Every week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – Common Linux Privesc – In Progress
- Udemy – Splunk for Beginners
Videos
Articles
- Almost all citizens of city of Eindhoven have their personal data exposed – A data breach involving the Dutch city of Eindhoven left the personal information related to almost all of its citizens exposed.
- Merrill employee exposes Walmart pension plan members – An employee of Merrill, a division of Bank of America, made an email error that exposed nearly two thousand Walmart 401(k) Plan participants, revealing their personal data.
- 2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx – Pharmacy prescription services provider Sav-Rx says the personal information of 2.8 million was stolen in a cyberattack.
- Internet Archive and the Wayback Machine under DDoS cyber-attack – The Internet Archive, the nonprofit research library that’s home to millions of historical documents, preserved websites, and media content, is currently in its third day of warding off an intermittent DDoS (distributed denial-of-service) cyber-attack.
- BreachForums returns just weeks after FBI-led takedown – Website whack-a-mole getting worse
- ‘Largest Botnet Ever’ Tied to Billions in Stolen Covid-19 Relief Funds – The US says a Chinese national operated the “911 S5” botnet, which included computers worldwide and was used to file hundreds of thousands of fraudulent Covid claims and distribute CSAM, among other crimes.
- Google confirms the leaked Search documents are real – A collection of 2,500 leaked internal documents from Google filled with details about data the company collects is authentic, the company confirmed today. Until now, Google had refused to comment on the materials.
- AI Will Increase the Quantity — and Quality — of Phishing Scams – Gen AI tools are rapidly making these emails more advanced, harder to spot, and significantly more dangerous. Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts. Companies need to: 1) understand the asymmetrical capabilities of AI-enhanced phishing, 2) determine the company or division’s phishing threat severity level, and 3) confirm their current phishing awareness routines.
- Mystery malware destroys 600,000 routers from a single ISP during 72-hour span – An unknown threat actor with equally unknown motives forces ISP to replace routers.
- Santander hit by massive cyberattack: All staff and ’30million’ customers have personal data stolen by gang ‘behind Ticketmaster hack’ – Hackers are attempting to sell personal data of all Santander staff and up to 30 million customers in the latest reported theft by cybercrime gangs.
Podcasts
- Smashing Security – 373: iPhone undeleted photos, and stealing Scarlett Johansson’s voice
- Federal Drive – How AI will exacerbate fraud against the government