The hottest Cybersecurity Substack posts right now

And their main takeaways
Category
Top Technology Topics

AI Roundup 103: The DeepSeek Issue

Artificial Ignorance 58 implied HN points 31 Jan 25
🕹 Technology Cybersecurity
  1. DeepSeek is a new Chinese AI company making big waves in the tech world with its advanced models. Other companies are quickly trying to integrate or copy what DeepSeek has done.
  2. DeepSeek's rapid growth is causing worries for US AI firms, pushing them to seek more domestic investment and tighter regulations on foreign tech. This competition could change the landscape of the AI industry.
  3. There are concerns about DeepSeek's chatbot, which has a high failure rate on news prompts. Some companies are blocking it due to data leaks and privacy issues, raising alarms about user safety.

Risk Tolerance & Raising the Technical Debt Ceiling

Resilient Cyber 79 implied HN points 22 May 23
🕹 Technology Cybersecurity
  1. Many organizations don't clearly define their risk tolerance in cybersecurity, impacting their ability to manage risks effectively. If a company doesn't know what risks it faces, it can't protect itself properly.
  2. There's a significant gap in measuring and understanding risks, especially with the rise of cloud services and software. Organizations often struggle to keep track of what software and hardware they use, leading to hidden vulnerabilities.
  3. Organizations are facing a backlog of vulnerabilities that they can't keep up with. If too many risks are left unresolved, it raises questions about their actual risk appetite and ability to protect themselves.

The Geneva Nothingburger

Diane Francis 359 implied HN points 17 Jun 21
🇺🇸 U.S. Politics Cybersecurity
  1. The summit between Biden and Putin achieved little, mainly setting up future meetings rather than resolving any immediate problems. It seems like both leaders had different goals that weren’t really met.
  2. Biden’s tough talk didn’t seem to faze Putin, who has a track record of ignoring agreements and continuing aggressive actions. The meeting didn’t convince anyone that Putin will change his behavior.
  3. There are ongoing threats from Russia, especially with their actions in Ukraine and cyberattacks, but the focus from some in the media was more on soundbites than serious questions about these issues. This summit didn't really address the real dangers.

Biden's Blunderland

Diane Francis 359 implied HN points 10 Jun 21
🇺🇸 U.S. Politics Cybersecurity
  1. Biden's approach to dealing with Putin has been weak, showing a lack of power in interactions. Instead of standing strong, he's been hesitant which gives Putin an advantage.
  2. The idea of a summit with a dictator like Putin is questioned because it doesn’t seem to benefit the U.S. It's important to show strength instead of making deals for peace.
  3. Biden needs to take serious action, like stopping an important pipeline and supporting Ukraine and Georgia. Without strong moves, the situation may only get worse for Western democracies.

The Combined Power of SAST and Threat Modeling

Resilient Cyber 99 implied HN points 07 Mar 23
🕹 Technology Cybersecurity
  1. Using SAST tools helps find security problems in an app's code. It's important to have tools that are easy to use and can be customized based on your needs.
  2. Threat modeling is about figuring out what security risks exist and how likely they are to happen. It helps you focus on the most important threats to your applications.
  3. Combining SAST and threat modeling makes both methods stronger. By knowing your threats, you can use SAST better to fix specific vulnerabilities in your software.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Security needs to be build again

Frankly Speaking 152 implied HN points 13 Mar 24
🕹 Technology Cybersecurity
  1. Cybersecurity industry faces challenges due to rapid evolution of technology forcing a reactive approach instead of proactive problem-solving.
  2. Security teams are overwhelmed with solutions, leading to over-reliance on tools without understanding root causes of problems.
  3. Security needs to shift focus back to problem-solving and building comprehensive solutions that go beyond just using tools.

Lỗ hổng của Sổ sức khỏe điện tử

Thái | Hacker | Kỹ sư tin tặc 259 implied HN points 13 Oct 21
🕹 Technology Cybersecurity
  1. The electronic health record system had several security vulnerabilities like default passwords, IDOR, HQL Injection, and path traversal.
  2. The system's security issues were a cause for disappointment as it seemed lack of responsible security assessment teams had overlooked these basic vulnerabilities.
  3. There were common security oversights like unauthenticated API endpoints, SQL injection vulnerabilities, path traversal vulnerabilities, and use of default passwords.

