massive wave of road toll SMS phishing attacks – On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees.
- Roku warns 576,000 accounts hacked in new credential stuffing attacks – Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March.
- US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft – The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.”
Podcasts
- Smashing Security 367: WhatsApp at Westminster, unhealthy AI, and Drew Barrymore