The hottest Cybersecurity Substack posts right now

And their main takeaways
Category
Top Technology Topics

Breaking into Red Teaming: Phase 1

Locks and Leaks 19 implied HN points 05 Dec 23
🕹 Technology Cybersecurity
  1. Breaking into red teaming involves a phased approach with fundamental, technical, and employment skills.
  2. Phase 1 focuses on understanding red teaming fundamentals like what red teaming is and diving into analytical and cybersecurity elements.
  3. To succeed as a physical red teamer, it's essential to gain knowledge in analytical red teaming, learn about cybersecurity, and understand the partnership between physical and cyber red teams.

A look at the Open Software Supply Chain Attack Reference (OSC&R)

Resilient Cyber 59 implied HN points 21 Feb 23
🕹 Technology Cybersecurity
  1. The Open Software Supply Chain Attack Reference (OSC&R) is a tool designed to help understand software supply chain security risks. It provides a framework to assess various tactics that attackers may use.
  2. One important concept introduced by OSC&R is the Pipeline Bill of Materials (PBOM), which gives a detailed view of everything that happens to a piece of software from start to finish. This helps organizations see risk factors at every stage of the software's life.
  3. Security is a big concern across different areas like container security, open source software, and cloud security. Each area has specific practices to follow to help protect against potential threats.

Supplier Misnomer

Resilient Cyber 59 implied HN points 01 Feb 23
🕹 Technology Cybersecurity
  1. Most modern software relies heavily on Free and Open Source Software (FOSS), but companies often don't have a formal relationship with the maintainers of this software. This means you can't always expect support or responses when issues arise.
  2. Many FOSS projects have limited contributors, and some are maintained by just one person. This can lead to challenges in getting help or updates if needed, making it important for users to be ready to step in if something goes wrong.
  3. As a software user, you need to understand that the responsibility for managing FOSS lies with you. If you want maintainers to act like suppliers, consider supporting them financially, or be prepared to handle any risks yourself.

Why the Future of Engineering Is Still Human

ppdispatch 13 implied HN points 08 Jul 25
🕹 Technology Cybersecurity
  1. AI is changing the way software is developed. It's making coding easier and faster, but we still need skilled humans to manage and check the work.
  2. Even with AI tools, human expertise is crucial. Writers and engineers often have to fix mistakes made by AI, which creates more job opportunities.
  3. The biggest challenges in coding are understanding and collaborating, not just writing the code. Good teamwork and trust among developers are still very important.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Going Down With the Ship

Resilient Cyber 39 implied HN points 31 May 23
🕹 Technology Cybersecurity
  1. Many organizations have a huge number of open vulnerabilities, but they struggle to fix them fast enough. This creates a risky situation where bad actors can exploit these weaknesses quickly.
  2. Despite new tools and approaches, cybersecurity continues to lag behind the speed of threats. Adding more security tools doesn't necessarily make things safer and can actually create confusion and overload for teams.
  3. Security should be treated as an ongoing process, not just something to buy or check off a list. If we keep doing the same thing without real change, we’ll keep facing the same problems.

Troublesome Tenants

Resilient Cyber 59 implied HN points 16 Jan 23
🕹 Technology Cybersecurity
  1. The PEACH Framework helps with cloud security by focusing on tenant isolation. It gives guidance on how to keep different customer data safe from each other.
  2. Multi-tenancy in cloud computing can bring risks, especially if security isn't handled correctly. It's important for both cloud service providers and users to understand these risks and take steps to protect themselves.
  3. Effective tenant isolation involves using several methods, like reducing complexity and improving separation. These strategies help ensure that one tenant's data doesn’t accidentally mix with another's.

Edition 27: Secure by Design is important, but requires a different kind of industry effort to achieve it

Boring AppSec 38 implied HN points 10 Nov 24
🕹 Technology Cybersecurity
  1. The Secure by Design initiative aims to improve software security, but it's unclear how effective it will actually be. Companies might just treat it as another compliance standard without real change.
  2. CISA's approach mixes good ideas with vague guidelines, making it hard for security teams to use effectively. This can lead to companies focusing on basic compliance instead of deeper security improvements.
  3. Awareness initiatives can be helpful, especially for new issues in cybersecurity, but they often become outdated. What worked in the past, like OWASP Top 10, may not be useful for current complex security challenges.