20251214

Curious futures (KGhosh) 4 implied HN points 14 Dec 25
🕹 Technology Cybersecurity
  1. AI is automating mundane work and reshaping jobs, but overreliance can erode core skills, personal agency, and real human connection.
  2. Geopolitical and security risks are rising as technology spreads — drones, attacks on infrastructure, and national preparedness programs show new vulnerabilities and tensions.
  3. Rapid biotech and tech advances (from universal organs to thought-prediction and nature-inspired solutions) bring big promise but also ethical and practical risks, so new innovations should be adopted cautiously.

Lừa đảo trên mạng

Thái | Hacker | Kỹ sư tin tặc 219 implied HN points 26 Dec 21
🕹 Technology Cybersecurity
  1. Criminals invest in technology and human resources to personalize online scams, causing significant financial losses.
  2. Online scams affect individuals of all levels of knowledge and expertise, emphasizing the need for better cybersecurity measures to protect users.
  3. Balancing security and user experience is crucial in developing effective solutions to combat various types of online fraud.

Striving Towards Implementing the National Cybersecurity Strategy (NCS)

Resilient Cyber 59 implied HN points 17 Jul 23
🕹 Technology Cybersecurity
  1. The National Cybersecurity Strategy emphasizes that big companies and government agencies should take more responsibility in managing cyber risks. This means they need to invest in better security measures to protect everyone.
  2. There are five main goals in the strategy, including making sure critical services are safe, working with the private sector, and responding quickly to cyber threats. It's all about teamwork between different sectors for better security.
  3. The plan is a living document that will change as needed. It includes specific actions and timelines, showing that the government is committed to making real improvements in cybersecurity.

The Case for Undoing Biden’s AI Diffusion Rule

From the New World 53 implied HN points 29 Jan 25
🇺🇸 U.S. Politics Cybersecurity
  1. The Biden administration's AI export controls limit American companies from easily sharing AI technology with many allied nations. This could hurt relationships with friendly countries while benefiting rivals like China.
  2. Restricting exports makes it hard for American companies to localize their AI solutions in developing regions, which affects their competitiveness. If American firms can't adapt to local needs, countries may turn to Chinese alternatives.
  3. Investing in AI infrastructure in the Global South helps build strong relationships and shared technology standards. The current export rules prevent American companies from deepening those ties, allowing China to gain influence instead.

Must Learn AI Security Compendium 13: Zero Trust for AI

Rod’s Blog 39 implied HN points 24 Oct 23
🕹 Technology Cybersecurity
  1. Zero Trust for AI involves continuously questioning and evaluating AI systems to ensure trustworthiness and security.
  2. Key principles of Zero Trust for AI include data protection, identity management, secure development, adversarial defense, explainability/transparency, and accountability/auditability.
  3. Zero Trust for AI is a holistic framework that requires a layered security approach and collaboration among various stakeholders to enhance the trustworthiness of AI systems.

Must Learn AI Security Part 23: Blurring or Masking Attacks Against AI

Rod’s Blog 39 implied HN points 19 Oct 23
🕹 Technology Cybersecurity
  1. Blurring or masking attacks against AI involve manipulating input data like images or videos to deceive AI systems while keeping content recognizable to humans.
  2. Common types of blurring and masking attacks against AI include Gaussian blur, motion blur, median filtering, noise addition, occlusion, patch/sticker, and adversarial perturbation attacks.
  3. Blurring or masking attacks can lead to degraded performance, security risks, safety concerns, loss of trust, financial/reputational damage, and legal/regulatory implications in AI systems.

Creating a Security Posture Report for a Specific Azure Subscription

Rod’s Blog 19 implied HN points 13 Feb 24
🕹 Technology Cybersecurity
  1. Creating a security posture report for a specific Azure subscription provides enhanced visibility into the security state of assets and workloads, aiding in identifying potential vulnerabilities.
  2. The report includes guidance for improvement with hardening recommendations to help efficiently enhance security posture.
  3. Azure Secure Score assists in prioritizing security recommendations for effective triage to enhance security posture and align with compliance standards.

