The hottest Cybersecurity Substack posts right now

And their main takeaways
Category
Top Technology Topics

MITRE ATT&CK

Barn Lab 0 implied HN points 18 May 23
🕹 Technology Cybersecurity
  1. Disseminating cybersecurity knowledge is important but can also be risky.
  2. MITRE ATT&CK is a valuable resource for understanding cybersecurity threats and defenses.
  3. The MITRE ATT&CK matrix provides detailed information on adversary behaviors and techniques.

Risky Biz News: Almost 9 million Android phones sold pre-infected with malware

Risky Business News 0 implied HN points 22 May 23
🕹 Technology Cybersecurity
  1. A cybercrime group named Lemon Group has pre-installed malware in almost 9 million Android devices, planting it inside the firmware.
  2. The Lemon Group's malware, known as Guerrilla, is hidden inside the Zygote process and can download plugins for various malicious activities.
  3. The lack of security practices in the Android OEM ecosystem and the presence of pre-installed malware highlight the risk of buying low-cost devices from unknown vendors.

G-Men Gone Wild

Seriously Risky Business 0 implied HN points 25 May 23
🕹 Technology Cybersecurity
  1. The FBI's misuse of Section 702 data is causing concerns about its renewal before expiration.
  2. Section 702 allows US intelligence agencies to conduct targeted surveillance of foreigners internationally.
  3. Recent updates by the FBI aim to reduce improper database queries and protect US citizens' privacy.

Risky Biz News: New Chinese APT attacks US critical infrastructure

Risky Business News 0 implied HN points 26 May 23
🕹 Technology Cybersecurity
  1. New Chinese APT group Volt Typhoon detected targeting US critical infrastructure with stealth techniques.
  2. Recent focus of Chinese APTs on stealth operations explained by pressure to avoid detection due to increased scrutiny.
  3. Breaches and hacks include Chinese cyber-spies targeting Kenyan government, crypto-heists, and exit scams affecting investors.

Risky Biz News: Move aside RowHammer, the RowPress attack is here

Risky Business News 0 implied HN points 28 Jun 23
🕹 Technology Cybersecurity
  1. A new memory attack named RowPress has been discovered as an alternative to RowHammer, making DRAM chips vulnerable.
  2. Software-level mitigations can help protect against the RowPress attack by limiting the time a memory row can stay open.
  3. Various notable breaches, hacks, and incidents have occurred recently, emphasizing the ongoing importance of cybersecurity measures and vigilance.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Risky Biz News: US and Canada warn of new Truebot malware variant

Risky Business News 0 implied HN points 07 Jul 23
🕹 Technology Cybersecurity
  1. US and Canada issue joint security alert about new Truebot malware variant being spread through phishing campaigns
  2. Cybersecurity incidents include ransomware attack on Japan's largest cargo port, DDoS attack on Russian railway company, and data leak of Indonesian passports
  3. Privacy concerns arise with inability to delete Instagram Threads account and secret blocklist feature in Firefox

BITCOIN IS (possibly) BEING 51% ATTACKED

muk’s Newsletter 0 implied HN points 16 Sep 23
🕹 Technology Cybersecurity
  1. Bitcoin may be under a possible 51% attack, which can provide attackers with the power to reverse transactions and control block production.
  2. Understanding the basics of Nakamoto Consensus helps in comprehending the vulnerability to 51% attacks in Bitcoin and the importance of hashpower in the network.
  3. A 51% attacker can aim to gain 100% control over block rewards by manipulating block production and slowly squeezing out other miners, posing a threat to the open nature of the network.

Stuff for the Stash, May-June

INT3 / Low-level Cybersecurity 0 implied HN points 30 Jun 23
🕹 Technology Cybersecurity
  1. The post highlights articles and tools covering a wide range of topics related to cybersecurity.
  2. There are informative papers and vulnerabilities discussed, including topics on firmware, AI, and vehicle security.
  3. Various tools and resources are shared, such as scripts for reversing firmware and a fast packet network scanner.

Risky Biz News: Let's revisit the Ivanti Connect Secure clusterfudge

Risky Business News 0 implied HN points 02 Feb 24
🕹 Technology Cybersecurity
  1. Ivanti disclosed two zero-day vulnerabilities in its Connect Secure VPN appliance, leading to exploitation by threat actors.
  2. Security firm Volexity linked the attacks to a Chinese cyber-espionage group, influencing hundreds of infected devices globally.
  3. Malware names like GLASSTOKEN, GIFTEDVISITOR, BUSHWALK were found on infected devices, leading to the mass exploitation phase.

Risky Biz News: Brazilian police arrest Grandoreiro malware gang

Risky Business News 0 implied HN points 31 Jan 24
🕹 Technology Cybersecurity
  1. Brazilian police arrested members of the Grandoreiro malware gang, known for stealing millions from bank customers in Brazil, Mexico, and Spain.
  2. Ukraine's GUR conducted a hack wiping 60TB of data from Russian company IPL Consulting and worked to cripple Akado-Telekom infrastructure.
  3. Various cybersecurity incidents, including crypto-heists, ransomware attacks on companies like Schneider Electric, Romanian government, and details on malware strains like Trigona and Ermac.

