Zero Day $10 / month

Zero Day Substack focuses on the nexus of cybersecurity, national security, and the geopolitical landscape, highlighting incidents of cyberattacks, espionage, and the challenges in securing digital infrastructure against state-sponsored actors and hackers. It covers real-world cases, legal ramifications, and the evolving tactics of cyber warfare.

Cybersecurity National Security Cyberattacks Espionage Legal and Regulatory Issues Supply-Chain Security Surveillance Digital Infrastructure

Top posts of the year

And their main takeaways

How North Korean Workers Tricked U.S. Companies into Hiring Them and Secretly Funneled Their Earnings into Weapons Programs

1319 implied HN points 20 Oct 23
🌍 World Politics North Korea Money Laundering Sanctions
  1. North Korean IT workers tricked US companies into hiring them to secretly funnel money to North Korean weapons programs.
  2. They used elaborate methods to conceal their identities, such as fake profiles, stolen documents, and VPNs.
  3. The FBI discovered the scheme, seized funds, and warned that North Korean activity is still ongoing.

Sophisticated StripedFly Spy Platform Masqueraded for Years as Crypto Miner

899 implied HN points 26 Oct 23
🕹 Technology Malware Ransomware
  1. The StripedFly malware was initially thought to be a crypto miner but turned out to be a sophisticated spy platform that infected over a million victims worldwide since 2017.
  2. One unique aspect of StripedFly is the custom-coded TOR client used for communication and data transfer, which shows the attackers' high level of skill and security consciousness.
  3. StripedFly includes a ransomware component named ThunderCrypt, raising questions about the intent behind including ransomware in an espionage tool and how it fits into the overall operation.

How Volexity Discovered the SolarWinds Hacking Campaign

899 implied HN points 17 May 23
🕹 Technology Cybersecurity
  1. Volexity discovered a sophisticated hacking group named Dark Halo inside a U.S. think tank's network during incident-response.
  2. The hackers used a backdoor in the organization's Microsoft Exchange server and bypassed the Duo multi-factor authentication system.
  3. Volexity suspected the hackers gained access to the network through a backdoor in the SolarWinds software, which was later confirmed by security firm Mandiant.

SEC Targets SolarWinds' CISO for Rare Legal Action Over Russian Hack

839 implied HN points 28 Jun 23
💼 Business Legal action Cybersecurity Corporate Governance
  1. The SEC has sent notices to SolarWinds' employees over potential legal action related to the Russian hack.
  2. Receiving Wells notices is rare, especially for a CISO, and can lead to penalties and restrictions on future roles.
  3. SEC is expanding its focus on cybersecurity breaches and companies may face consequences for misleading disclosures or failing to address vulnerabilities.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Radiation Spikes at Chernobyl: A Mystery Few Seem Interested in Solving

140 HN points 08 Aug 23
🔬 Science Radiation Data Manipulation Investigation
  1. Radiation sensors at Chernobyl spiked after the Russian invasion, leading to suspicions of data manipulation.
  2. Patterns in the data from sensors indicated possible data manipulation rather than actual radiation spikes.
  3. The disappearance of the server and hard drives from the Ecocenter raised questions about who may have tampered with the sensor data.

Interview with the ETSI Standards Organization That Created TETRA "Backdoor"

7 HN points 25 Jul 23
🕹 Technology Cybersecurity Communication Encryption Vulnerabilities
  1. TETRA radio communication technology used by police and critical infrastructure was found to have a backdoor, reducing encryption strength.
  2. Keeping encryption algorithms secret can hinder security, as seen in the TETRA case where a deliberate weakness was discovered.
  3. ETSI created new secret algorithms to address vulnerabilities, but the debate continues on whether secrecy is the best approach for security.