Yes, little AI agent, you can use my computer

Alex's Personal Blog 65 implied HN points 05 Dec 24
🕹 Technology Cybersecurity
  1. AI is getting better at helping us work by using computers like we do. This means we can give it commands while we work, making tasks easier and faster.
  2. There is a gap between what big tech companies say about AI and what their users experience. Many companies want AI tools, but users often find them disappointing.
  3. SaaS companies are seeing their value go up again, which is a positive sign for the tech market.

Must Learn AI Security Part 22: Machine Learning Attacks Against AI

Rod’s Blog 39 implied HN points 18 Oct 23
🕹 Technology Cybersecurity
  1. Machine Learning attacks against AI exploit vulnerabilities in AI systems to manipulate outcomes or gain unauthorized access.
  2. Common types of Machine Learning attacks include adversarial attacks, data poisoning, model inversion, evasion attacks, model stealing, membership inference attacks, and backdoor attacks.
  3. Mitigating ML attacks involves robust model training, data validation, model monitoring, secure ML pipelines, defense-in-depth, model interpretability, collaboration, regular audits, and monitoring performance, data, behavior, outputs, logs, network activity, infrastructure, and setting up alerts.

The latest papers about browser fingerpinting

The Web Scraping Club 19 implied HN points 11 Feb 24
🕹 Technology Cybersecurity
  1. Browser fingerprinting is used as an alternative to cookies and raises privacy concerns due to its unique identification capabilities.
  2. Desktop devices are more easily uniquely fingerprinted compared to mobile devices, with Chrome providing more detailed configurations.
  3. Innovative approaches like using WebGPU for web fingerprinting pose privacy risks and may require countermeasures to prevent misuse.

A look at the DoD's Zero Trust Strategy

Resilient Cyber 119 implied HN points 27 Nov 22
🕹 Technology Cybersecurity
  1. The Department of Defense is adopting a Zero Trust strategy to improve security by not automatically trusting any user or device, and it aims to fully implement this approach in five years.
  2. Key goals of the strategy include fostering a culture of Zero Trust within the organization, accelerating technology adoption, and ensuring DoD systems are secure and well-defended.
  3. Success relies on collaboration across all levels of the DoD, as well as proper funding and resources to support the technology and cultural shifts needed for this new security model.

Breaking Down the DoD Software Modernization Strategy

Resilient Cyber 79 implied HN points 13 Apr 23
🕹 Technology Cybersecurity
  1. The Department of Defense (DoD) wants to modernize its software to keep up with technology and improve national security. They plan to deliver software that is reliable and fast to adapt to changing needs.
  2. A key part of the strategy is embracing cloud technologies and making sure software can withstand and recover from issues. This means investing in modern tech and improving processes to speed up software delivery.
  3. To achieve these goals, the DoD recognizes the importance of updating how it trains and manages its workforce. They need to make sure their team is skilled and ready to adapt to new technologies and ways of working.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Fileless Malware Attacks with Microsoft Sentinel

Rod’s Blog 39 implied HN points 09 Oct 23
🕹 Technology Cybersecurity
  1. Fileless malware attacks are increasing and can be a serious threat to organizations as they evade traditional antivirus solutions by not relying on executable files.
  2. Microsoft Sentinel, a cloud-native security information and event management solution, can help detect and mitigate fileless malware attacks by collecting data at scale, utilizing analytics rules, and automating incident response.
  3. To prevent fileless malware attacks, consider using web filtering to block phishing emails, managed threat hunting for early detection, and indicators of attack (IOAs) analysis to identify malicious activities.

Using Microsoft Sentinel to Monitor, Detect and Alert Bad AI Content

Rod’s Blog 39 implied HN points 12 Oct 23
🕹 Technology Cybersecurity
  1. Microsoft Sentinel can be used to monitor and detect bad AI content, but it is important to consider whether it is the most efficient use of resources.
  2. Organizations may choose to ingest AI data into Microsoft Sentinel, create a watchlist of bad content, and set up alerts to detect issues.
  3. Responsibilities for handling AI content alerts can be appropriately assigned to HR or relevant teams, rather than overwhelming security teams.

China's Volt Typhoon Has Lived in Critical Networks for At Least Five Years

Metacurity 19 implied HN points 08 Feb 24
📰 News Cybersecurity
  1. Chinese hacking group Volt Typhoon has been living in critical networks of some industries in the US for at least five years.
  2. Ransomware payments topped $1.1 billion in 2023, nearly doubling from the previous year, due to a surge in attacks.
  3. UN investigates 58 suspected cyberattacks by North Korea totaling $3 billion to fund its nuclear weapons program.