Entrust mis-issues a certificate, Refuses To Follow CA/B Rules

Musings about WebPKI and Public Trust 8 HN points 15 Mar 24
🕹 Technology Cybersecurity
  1. Certificate Authorities can face incidents like misissuance or non-issuance, with misissuances often caused by human error or software bugs.
  2. Baselining Requirements set by the CA/B forum provide rules for dealing with certificate misissuances, including the timeline for revocation.
  3. Entrust's recent incident highlights a misissuance dilemma, where they continued misissuing certificates and refused to follow the proper revocation process, impacting thousands of Extended Validation certificates.

Application Security Maturity Models

Resilient Cyber 59 implied HN points 03 Jan 23
🕹 Technology Cybersecurity
  1. OWASP's Software Assurance Maturity Model (SAMM) helps organizations check how secure their software practices are and plan for improvements. It breaks down the process into different business functions to make it manageable.
  2. SAMM outlines specific security practices organizations should follow during software development, including governance, design, implementation, verification, and operations. Each area has suggested actions to help raise security standards.
  3. It's important to cautiously evaluate self-attestations from third-party software vendors regarding security compliance. Additional tools like Software Bill of Materials (SBOM) can help provide clearer insights into software vulnerabilities.

307 Cybersecurity Exhibitors at Black Hat 2025

The Security Industry 10 implied HN points 25 Jul 25
🕹 Technology Cybersecurity
  1. At Black Hat 2025, there will be 307 exhibitors focusing on cybersecurity. This event gives you a chance to meet many of the top vendors in the industry.
  2. These cybersecurity vendors have received over $43 billion in funding, showing the industry's rapid growth and strong investment interest.
  3. Despite global challenges, the number of exhibitors remains steady compared to last year. This indicates that companies still want to participate and showcase their solutions.

Python: The One Language LLMs Can’t Resist

HackerPulse Dispatch 8 implied HN points 20 Aug 25
🕹 Technology Cybersecurity
  1. Microsoft has fully integrated GitHub into its CoreAI division, raising questions about the future direction and independence of the platform.
  2. AI coding tools show a strong preference for Python, which could limit developers' exposure to other programming languages that might be better suited for specific tasks.
  3. While AI promises to boost productivity, many developers find that using these tools can actually lead to more work, as they often need to manage and correct AI-generated code.

Shut It Down Now!

Daniel Pinchbeck’s Newsletter 9 implied HN points 30 Jul 25
🕹 Technology Cybersecurity
  1. Artificial Superintelligence (ASI) poses serious risks that could affect humanity in the near future. It's important to take these threats seriously and be prepared.
  2. There are concerns about consequences like unemployment, misinformation, and even human extinction due to AI advancements. These issues need to be openly discussed and addressed.
  3. While AI could bring benefits, many believe the dangers currently outweigh the positives. The risks are alarming enough to be compared to playing Russian Roulette.

Old Advocacy, New Algorithms: How 16th century "Devil's Advocates” Shaped AI Red Teaming

Humane AI 20 HN points 11 May 23
🕹 Technology Cybersecurity
  1. The practice of 'Devil's Advocates' shaping decision-making dates back centuries, like in the case of determining the legitimacy of saints.
  2. Red teaming has evolved from military war games to modern applications in cybersecurity and ensuring ethical implications in generative AI systems.
  3. Guidelines for effective red teaming include partnering with civil society organizations, collaborating with humanities departments, and expanding efforts for diverse linguistic contexts.

Checking in on the 2025 Cyber 150

The Security Industry 11 implied HN points 03 Jul 25
🕹 Technology Cybersecurity
  1. The Cyber 150 list includes cybersecurity companies with between 50 to 500 employees, showcasing those on the rise before they grow too big.
  2. Funding is flowing into these companies, with some receiving over $100 million, totaling around $2.3 billion in the first half of 2025 alone.
  3. Companies that grow past 500 employees or fail to grow can graduate from or drop off the Cyber 150 list, highlighting their changing status in the industry.

