Every week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – Common Linux Privesc – In Progress
- LinkedIn Learning – Holding Yourself Accountable – Complete
- Udemy – Teradata SQL for Data Science and Data Analytics – Complete
- Udemy – Cyber Security SOC Phishing analysis from Scratch-2024 – Complete
Videos
- SANS Cybersecurity Leadership Summit You tube Playlist: https://www.youtube.com/playlist?list=PLtgaAEEmVe6Bnuq43jxYufUue0R7jPhFk
White Papers
Articles
- Live Nation took 11 days to confirm the massive Ticketmaster data breach – Data allegedly belonging to 560 million Ticketmaster customers has been on sale all week, but the company stayed silent until Friday night.
- The NSA advises you to turn your phone off and back on once a week – Powering off your phone regularly, disabling Bluetooth when it’s not needed, and using only trusted accessories are just some of the NSA’s security recommendations.
- Police dismantle pirated TV streaming network that made $5.7 million – Spanish police have dismantled a network of illegal media content distribution that, since the start of its operations in 2015, has made over $5,700,000.
- Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions – Now-patched authorization bypass issues impacting Cox modems could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands.
- ShinyHunters claims Santander breach, selling data for 30M customers – A threat actor known as ShinyHunters is claiming to be selling a massive trove of Santander Bank data, including information for 30 million customers, employees, and bank account data, two weeks after the bank reported a data breach.
- BBC Data Breach Impacts 25,000 Employees – The BBC has disclosed a data breach impacting over 25,000 current and former employees, but the incident did not involve ransomware.
- Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested – The US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested.
- Cox fixed an API auth bypass exposing millions of modems to attacks – Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of Cox-supplied modems’ settings and steal customers’ sensitive personal information.
- Major cyberattack sees NHS London hospitals declare critical incident with operations cancelled – Procedures have been cancelled at Guy’s, St Thomas’ and King’s College hospitals after a ransomware attack
- Leaked Google database reveals its secret privacy and security failures – The company confirmed to Engadget the authenticity of the data, acquired by 404 Media.
- Crooks threaten to leak 3B personal records ‘stolen from background check firm’ – Turns out opting out actually works?
- Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs – Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform.
- FBI warns of fake remote work ads used for cryptocurrency fraud – Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies.
- Ransomware Group Claims Cyberattack on Frontier Communications – The RansomHub ransomware group claims to have stolen the information of over 2 million Frontier Communications customers.
Podcasts
- Smashing Security 374: Microsoft’s Recall controversy, and the North Korean insider threat