Best Infosec-Related Long Reads for the Week, 10/7/23
How Intellexa sold spyware to Egypt, How phone phreakers created Apple, How one writer lost $31,000 in a pool-related BEC scam, The best password manager, PCLOB's view on Sec. 702
Latest
MGM Resorts Suffers $100 Million Blow from Ransomware Attack
Blackbaud to pay $49.5m in ransomware attack settlement, Pro-Russian group DDoS'ed Oz Home Affairs website, 4chan miscreants use Bing AI to post racist images, Feds reveal top 10 misconfigs, much more
Belgium Fears China Is Spying Via Alibaba's Logistics Software at Liège Airport
Sony data breach exposed employee data, Apple patches another zero-day, Scattered Spider reportedly behind Clorox attack, Big info-stealing on Python platforms, Atlassian fixes zero-day, much more
NATO Is Addressing Document Thefts Claimed by SiegedSec Hacktivists
EU considers export curbs on some technologies, ShellTorch flaws could lead to unauthorized access and RCE, Senators probe TikTok staff transfers, Court bars CISA's election misinfo outreach, more
Arm Warns of Ongoing Attacks Targeting Flaw in Mali Line of GPUs
Hackers stole ETSI database, Progress Software blasts PoC release, Thai police bust crypto scammers, Ransomware gangs target JetBrains flaw, Exim releases patches, BunnyLoader MaaS emerges, more
Critical Zero Day in Exim Mail Transfer Agent Enables Takeover of Exposed Servers
ShinyHunters gang member pleads guilty, Killnet claims DDoS against royal family website, POC published for SharePoint bypass, FBI warns of multiple ransomware gang strains, much more
Best Infosec-Related Long Reads for the Week, 9/30/23
Cops dredge Google data to solve crimes, Huawei gives gifts to Greek officials, What happens to HaveIBeenPwned if Troy Hunt dies?, TikTok allows doxing of anonymous users, Beware sketchy HDMI adapters Metacurity is pleased to offer our free and paid subscribers this weekly digest of the best long-form infosec-related pieces
Best Infosec-Related Long Reads for the Week, 9/30/23
Cops dredge Google data to solve crimes, Huawei gives gifts to Greek officials, What happens to HaveIBeenPwned if Troy Hunt dies?, TikTok allows doxing of anonymous users, Beware sketchy HDMI adapters
China Is Pouring Billions Into Global Disinformation Efforts, State Department
Board urges new limits on Sec. 702, NSA to launch AI security center, Biden to move forward on cloud KYC rules, Robot delivery company shared video with LAPD, Progress warns of severe flaw, much more
Hacking Group Linked to Chinese Government Caught Modifying Router Software
Chinese hackers stole 60k State Department emails, Johnson Controls hit with massive ransomware attack, Russian exploit firm offers $20m for mobile hacks, Snatch group leaks own data, much more
Sony Launches Probe Into Cybercrime Group's Claims of Massive Compromise
New vulnerability affects major GPU suppliers, US grid ill-prepared to face risks, CISA to furlough 80% of workforce if shutdown happens, Google resubmits vuln disclosure, Net neutrality revived, more
Hackers Stole $200 Million From Hong Kong's Mixin in Biggest Crypto Theft of the Year
HTX hacked for $8 million, OpenSea API keys compromised, Data on 3.4 million stolen from birth registry, Ukraine reports drop in critical cyber incidents, Drone manuals used as lures in Ukraine, more