I fought a DDoS and lived to tell the tale

FunkByteTech 3 HN points 03 Jun 24
🕹 Technology Cybersecurity
  1. Prepare for unexpected challenges like DDoS attacks by having suitable defenses like Web Application Firewalls (WAF) in place.
  2. Stay vigilant and adaptive during a DDoS attack, making use of tools like Load Balancer access logs and being ready to block traffic from unwanted sources.
  3. After facing a DDoS attack, reflect on the experience to learn and improve, reinforcing your defense mechanisms for potential future attacks.

CISA’s Take on Vulnerability Prioritization and Management

Resilient Cyber 59 implied HN points 22 Nov 22
🕹 Technology Cybersecurity
  1. CISA emphasizes using machine-readable formats for security advisories to help organizations quickly understand and respond to vulnerabilities. Automating this process can speed up how fast companies act against threats.
  2. The Vulnerability Exploitability eXchange (VEX) helps organizations know if a vulnerability affects their products. This allows them to focus on the most critical risks rather than wasting time on ones that don't impact them.
  3. CISA's Stakeholder Specific Vulnerability Categorization (SSVC) helps organizations prioritize which vulnerabilities to address based on impact and urgency. It guides decision-making with a structured approach to risk management.

An Incomplete Look at Vulnerability Databases & Scoring Methodologies

Resilient Cyber 59 implied HN points 22 Nov 22
🕹 Technology Cybersecurity
  1. Vulnerability databases like CVE and NVD help identify and score software weaknesses. This scoring helps companies prioritize what to fix first to keep users safe.
  2. The Common Vulnerability Scoring System (CVSS) rates how severe a vulnerability is. This helps organizations understand the impact and urgency of addressing the risk.
  3. New systems like the Open-Source Vulnerabilities (OSV) database and Global Security Database (GSD) aim to improve how vulnerabilities are recorded and shared, making it easier for developers to manage risk.

April Event Round-Up and Public Speaking

Resilient Cyber 39 implied HN points 04 Apr 23
🕹 Technology Cybersecurity
  1. There are several public speaking events related to security and compliance happening in April. These focus on topics like Software as a Service (SaaS) security and building secure programs.
  2. One important event will discuss how to create a compliance program for federal services, emphasizing the balance between development speed and security. This is crucial for companies navigating these challenges.
  3. Another key topic is Software Transparency and how to secure the software supply chain. This issue is becoming more important as many businesses rely on software solutions, and it's something experts are starting to address more.

🥟 Chao-Down #78 Hackers use generative AI to create malware, Google introduces AI-powered privacy platform, ChatGPT begins giving therapy

Chaos Theory 19 implied HN points 04 May 23
🕹 Technology Cybersecurity
  1. Hackers are using generative AI to create malware, making it harder for cybersecurity professionals to detect and defend against these attacks.
  2. Google introduces an AI-powered privacy platform called Checks.
  3. ChatGPT is starting to give therapy, potentially revolutionizing mental health care.

TechLetters #124 - Generative-AI for ads approaching. Dwell time goes down.

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique 19 implied HN points 24 Apr 23
🕹 Technology Cybersecurity
  1. Google plans to use generative AI for dynamic ads, raising concerns about transparency and data protection.
  2. New cryptographic standards are compared to a jigsaw puzzle, emphasizing the complexity and precision required.
  3. The EU is establishing a 'cyber solidarity' reserve to address cybersecurity threats, with a focus on supporting countries like Ukraine.

The .zip domains are a good idea

Cybersect 19 implied HN points 12 May 23
🕹 Technology Cybersecurity
  1. Google offering .zip domains sparked outrage in the cybersec community.
  2. Intolerance for security issues can lead to positive changes in cybersecurity practices.
  3. Challenging the status quo in cybersecurity can drive improvements over time.

Wiz: Visible Vulnerabilities

The Product Person 19 implied HN points 13 Apr 23
🕹 Technology Cybersecurity
  1. Wiz achieved remarkable success with $10 billion valuation by rapidly growing in the cybersecurity industry.
  2. Wiz's founding team had a strong background in security from Israeli Intelligence, and previous successful ventures set a solid foundation for their new startup.
  3. Wiz's swift growth was boosted by their cloud-first approach and fast product implementation, attracting high-profile customers and significant funding.

