The hottest Cyberattacks Substack posts right now

And their main takeaways
Category
Top Technology Topics

February 9, 2024: Russian Digest

Unmasking Russia β€’ 176 implied HN points β€’ 09 Feb 24
🌍 World Politics Ukraine NATO Russia Cyberattacks
  1. Ukraine is facing a critical shortage of military hardware, including missiles, and is in urgent need of support from foreign allies like the US.
  2. Lawmakers from Baltic and Nordic countries expressed concern over the lack of urgency from the US in helping Ukraine defend against Russia's invasion, warning of potential dire consequences.
  3. Recent intelligence reports suggest that Russia is rapidly rearming and may pose a threat to NATO countries within the next three to five years, prompting calls for increased military investments and sanctions by the EU.

Best Infosec-Related Long Reads for the Week of 2/3/24

Metacurity β€’ 39 implied HN points β€’ 10 Feb 24
πŸ•Ή Technology Security AI Cyberattacks Data Privacy
  1. London Underground is testing AI surveillance tools to monitor passengers, aiming to improve safety but facing challenges like recognizing objects accurately and potential privacy concerns.
  2. Transitioning from passwords to passkeys promises enhanced security but requires users to adapt to new ways of authentication and storage methods like dedicated password managers or physical security keys.
  3. Using SMS for account logins can lead to security vulnerabilities like SIM-swap attacks; companies should offer more secure alternatives like Authy or Google Authenticator to improve security measures.

Microsoft Sentinel SOC 101: How to Detect and Mitigate a VIP Account that has Multiple Failed Logons within a Threshold with Microsoft Sentinel

Rod’s Blog β€’ 99 implied HN points β€’ 17 Oct 23
πŸ•Ή Technology Security Microsoft Cyberattacks Cloud Automation
  1. Microsoft Sentinel helps in detecting and mitigating brute-force attacks on VIP accounts, which are high-level privileged user accounts in organizations.
  2. Brute-force attacks involve trying multiple passwords to gain unauthorized access to accounts or systems, making VIP accounts attractive targets.
  3. Organizations can use Microsoft Sentinel to set thresholds for failed logon attempts, create custom detection rules, investigate alerts triggered by VIP accounts, and take necessary response actions.

Volt Typhoon: Keep Calm and Carry On

Seriously Risky Business β€’ 0 implied HN points β€’ 08 Feb 24
πŸ•Ή Technology Cybersecurity Infrastructure Government Cyberattacks Data Privacy
  1. US faces cybersecurity threat from Chinese group Volt Typhoon targeting critical infrastructure
  2. US government took action to disrupt botnet used by Volt Typhoon for command and control
  3. CISA issued emergency directive for federal agencies to disconnect Ivanti VPN products due to exploitation by UTA0178 group
Get a weekly roundup of the best Substack posts, by hacker news affinity:

North Korea's "Vibes-Based" Targeting

Seriously Risky Business β€’ 0 implied HN points β€’ 27 Apr 23
πŸ•Ή Technology Cybersecurity Government Privacy Cyberattacks Information Sharing
  1. North Korea has a unique approach to targeting priorities and operations, focusing on 'access begets access' which differs from tightly scoped operations by Five Eyes agencies.
  2. Iran shows a shift in cyber operations policy, engaging in destructive attacks targeting US critical infrastructure potentially as a response to previous cyberattacks on Iran.
  3. Privacy concerns arise regarding governments purchasing netflow data, but Team Cymru's data is selectively ingested for cyber threat analysis and unlikely to contribute to mass surveillance.