Hurry up

davidj.substack 23 implied HN points 21 Jun 25
🕹 Technology Cybersecurity
  1. Information security teams should be proactive instead of reactive. Companies need to adapt quickly as many vendors are now offering AI features that can affect data security.
  2. It's inefficient to have separate security evaluations for vendors that offer AI. Organizations should streamline the approval process as more tools will incorporate AI.
  3. Companies should provide approved AI tools for employees to use instead of denying access to popular non-corporate solutions. This way, they can maintain security while still allowing employees to leverage AI effectively.

"Technical Debt" is a bad metaphor

Cybersect 39 implied HN points 31 May 23
🕹 Technology Cybersecurity
  1. Technical debt is misused and misunderstood in software engineering, often seen as a moral crusade against bad code.
  2. Refactoring is essential for addressing technical debt, focusing on making code more readable and maintainable.
  3. The concept of technical debt is not about avoiding problems but understanding the ongoing costs of decisions in software development.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Cryptojacking Attacks with Microsoft Sentinel

Rod’s Blog 39 implied HN points 03 Oct 23
🕹 Technology Cybersecurity
  1. Cryptojacking involves using cloud resources to mine cryptocurrencies, leading to increased costs and performance issues for affected cloud customers.
  2. Common indicators of cryptojacking include high CPU/memory usage by unknown processes, unusual network traffic patterns, changes in cloud resource usage, and presence of malicious mining code.
  3. Microsoft Sentinel can help detect and respond to cryptojacking by analyzing data from various sources, applying advanced analytics, providing visualization dashboards, and enabling fast investigation and response using built-in playbooks.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Credential Reuse Attacks with Microsoft Sentinel

Rod’s Blog 39 implied HN points 26 Sep 23
🕹 Technology Cybersecurity
  1. Increase the cost of compromising an identity by banning common passwords, enforcing multi-factor authentication, and blocking legacy authentication.
  2. Detect threats through user behavior anomalies by ensuring event logging and data retention and by leveraging User and Entity Behavioral Analytics.
  3. Assess identity risk by conducting penetration tests, password spray tests, and simulated phishing campaigns to strengthen security controls.

Must Learn AI Security Compendium 4: Leveraging Generative AI for Cybersecurity Defense

Rod’s Blog 39 implied HN points 19 Sep 23
🕹 Technology Cybersecurity
  1. Generative AI can enhance threat detection by analyzing patterns and behaviors to identify deviations and potential cyber threats.
  2. Using generative AI in cybersecurity can automate vulnerability analysis, streamlining the patching process and addressing weaknesses promptly.
  3. Generative AI can be leveraged to create decoy systems like honeypots to divert attackers, providing valuable insights to improve defense strategies.

Must Learn AI Security Part 15: Misinformation Attacks Against AI

Rod’s Blog 39 implied HN points 21 Sep 23
🕹 Technology Cybersecurity
  1. Misinformation attacks against AI involve providing incorrect information to trick AI systems and manipulate their behavior.
  2. Types of misinformation attacks include adversarial examples, data poisoning, model inversion, Trojan attacks, membership inference attacks, and model stealing.
  3. Mitigating misinformation attacks requires data validation, robust model architectures, defense mechanisms, privacy-preserving techniques, monitoring, security best practices, user education, and collaborative efforts.

Must Learn AI Security Part 20: Text-based Attacks Against AI

Rod’s Blog 39 implied HN points 03 Oct 23
🕹 Technology Cybersecurity
  1. Text-based attacks against AI target natural language processing systems like chatbots and virtual assistants by manipulating text to exploit vulnerabilities.
  2. Various types of text-based attacks include misclassification, adversarial examples, evasion attacks, poisoning attacks, and hidden text attacks which deceive AI systems with carefully crafted text.
  3. Text-based attacks against AI can lead to misinformation, security breaches, bias and discrimination, legal violations, and loss of trust, highlighting why organizations need to implement measures to detect and prevent such attacks.