Risky Biz News: SVR hackers also breached HPE

Risky Business News 0 implied HN points 26 Jan 24
🕹 Technology Cybersecurity
  1. HPE and Microsoft faced breaches by the same Russian state-sponsored hacking group, highlighting the ongoing cyber threats to tech giants.
  2. SEC's new breach disclosure rules are leading to faster reporting of incidents and more detailed disclosures from affected companies, changing the cybersecurity landscape.
  3. Various new cybersecurity incidents and threats, including DDoS attacks, ransomware incidents, and insider threats, continue to impact organizations globally.

Risky Biz News: Congress considers making CSRB permanent and more independent and transparent

Risky Business News 0 implied HN points 19 Jan 24
🕹 Technology Cybersecurity
  1. Congress is considering making the CSRB permanent and more independent and transparent for cybersecurity issues.
  2. Various cybersecurity incidents occurred, such as DDoS attacks in Switzerland and cyberattacks on companies like Kyivstar.
  3. Important developments include new Samsung phones promising 7 years of security updates and Google updating Chrome Incognito Mode text.

Risky Biz News: Cybercrime crew infects 172,000 smart TVs and set-top boxes

Risky Business News 0 implied HN points 17 Jan 24
🕹 Technology Cybersecurity
  1. A cybercrime group infected 172,000 smart TVs and set-top boxes to carry out DDoS attacks.
  2. Bigpanzi botnet targeted Spanish and Portuguese-speaking users by spreading malware through social engineering.
  3. The security industry faces challenges like unpatched vulnerabilities in SonicWall firewalls and sophisticated malware targeting various platforms.

Risky Biz News: Turkish APT group Sea Turtle returns

Risky Business News 0 implied HN points 08 Jan 24
🕹 Technology Cybersecurity
  1. Hackers associated with the Turkish government in the Sea Turtle group have resumed cyber-espionage operations targeting governments and IT service providers.
  2. Recent cyber incidents include Russian hackers targeting Ukraine, hacks in the telecom sector, and cyberattacks on US museums and crypto platforms.
  3. New malware discoveries, ransomware attacks, and cybercrime incidents underscore the importance of strong passwords, security updates, and vigilance against cyber threats.

US Data Dumpster Fire Singes NSA

Seriously Risky Business 0 implied HN points 01 Feb 24
🕹 Technology Cybersecurity
  1. US Senator Ron Wyden is pushing to stop US intelligence agencies from buying Americans' personal data obtained illegally by data brokers.
  2. The NSA does not buy location data from phones or vehicles in the US, focusing on data related to cybersecurity missions.
  3. Election interference tactics continue to evolve, with the PRC using AI avatars, fake documents, and leaked information to influence outcomes.

PRC: Not Stealthy, Just Annoying

Seriously Risky Business 0 implied HN points 18 Jan 24
🕹 Technology Cybersecurity
  1. Chinese cyber espionage groups are using techniques that make detection and eviction difficult, targeting end-of-life devices for botnet operations.
  2. The FTC's settlement with a data broker over the sale of sensitive location data highlights the need for stronger data privacy laws in the US.
  3. US cyber security efforts show promise with expectations for more disruption operations, potential removal of degree requirements, and positive reviews for cyber diplomats.

Russia's Cyber War Gets Smarter… And Dumber

Seriously Risky Business 0 implied HN points 11 Jan 24
🕹 Technology Cybersecurity
  1. Russia's cyber activities in Ukraine are a mix of smart surveillance techniques and flashy, but counterproductive, destructive operations.
  2. Although a recent cyber attack by Russia on Kyivstar caused widespread disruption, it ultimately resulted in short-lived impact and missed potential intelligence gains.
  3. Israeli cyber operations, like the Predatory Sparrow attacks in Iran, aim to send warnings but may not be effective in the current high-conflict environment.

Volt Typhoon: Keep Calm and Carry On

Seriously Risky Business 0 implied HN points 08 Feb 24
🕹 Technology Cybersecurity
  1. US faces cybersecurity threat from Chinese group Volt Typhoon targeting critical infrastructure
  2. US government took action to disrupt botnet used by Volt Typhoon for command and control
  3. CISA issued emergency directive for federal agencies to disconnect Ivanti VPN products due to exploitation by UTA0178 group

Announcing Amanita Security

INT3 / Low-level Cybersecurity 0 implied HN points 14 Feb 24
💼 Business Cybersecurity
  1. Amanita Security is a new cybersecurity company focused on assisting product manufacturers with improved security measures and compliance with new regulations.
  2. Manufacturers are expected to undergo a shift towards enhanced cybersecurity due to evolving regulations and the need for secure products from circuit board to cloud.
  3. Future articles on INT3 will be released on the Amanita Security website, focusing initially on European cybersecurity regulations and technical topics, with an invitation for topic suggestions from readers.

Alert: Central Bank of Nigeria Circular OFI/DOA/CON/ACT/004/155

RegAlert 0 implied HN points 29 Jun 22
💰 Finance Cybersecurity
  1. The Central Bank of Nigeria issued a circular requiring other financial institutions in Nigeria to enhance their cybersecurity defenses and adhere to the provided Risk-Based Cybersecurity Framework and Guidelines by January 1, 2023.
  2. This circular emphasizes the importance of strengthening cyber defenses in financial institutions to mitigate risks and ensure a more secure environment against cyber threats.
  3. Compliance with the Risk-Based Cybersecurity Framework and Guidelines is crucial for OFIs in Nigeria to safeguard their systems and data from cyber vulnerabilities.