Each week I publish interesting articles and ways to improve your understanding of cybersecurity.
Projects
- TryHackMe – Windows Powershell – In Progress
- Cryptohack – A free, fun platform for learning modern cryptography.
Videos
- The Lazarus Heist – YouTube Playlist
Articles
- US Justice Department sues to block HPE’s $14B acquisition of Juniper Networks – The U.S. Department of Justice has sued to block enterprise tech giant HPE from acquiring Juniper Networks, the networking firm, citing antitrust concerns.
- Grubhub confirms data breach affecting customers and drivers – U.S. food delivery giant Grubhub says hackers accessed the personal details of customers and drivers after breaching its internal systems.
- Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks – Hackers linked to China, Iran and other foreign governments are using new AI technology to bolster their cyberattacks against U.S. and global targets, according to U.S. officials and new security research.
- Apple ordered to open encrypted user accounts globally to UK spying – The secret order would give the UK access to encrypted backups belonging to any user — not just Brits.
- DeepSeek App Transmits Sensitive User and Device Data Without Encryption – A new audit of DeepSeek’s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks.
- Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims – OCR plugin great for extracting crypto-wallet secrets from galleries
- Agencies Sound Alarm on Patient Monitors With Hardcoded Backdoor – CISA and the FDA are warning that Contec CMS8000 and Epsimed MN-120 patient monitors are open to meddling and data theft; Claroty Team82 flagged the vulnerability as an avoidable insecure design issue.
- Netgear warns users to patch critical WiFi router vulnerabilities – Netgear has fixed two critical vulnerabilities affecting multiple WiFi router models and urged customers to update their devices to the latest firmware as soon as possible.
Podcasts
- Smashing Security 402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps
- Smashing Security 403: Coinbase crypto heists, QR codes, and ransomware in the classroom
- Darknet Diaries EP 154: Hijacked Line