Using Azure Open AI with Microsoft Sentinel Part 1 - Getting Keys and Endpoints

Rod’s Blog 39 implied HN points 30 Mar 23
🕹 Technology Cybersecurity
  1. Consider transitioning from Logic App connector for Open AI ChatGPT to Azure Open AI's ChatGPT for more control over data.
  2. When working with Azure Open AI models, deployments should be done in the Azure console, not Azure OpenAI Studio, and need patience for the API to become accessible.
  3. In Microsoft Sentinel, use best practices like storing API keys and endpoints in Parameters for calls to Azure Open AI deployments.

Must Learn AI Security Part 5: Evasion Attacks Against AI

Rod’s Blog 39 implied HN points 22 Aug 23
🕹 Technology Cybersecurity
  1. Evasion attacks against AI involve deceiving AI systems to manipulate or exploit them, posing a serious security concern in areas like cybersecurity and fraud detection.
  2. Evasion attacks typically involve steps like identifying vulnerabilities, generating adversarial examples, submitting them to the AI system, and refining the attack if needed.
  3. These attacks can lead to compromised security, inaccurate decisions, bias, reduced trust in AI, increased costs, and reduced efficiency, highlighting the importance of developing defenses and detection mechanisms against them.

Must Learn KQL Part 4: Search for Fun and Profit

Rod’s Blog 39 implied HN points 31 May 23
🕹 Technology Cybersecurity
  1. The Kusto Query Language (KQL) search operator is a powerful tool for verifying the existence of certain elements within an environment.
  2. Using KQL for security purposes involves answering questions like 'Does it exist?', 'Where does it exist?', and 'Why does it exist?'
  3. KQL allows for detailed searches across specific tables in tools like Microsoft Office and Defender for Endpoint by leveraging wildcard characters.

Why 8(to)7 encryption is snake-oil

Cybersect 39 implied HN points 28 May 23
🕹 Technology Cybersecurity
  1. People often invent new encryption algorithms without solid evidence of effectiveness.
  2. Be cautious of encryption claims that use buzzwords and make unreasonable promises.
  3. It's important to seek technical explanations and benchmarks to evaluate the validity of encryption algorithms.

Apple Grants Self Repair for M2 Macs and iPhone 14

Fight to Repair 39 implied HN points 23 Jun 23
🕹 Technology Cybersecurity
  1. Apple is expanding self-repair options for M2 Macs and iPhone 14, but there are concerns about design and software support lacking, potentially leading to more waste and consumer frustration.
  2. Biden's Department of Transportation is facing criticism for challenging a Massachusetts repair law, with accusations of anti-competitive practices and concerns over consumer rights and data access.
  3. Pinball machines are highlighted as resilient examples defying planned obsolescence, emphasizing the importance of repair and longevity in modern technology design.

Self-Proclaimed Vigilante Hacker Casts Light on Chinese Criminals’ Global Cyber Scamming Sweatshops

Natto Thoughts 39 implied HN points 01 Sep 23
🕹 Technology Cybersecurity
  1. Chinese criminal groups have rapidly expanded cyber scam operations targeting victims worldwide, utilizing tactics like false romantic ploys and false investment schemes.
  2. The cyber scam industry in China has become industrialized, professionalized, and involves cross-border operations, employing professionals, leveraging gray technology development industry chains, and exploiting corrupt insiders.
  3. To avoid falling victim to cyber scams, it's crucial to be vigilant, use common sense, and verify offers that sound too good to be true.

Cross-workspace Query Best Practice for Microsoft Sentinel

Rod’s Blog 39 implied HN points 17 Apr 23
🕹 Technology Cybersecurity
  1. Cross-workspace queries in Microsoft Sentinel are crucial for managing multiple workspaces or customers.
  2. When using cross-workspace queries, it is more efficient to use the workspace ID rather than names or fully qualified names.
  3. Workspace IDs can be found in the Overview pane of the Log Analytics workspace or using a KQL query in Azure Resource Graph Explorer.

Trusted AI - An April Apology

Trusted 39 implied HN points 25 Apr 23
🕹 Technology Cybersecurity
  1. The author won't have a longform post due to family health issues.
  2. Upcoming posts will cover AI existential risk, cybersecurity and regulatory frameworks.
  3. The focus of the blog will remain AI-related but some changes in title and descriptions are expected.