The Coming War Over The Technosphere

The Future of Life 19 implied HN points 08 Sep 23
🕹 Technology Cybersecurity
  1. There is a growing concern about dangerous technologies being created by individuals, which could pose serious threats to society. We need to be aware of these risks and create systems to protect ourselves.
  2. As technology advances, there will be a divide between people who see tech as a danger and those who believe it can solve problems. This conflict will shape how we approach technological progress.
  3. A strong defense against harmful technologies and agents is essential. We should develop protective measures, like intelligent filters, to keep ourselves safe from potential dangers in the technosphere.

The Overture

Trusted 19 implied HN points 29 Mar 23
🕹 Technology Cybersecurity
  1. Technology has shifted away from its original purpose of benefiting society to prioritizing profit and engagement.
  2. Trust in institutions and technology is declining globally, leading to challenges in democracy and public collaboration.
  3. Despite the potential of AI as a transformative technology, there is a lack of trust among the public, highlighting the need for transparent development and implementation.

Feiyu Security Raised a Pre-A Round|China Cybersecurity

CyberSecurityMew 19 implied HN points 01 Apr 23
🕹 Technology Cybersecurity
  1. Feiyu Security raised a Pre-A Round from Nova Cyber Venture in January 2023.
  2. The core technical team of Feiyu Security comes from the GoSSIP Software Security Research Group of Shanghai Jiaotong University.
  3. Feiyu Security's Corax platform utilizes cutting-edge technologies for improved detection accuracy, tailored engines for different languages, and features like container deployment and DevOps integration.

The inspiration of early hacker culture; not your father’s DDoS; Prigozhin mutiny in cyberspace; China inching toward Ukraine? MOVEIt hack raises risk of deepfake scams

Natto Thoughts 19 implied HN points 30 Jun 23
🕹 Technology Cybersecurity
  1. The German television miniseries 'The Billion Dollar Code' on Netflix captures the excitement of early hacker culture.
  2. Distributed denial-of-service (DDoS) attacks are evolving in sophistication and targeting new entities, posing significant cyber risks.
  3. China's potential support for Ukraine in reclaiming disputed territories, like Crimea, signifies a shift in geopolitical dynamics and requires careful observation.

Must Learn KQL Part 15: The Distinct Operator

Rod’s Blog 19 implied HN points 31 May 23
🕹 Technology Cybersecurity
  1. The Distinct operator in KQL helps in delivering results based on a distinct combination of provided columns.
  2. Distinct can be used to get precise results and is essential for tasks like security hunting operations.
  3. By combining Distinct with other operators like Summarize, you can manipulate data to show specific insights and counts in KQL.

China as a Target of Cyberattacks: What China Says About Who Are in Their Systems

Natto Thoughts 19 implied HN points 04 Aug 23
🕹 Technology Cybersecurity
  1. The top APT groups targeting China come from Taiwan, Vietnam, India, North Korea, Russia, and the US, showing the diverse origin of cyber threats against China.
  2. China's geopolitical tensions with neighboring countries like India manifest in cyberspace, with APT groups from these regions actively targeting Chinese organizations.
  3. QAX's Global APT report points out the exploitation of zero-day vulnerabilities by overseas APT groups targeting China, such as the iMessage 0-click 0day vulnerability, reflecting the global nature of cyber threats.

Skepticism about Russian Internet Cutoff, Backpack Nukes, and Cybersecurity Awards

Natto Thoughts 19 implied HN points 13 Jul 23
🌍 World Politics Cybersecurity
  1. There are doubts about Russia's readiness to operate its own internet independently, despite claims of conducting a test cutoff.
  2. Debates over internet governance and fragmentation are ongoing, with Russia seeking ITU oversight instead of a multi-stakeholder approach.
  3. Some cybersecurity awards programs may be more about advertising than indicating actual excellence in cybersecurity.

