Projects
- TryHackMe – OWASP Top 10 – 2021 – Complete
Videos
- Audio from NPR story
Articles
- Enterprises Worry End Users Will be the Cause of Next Major Breach – Respondents to Dark Reading’s Strategic Security Survey believe the primary cause of their organizations’ next major data breach will involve social engineering, negligent users, and insecure remote workers.
- Ex-Employee’s Admin Credentials Used in US Gov Agency Hack – A threat actor employed the administrative credentials of a former employee to hack a US government organization.
- Quest Diagnostics pays $5M after mixing patient medical data with hazardous waste – Will cough up less than two days of annual profit in settlement – and California calls this a win via Data Breaches
- U.S. Internet Leaked Years of Internal, Customer Emails – The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser. via Data Breaches
- How to weaponize LLMs to auto-hijack websites – We speak to professor who with colleagues tooled up OpenAI’s GPT-4 and other neural nets
- Police arrest LockBit ransomware members, release decryptor in global crackdown – Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang’s servers in an international crackdown operation.
- U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders – The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation.
- Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes – A new Biden executive order to boost the cybersecurity of US ports highlights the risks associated with the use of Chinese cranes.
- Library Cyber Defenses Are Falling Down – Librarians are being asked to defend themselves online against sophisticated and complex attacks. It’s an unequal fight.
- Chrome 122, Firefox 123 Patch High-Severity Vulnerabilities – Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox updates.
Podcasts
- Cyberwire – Ep 2009 | 2.22.24 – AT&T outage leaves major cities offline.