Each week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- Linux Foundation – Introduction to Kubernetes (LF158) – In Progress
- TryHackMe – Splunk: Setting up a SOC Lab
- SANS Holiday Hack Challenge 2024: Snow-maggedon
Papers
- Phishing-Resistant Multi-Factor Authentication (MFA) Success Story: USDA’s Fast IDentity Online (FIDO) Implementation
- Understanding the Efficacy of Phishing Training in Practice
Videos
- November Verizon Threat Research Advisory Center – Navigating the Web of Modern Threats: The Intersection of Supply Chains, Cybersecurity, AI, and Intelligence
Articles
- Phishing emails increasingly use SVG attachments to evade detection – Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.
- Fake Discount Sites Exploit Black Friday to Hijack Shopper Information – A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season.
- T-Mobile Also Targeted in Chinese Telecom Hacking Campaign – T-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom companies.
- Fake Bitwarden ads on Facebook push info-stealing Chrome extension – Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser.
- 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks – EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.
- Ford rejects breach allegations, says customer data not impacted – Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum.
- D-Link tells users to trash old VPN routers over bug too dangerous to identify – Vendor offers 20% discount on new model, but not patches
- Russian Phobos Ransomware Operator Faces Cybercrime Charges – Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges.
- China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks – A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection.
- US charges five linked to Scattered Spider cybercrime gang – The U.S. Justice Department has charged five suspects believed to be part of the financially motivated Scattered Spider cybercrime gang with conspiracy to commit wire fraud.
- We Can Do Better Than Free Credit Monitoring After a Breach – Individual companies and entire industries alike must take responsibility for protecting customer data — and doing the right thing when they fail.
- Malware delivered via malicious QR codes sent in the post – Cybercriminals have adopted a novel trick for infecting devices with malware: sending out physical letters that contain malicious QR codes.
- Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack – In a first, Russia’s APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
Podcasts
- CSO Perspectives – Cyber-entrepreneurship in the age of CyberAI.
- Smashing Security 394: Digital arrest scams and stream-jacking