Every week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – What is Shell? – In Progress
Videos
Articles
- Roku says 576,000 user accounts hacked after second security incident – the company said about 576,000 user accounts were accessed using a technique known as credential stuffing, where malicious hackers use usernames and passwords stolen from other data breaches and reuse the logins on other sites.
- Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts – A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million.
- Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure – ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm.
- T-Mobile employees report being lured into scamming customers (Update: T-Mobile statement) – Scammers are asking T-Mobile employees to perform SIM swaps for them.
- T-Mobile, Verizon workers get texts offering $300 for SIM swaps – Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps.
- NSA Publishes Guidance for Strengthening AI System Security – “Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems.”
- Omni Hotels says customers’ personal data stolen in ransomware attack – Hotel chain giant Omni Hotels & Resorts has confirmed cybercriminals stole the personal information of its customers in an apparent ransomware attack last month.
- Frontier Communications Shuts Down Systems Following Cyberattack – Telecom giant Frontier shuts down systems to contain a cyberattack that led to personal information compromise.
- Cisco Warns of Massive Surge in Password-Spraying Attacks on VPNs – Attackers are indiscriminately targeting VPNs from Cisco and several other vendors in what may be a reconnaissance effort, the vendor says.
- GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories – Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional.
- Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities – Users will need to download the latest version of Ivanti’s Avalanche to apply fixes for all of the bugs.
- UnitedHealth: Change Healthcare cyberattack caused $872 million loss – UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February.
Podcasts
- Darkside Dairies 144: Rachel