Fight to Repair Daily: August 19, 2022

Fight to Repair 39 implied HN points 21 Aug 22
🕹 Technology Cybersecurity
  1. Cybersecurity in agtech, highlighted by the John Deere hack, is crucial with leading companies like John Deere being continuously targeted by hackers.
  2. The right-to-repair movement benefits users by allowing for easier and more affordable repairs, while companies may need to adapt to maintain profitability.
  3. Ownership of products is evolving, with subscription-based services becoming more common, raising questions about what consumers truly own when they purchase hardware.

What is DarkBERT?

The PhilaVerse 123 implied HN points 24 May 23
🕹 Technology Cybersecurity
  1. DarkBERT is a large language model designed for the Dark Web.
  2. It excels in ransomware leak detection, notable thread detection, and threat phrase inference.
  3. Automating analysis with DarkBERT could reduce the workload of cybersecurity specialists.

How the CIA Writes Python

Luminotes 28 implied HN points 15 Dec 24
🕹 Technology Cybersecurity
  1. The CIA has a unique Python style guide, focusing on clarity and readability, with special rules for exceptions, globals, and list comprehensions.
  2. They use specific tools like PyCharm for development and have a custom setup for installing Python and managing packages within secure environments.
  3. There are no strict rules governing coding practices; instead, individuals make choices based on their preferences and the limitations of their working conditions.

This Week in Vegas: DEF CON Does Repair

Fight to Repair 39 implied HN points 09 Aug 22
🕹 Technology Cybersecurity
  1. DEF CON is a significant hacking conference where cybersecurity community discusses important topics and works towards a more secure future.
  2. The right to repair movement is gaining traction and challenging monopolies on service and repair by big corporations, promoting a circular economy and enhancing security and privacy protections.
  3. Other discussions at DEF CON also focus on the importance of medical device repair and the need for patients to have the ability to modify and improve their own technology.

Dashboard Update: NIST Subcategories, MITRE Subtechniques and Mitigations

The Security Industry 30 implied HN points 20 Nov 24
🕹 Technology Cybersecurity
  1. The platform now includes detailed information on over 9,000 cybersecurity products, helping professionals match their needs with available solutions. Users can see how each product aligns with NIST and MITRE standards.
  2. Customers will soon be able to analyze their entire security stack, finding overlaps and gaps in their cybersecurity coverage. This feature will help them save costs and improve efficiency.
  3. Traditional research firms only cover a small fraction of the cybersecurity industry. By capturing detailed data on all products, this platform aims to provide a more comprehensive view of available options.

Correction: 2024 Cybersecurity Investments hit $16.1 Billion!

The Security Industry 25 implied HN points 03 Jan 25
🕹 Technology Cybersecurity
  1. In 2024, investments in cybersecurity reached an impressive $16.1 billion, which is a big jump of 60% from the previous year.
  2. A total of 432 cybersecurity companies received funding, with many rounds exceeding $100 million, showing strong interest in the industry.
  3. Looking ahead, experts believe that funding in 2025 could surpass 2024, indicating a growing demand for tech and security services.

Wars Within Wars: Deep State/Counter State, 4th Estate, AI & SPQR (Part Two)

Dr. Pippa's Pen & Podcast 27 implied HN points 02 Dec 24
🇺🇸 U.S. Politics Cybersecurity
  1. There are serious tensions between superpowers like Russia and China, and the situation is getting worse. This could lead to a major conflict if not carefully managed.
  2. The ongoing conflict in Ukraine is part of a larger narrative, and many people see it as a battle between good and evil. This mindset can justify extreme actions in war.
  3. Unidentified flying objects and threats to crucial internet cables highlight growing risks to national security. Both sides are making accusations, which adds to the uncertainty.

Getting to 4,000 Cybersecurity Vendors

The Security Industry 26 implied HN points 10 Dec 24
🕹 Technology Cybersecurity
  1. The number of cybersecurity vendors has increased significantly, from around 467 in 2003 to over 4,000 today. This shows how important cybersecurity has become over the years.
  2. Many early cybersecurity companies have disappeared, each with its own story, which highlights the changing landscape in the industry.
  3. There is a new wave of AI-focused security companies emerging, indicating trends and advancements in cybersecurity solutions.