Every week I publish interesting articles and ways to improve your understanding of cybersecurity. This week learn about Chinese hackers penetrating US internet providers and OpenAI hiring insider threat positions to watch their own employees.
Projects
- TryHackMe – Linux PrivEsc – In Progress
- Linux Foundation – Introduction to Kubernetes (LF158) – In Progress
Videos
Articles
- Halliburton shuts down systems after cyberattack – Oil drilling and fracking giant Halliburton said it has shut down some of its internal systems following a cyberattack earlier this week.
- Slack AI can be tricked into leaking data from private channels via prompt injection – Whack yakety-yak app chaps rapped for security crack
- Audit finds notable security gaps in FBI’s storage media management – An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information.
- France Police Arrested Telegram Ceo Pavel Durov – French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity.
- A Cyberattack Impacted Operations at the Port of Seattle and Sea-tac Airport – A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted.
- Chinese government hackers penetrate U.S. internet providers to spy – Beijing’s hacking effort has “dramatically stepped up from where it used to be,” says former top U.S cybersecurity official.
- OpenAI is hiring someone to investigate its own employees – At OpenAI, the security threat may be coming from inside the house. The company recently posted a job listing for a technical insider risk investigator to “fortify our organization against internal security threats.”
- DICK’s Sporting Goods says confidential data exposed in cyberattack – DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday.
- Remote Work: A Ticking Time Bomb Waiting to be Exploited – Remote work allows unvetted software outside the security boundaries of your firewall and poses additional risk as users are more likely to fall for tricks and scams when outside the office.
- Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say – Kentucky man attempted to fake his death to avoid paying child support obligations by hacking into state registries and falsifying official records.
- Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks – Suspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa.
- Phishing in Style: Microsoft Sway Abused to Deliver Quishing Attacks – In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to phishing pages delivered through Microsoft Sway
- The Emerging Dynamics of Deepfake Scam Campaigns on the Web – Our researchers discovered dozens of scam campaigns using deepfake videos featuring the likeness of various public figures, including CEOs, news anchors and top government officials.
- New Malware Employs Crazy Obfuscation Techniques to Evade Anti-Virus Detection – Security researchers have recently identified a new malware strain that employs advanced obfuscation techniques to evade detection by antivirus software.
- Park’N Fly notifies 1 million customers of data breach – Park’N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.
- Bypassing airport security via SQL injection – we tried a single quote in the username as a SQL injection test, and immediately received a MySQL error
- Unpatchable 0-day in surveillance cam is being exploited to install Mirai – Vulnerability is easy to exploit and allows attackers to remotely execute commands.