Each week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

• TryHackMe – Search Skills – Complete
• TryHackMe – Windows Command Line – In Progress

Videos

Articles

• Phishing texts trick Apple iMessage users into disabling protection – Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links.
• Proton worldwide outage caused by Kubernetes migration, software change – Swiss tech company Proton, which provides privacy-focused online services, says that a Thursday worldwide outage was caused by an ongoing infrastructure migration to Kubernetes and a software change that triggered an initial load spike.
• Telefonica Breach Exposes Jira Tickets, Customer Data – The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant’s internal database.
• Former Disney Employee Admits to Hacking Menu System to Change Allergy Information – As part of a plea deal, a former Disney employee has admitted to hacking the menus of restaurants at the resort.
• Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases – Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US
• Leveraging A Generative AI Strategy To Mitigate Information Leakage – Data security in the digital space is a priority today as organizations bear an increased risk of information leakage. Sensitive data has become a primary target for cyber threats, making robust protection essential. In this context, generative AI has emerged as a powerful tool to address these challenges.
• A breach of Gravy Analytics’ huge trove of location data threatens the privacy of millions – A hack and data breach at location data broker Gravy Analytics is threatening the privacy of millions of people around the world whose smartphone apps unwittingly revealed their location data collected by the data giant.
• Scholastic suffers data breach exposing 8 million people, report says – Hacker says the theft was intended to serve as a lesson
• The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads – Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials — ironically — via fraudulent Google ads.
• Data From 15,000 Fortinet Firewalls Leaked by Hackers – Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684.
• China’s Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says – We are only seeing ‘the tip of the iceberg,’ Easterly warns

Podcasts

• The FAIK Files – Holiday Special: AI Safety Update
• Hacking Humans – Nice to meet you, I’m a scammer.