Each week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

• TryHackMe – Networking Concepts – In Progress

Videos

Articles

• DOGE’s US worker purge has created a spike in insider risk – Summarily firing workers who have access to national secrets is creating a nearly unprecedented environment for classified data exposure, writes CIA Distinguished Career Intelligence Medal awardee Christopher Burgess.
• Faced with insider threats, how do you strengthen defenses from within? – We explore how behavioral analytics and an ethical environment help financial institutions mitigate and detect insider threats effectively.
• A single default password exposes access to dozens of apartment buildings – A security researcher says the default password shipped in a widely used door access control system allows anyone to easily and remotely access door locks and elevator controls in dozens of buildings across the U.S. and Canada.
• Exploits for unpatched Parallels Desktop flaw give root on Macs – Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices.
• Coast Guard hit with data breach, impacting pay for more than 1,100 members – The Coast Guard Pay and Personnel Center’s Direct Access service is down until Feb. 19 as a result.
• Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace – In a wide-ranging speech and interview, Nakasone also talked about Trump administration moves and the shape of cyber offensive operations.
• Australia Bans Kaspersky Software Over National Security and Espionage Concerns – Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns.
• Crypto exchange Bybit says it was hacked and lost around $1.4B – Crypto exchange Bybit announced on Friday that “a sophisticated attack” led to the theft of Ethereum (ETH) from one of the company’s offline wallets.
  • Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers – The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company’s CEO Ben Zhou declared a “war against Lazarus.”
• US employee screening giant DISA says hackers accessed data of more than 3M people – DISA Global Solutions, a U.S.-based provider of employee screening services, has said it suffered a data breach that affects more than 3.3 million people.
• Detroit PBS notifies 1,700 of data breach that compromised SSNs, passwords, financial and medical info – Detroit PBS over the weekend confirmed it notified 1,694 people about an August 2024 data breach that compromised the following private info
• Southern Water says Black Basta ransomware attack cost £4.5M in expenses – United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024.
• Hackers Can Crack Into Car Cameras in Minutes Flat – It’s shockingly simple to turn a car dashcam into a powerful reconnaissance tool for gathering everyday routine and location data, researchers warn.

Podcasts

• Smashing Security 406: History’s biggest heist just happened, and online abuse