The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

TechLetters #134 cyberattack on WATER TREATMENT. GDPR reform. Competition authorities enforcement GDPR. France considers social network shutdown during unrest. Avast collects/sells customer data, and?

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique 19 implied HN points 10 Jul 23
🕹 Technology Security Privacy Technology Policy Generative AI
  1. Cybersecurity incidents on critical infrastructure are a major concern globally
  2. Proposed GDPR reforms aim to enhance enforcement mechanisms and transparency
  3. Countries are implementing stricter regulations to protect data privacy and crack down on unethical data practices

TechLetters #137 - AMD, TETRA bugs. USB stick of DOOM strikes again. China's cyberoperations. Another confirmation: filter bubbles/echo chambers DO NOT EXIST. LK99?

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique 19 implied HN points 31 Jul 23
🕹 Technology Security Technology Policy Other
  1. Security issues with AMD processors and TETRA radio systems were highlighted.
  2. Beware of USB devices that can potentially hack systems and lead to data theft.
  3. Research suggests that filter bubbles and echo chambers may not have the profound impact on opinions as previously believed.

TechLetters #132 GDPR fine for Criteo. Artificial Intelligence Act lobbying. In-game malware. processors leaking private data.

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique 19 implied HN points 26 Jun 23
🕹 Technology Security Privacy Technology Policy
  1. Malware was found in a Mario Bros game installer, which steals user data.
  2. Privacy leaks are occurring via processors, allowing websites to steal browsing history.
  3. Criteo received a €40M GDPR fine for not verifying if people had given consent for their data processing.

Large language models in security

Davis Treybig 19 implied HN points 15 Apr 23
🕹 Technology Security AI Analysis Automation Data
  1. Large language models (LLMs) are being used in security for tasks like logs analysis and incident response.
  2. LLMs are changing the landscape of traditional static analysis tools in cloud and application security.
  3. LLMs have the potential to automate processes like vendor security questionnaires and enhance engineer-oriented security workflows.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

AImagine: Pioneering Hyperrealistic AI Image Generation

CodeLink’s Substack 19 implied HN points 18 May 23
🕹 Technology AI Image Generation DevOps Security Privacy
  1. AI technology is revolutionizing image generation and manipulation, offering new creative possibilities and demand
  2. AImagine app by CodeLink stands out for its hyperrealistic results and high level of customization in generating unique images
  3. Utilizing innovative technologies like the stable diffusion model, Flutter, and Python, AImagine offers a seamless user experience and efficient server-side processing

Getting IBM X-Force Exchange Threat Intelligence TAXII Service Information for Use with Microsoft Sentinel

Rod’s Blog 19 implied HN points 11 Apr 23
🕹 Technology Security Software Data
  1. To access IBM X-Force Exchange Threat Intelligence for Microsoft Sentinel, get an account at exchange.xforce.ibmcloud.com and retrieve API key and password.
  2. Once you have the API info, input it in the provided areas on the IBM X-Force Exchange API Docs page.
  3. To use the Threat Intelligence - TAXII connector in Microsoft Sentinel, provide your API information and use a Curl utility to show available Collection IDs.

Finnish news recap, week 15: 24 questions edition

Ahpocalypse Now 19 implied HN points 18 Apr 23
🌍 World Politics Government Foreign Policy Security Autonomy Leadership
  1. The government formation process in Finland involves sending 24 questions to other parties to find potential partners.
  2. The Åland demilitarization issue is a long-standing and complex topic due to historical conflicts between nations.
  3. Political leadership changes are happening in Finland, including resignations and potential successors being discussed.

Must Learn KQL Part 20: Building Your First Microsoft Sentinel Analytics Rule

Rod’s Blog 19 implied HN points 31 May 23
🕹 Technology Data Analysis Security
  1. Understanding the Kusto Query Language (KQL) is essential for utilizing tools like Microsoft Sentinel to monitor security and detect threats.
  2. Building your first Microsoft Sentinel Analytics Rule involves filtering data, summarizing information, and assigning entities for investigations.
  3. Creating a Watchlist in Microsoft Sentinel can enhance the intelligence of your KQL query by filtering out trusted users and capturing potential threats more accurately.

