Each week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- Linux Foundation – Introduction to Kubernetes (LF158) – In Progress
- TryHackMe – Splunk: Exploring SPL – Complete
- TryHackMe – Splunk: Setting up a SOC Lab – In Progress
Videos
Articles
- Booking.com Phishers May Leave You With Reservations – A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen.
- Nigerian man Sentenced to 26+ years in real estate phishing scams – Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts.
- Elon Musk’s SpaceX, Already a Leader in Satellites, Gets Into the Spy Game [Paywall] – The Pentagon needs what the company offers to compete with China even as it frets over its potential for dominance and the billionaire’s global interests.
- Canadian Man Arrested in Snowflake Data Extortions – A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake.
- LastPass warns of fake support centers trying to steal customer data – LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number
- South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users – South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users’ sensitive data, including political views and sexual orientation, with advertisers.
- Unpatched Vulnerabilities Allow Hacking of Mazda Cars: ZDI – ZDI discloses vulnerabilities in the infotainment system of multiple Mazda car models that could lead to code execution.
- Canada Closes TikTok Offices, Citing National Security – Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.
- Throwing caution to the winds, “kiberphant0m” tries to extort AT&T with Trump and Harris call logs – While many of us were waking up to the election results yesterday, at least one person was busy trying to extort AT&T using the president-elect and current vice president’s call logs.
- US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack – The US government’s CFPB sent an email with a simple directive: “Do NOT conduct CFPB work using mobile voice calls or text messages.”
Podcasts
- Smashing Security 391: The secret Strava service, deepfakes, and crocodiles
- Cyberwire Daily – State of security automation. [CSO Perspectives]
- Darknet Diaries – EP 149: Mini-Stories: Vol 3
- Cyberwire Daily – Canada cuts TikTok ties