Every week I publish interesting articles and ways to improve your understanding of cybersecurity. This week was a doozy!
Projects
- TryHackMe – John The Ripper – Complete
Whitepapers
Videos
Articles
- CISA broke into a US federal agency, and no one noticed for a full 5 months – Red team exercise revealed a score of security fails
- Disney’s Internal Slack Breached? NullBulge Leaks 1.1 TiB of Data – Hacktivist group NullBulge claims to have breached Disney, leaking 1.1 TiB of internal Slack data. The leak allegedly includes messages, files, code, and more. This comes amidst breaches affecting AT&T and Ticketmaster.
- AT&T Breach Linked to American Hacker, Telecom Giant Paid $370k Ransom: Reports – The massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom.
- Rite Aid Becomes RansomHub’s Latest Victim After Data Breach – The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018.
- Email addresses of 15 million Trello users leaked on hacking forum – A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January.
- Over 400,000 Life360 user phone numbers leaked via unsecured API – A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API.
- CrowdStrike update crashes Windows systems, causes outages worldwide – A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals.
- US Data Breach Victim Numbers Increase by 1,000%, Literally – Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
Podcasts
- Smashing Security 380: Teachers TikTok targeted, and fraud in the doctors’ waiting room