TryHackMe – Advent of Cyber
EdX – EC-Council | Network Defense Essentials – Complete
EdX – EC-Council | Digital Forensic Essentials – In Progress
- MongoDB says customer data was exposed in a cyberattack – MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week.
- Former IT manager pleads guilty to attacking high school network – Conor LaHiff, a former IT manager for a New Jersey public high school, has admitted to committing a cyberattack against his former employer following the termination of his employment in June 2023.
- Vans and North Face owner VF Corp hit by ransomware attack – American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions.
- FBI disrupts Blackcat ransomware operation, creates decryption tool – The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation’s servers to monitor their activities and obtain decryption keys.
- Mr. Cooper Data Breach Impacts 14.7 Million Individuals – Mr. Cooper has confirmed that personal and bank account information was compromised in a recent cyberattack.
- 1.5 Billion Records Leaked in Real Estate Wealth Network Data Breach – Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that held 1.5 billion records containing real estate ownership data of millions of people, including celebrities, politicians, and even my own personal information. The database belonged to New York-based Real Estate Wealth Network.
- Xfinity Data Breach Impacts 36 Million Individuals – The recently disclosed Xfinity data breach, which involved exploitation of the CitrixBleed vulnerability, impacts 36 million individuals
- Top 15 SANS Summit Talks of 2023 – This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.
- Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware – A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language.
- UK Teen Gets Indefinite Hospital Order For ‘Grand Theft Auto’ Hack – Arion Kurtaj was found responsible by a British court of carrying out one of the biggest breaches in the history of the video game industry
- BlackCat Strikes Back: Ransomware Gang “Unseizes” Website, Vows No Limits on Targets – The BlackCat/Alphv ransomware group is dealing with the government operation that resulted in website seizures and a decryption tool.
- Interpol operation arrests 3,500 cybercriminals, seizes $300 million – An international law enforcement operation codenamed ‘Operation HAECHI IV’ has led to the arrest of 3,500 suspects of various lower-tier cybercrimes and seized $300 million in illicit proceeds.
- Cyberwire – Ep 1969 | 12.18.23 – 14 million customers and stolen data.
I ran all the way through this once, to make sure I understood it enough to do a video of it then the second time through it didn’t work. As much as I would like to go back a third time I just don’t have time today. So here is the official tryhackme video and a screenshot to show I actually did complete it.
TryHackMe – Advent of Cyber
UDemy – Python for Cybersecurity – Gitlab – COMPLETE
EdX – EC-Council | Network Defense Essentials – In Progress
- Top Five Cybersecurity Predictions for 2024 – The cybersecurity industry continues to face many challenges, including shortages of skilled security personnel, record-level ransomware attacks, and increased risks associated with modern attack surfaces. However, investments in security products and services continue to remain strong, including AI-fueled threat prevention, zero trust security, managed detection and response (MDR), and more. So, what does next year have in store for the cybersecurity industry? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2024.
- New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices – Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim.
- HACKTIVISTS HACKED AN IRISH WATER UTILITY AND INTERRUPTED THE WATER SUPPLY – Threat actors launched a cyberattack on an Irish water utility causing the interruption of the power supply for two days.
- Kelvin Security hacking group leader arrested in Spain – The Spanish police have arrested one of the alleged leaders of the ‘Kelvin Security’ hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020.
- Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches – Data breaches are rapidly accelerating, according to a number-crunching report from Apple this week — heightening the need to finally implement end-to-end data encryption.
- Counter-Strike 2 HTML injection bug exposes players’ IP addresses – Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players’ IP addresses.
- Multiple Ohio schools receive threats, believed to be Russian hackers, saying bombs are in schools – Schools in Ohio have received threats of multiple explosives inside American schools. via DataBreaches.net
- Over 1,450 pfSense servers exposed to RCE attacks via bug chain – Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance.
- Cloud engineer gets 2 years for wiping ex-employer’s code repos – Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company.
- Cyberattack Cripples Ukraine’s Largest Telecom Operator – Kyivstar, the largest mobile network operator in Ukraine, was hit by a massive cyberattack on Tuesday, disrupting mobile and internet communications for millions of citizens.
- Ukrainian military says it hacked Russia’s federal tax agency – The Ukrainian government’s military intelligence service says it hacked the Russian Federal Taxation Service (FNS), wiping the agency’s database and backup copies.
- UBIQUITI USERS CLAIM TO HAVE ACCESS TO OTHER PEOPLE’S DEVICES – Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts.
- New Security Vulnerabilities Uncovered in pfSense Firewall Software – Patch Now – Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances.
- Food Giant Kraft Heinz Targeted by Ransomware Group – A ransomware group claims to have breached the systems of Kraft Heinz, but the food giant says it’s unable to verify the claims.
- Ex-Amazon engineer pleads guilty to hacking crypto exchanges – Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022.
- Cyberwire – Ep 1964 | 12.11.23 – China sets sights on US critical infrastructure.