Projects
- TryHackMe – Burp Suite: The Basics – Complete
Videos
Articles
- How a mistakenly published password exposed Mercedes-Benz source code – Plus ‘cloud access keys, blueprints, design documents, passwords, API keys …’
- URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite – GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace.
- UAE Government Cyber Chief: We Face 50K Cyberattacks Daily – The Emirates see phishing emails, DDoS attacks, and ransomware, as well as port scans, regularly.
- New Jersey School District Shut Down by Cyberattack – Sunday night, Freehold Township district officials notified its staff and parents that school would not be in session Monday due to technical difficulties caused by a cyber incident.
- DHS employees jailed for stealing data of 200K U.S. govt workers – Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.
- NSA Admits Secretly Buying Your Internet Browsing Data without Warrants – The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week.
- CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday – CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday.
- Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider – On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.
- SIM-swapping ring stole $400M in crypto from a US company, officials allege – Scheme allegedly targeted Apple, AT&T, Verizon, and T-Mobile stores in 13 states.
Podcasts
- Cyberwire – Ep 1995 | 2.1.24 – Defending America against China’s ominous onslaught.