Pinduoduo: When Business Success Comes with Hacking

Natto Thoughts 19 implied HN points 26 May 23
💼 Business Technology Security E-commerce Ethics International
  1. Pinduoduo allegedly had a hacking team that exploited vulnerabilities in Android systems to gather user data and influence user behavior for profit.
  2. The head of security at Pinduoduo, a genius hacker, was dismissed for refusing to conduct hacking attacks, showcasing ethical principles in the face of company pressure.
  3. Pinduoduo's growth model involved combining social commerce with exploiting mobile vulnerabilities, leading to rapid success and potential security concerns, especially as team members moved to its subsidiary Temu.

Getting Responses to Questions from Azure Open AI ChatGPT in a CMD Window

Rod’s Blog 19 implied HN points 19 Apr 23
🕹 Technology AI Python Security Coding
  1. The author has been exploring Azure Open AI ChatGPT and its security implications, highlighting the importance of understanding security when implementing new technologies.
  2. A simple command-line Chatbot utilizing external files for configuration data and questions was created to demonstrate the possibilities with Azure Open AI ChatGPT.
  3. To use the command-line Chatbot, access to Azure Open AI, Python, and specific Python libraries is required.

apidays Paris, Cerve Food API $4.4M, Traefik AI Gateway

The API Changelog 1 implied HN point 11 Dec 24
🕹 Technology APIs AI Fintech Security Conferences
  1. The apidays conference in Paris brought together many people to share ideas about APIs. It had various tracks on important topics like security and design.
  2. Several companies are launching new APIs to make processes easier, such as identity management and payment systems. These updates enhance personalization and efficiency for businesses.
  3. AI advancements are being integrated into different products, with companies like Amazon and GitHub making tools to simplify coding and deployment. This makes it easier for developers to work with cloud technologies.

The Danger We Face

The Cosmopolitan Globalist 18 implied HN points 24 Jan 24
🌍 World Politics Global Affairs Diplomacy Security International relations National Security
  1. American deterrence has eroded, leading to catastrophic implications like a potential surprise nuclear attack from North Korea.
  2. The media's limited focus on foreign events, particularly in regions like Ukraine, can lead to critical foreign policy mistakes and erode global security.
  3. The importance of maintaining a strong deterrence and supporting allies like Ukraine to prevent further escalation and potential world war.

Connecting Azure Active Directory to Microsoft Sentinel Through the Diagnostic Setting

Rod’s Blog 19 implied HN points 24 Jan 23
🕹 Technology Azure Security Integration
  1. Having trouble connecting Azure Active Directory to Microsoft Sentinel? Use the Azure Active Directory Diagnostic Setting as an alternative.
  2. When facing problems enabling the Azure Active Directory connector in Microsoft Sentinel, consider creating or editing a Diagnostic Setting.
  3. If affected by connecting issues, open a ticket to help ensure quicker resolution.

A tale of iCloud account recovery

Kamil’s Substack 3 HN points 14 May 24
🕹 Technology Security Privacy Authentication Payment processing Digital Identity
  1. During iCloud account recovery, you may be asked for credit card details that are actually verified by running a charge, causing issues even with correct information.
  2. Securing your own email account can involve user-controlled methods like two-factor authentication with a physical token, whereas iCloud's security measures are more restrictive and dictated by the service provider.
  3. Recovering an iCloud account might involve providing credit card details, which are tested by running a transaction, leading to potential issues if the card details change.

Receive an Email Notification Each Morning with the List of Daily Microsoft Sentinel Incidents Created

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Email Automation Security Incident Management
  1. Receive an email notification each morning with the list of daily Microsoft Sentinel incidents created.
  2. The Logic App provided automates the process of checking and compiling incident details for easy access.
  3. Customize the email notification further by filtering incidents based on severity levels for more targeted updates.

Viewing Microsoft Sentinel Rules with MITRE Tactics Directly in Excel

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Security Data Management Software Microsoft
  1. Known options for viewing Microsoft Sentinel rules with MITRE tactics include the MITRE ATT&CK Workbook, the MITRE ATT&CK Blade, Threat Analysis & Response Solution, and the Sentinel REST API.
  2. A lesser-known trick is to view the list directly in Excel by accessing a .csv file on the Microsoft Sentinel GitHub repository and importing it into Excel.
  3. By following simple steps, you can leverage Microsoft Excel to analyze and manipulate the Microsoft Sentinel rules and MITRE tactics data.

Building Microsoft Sentinel Incident Tasks Recipes

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Security Cloud Computing
  1. Microsoft Sentinel Incident Tasks allow organizations to create a documented set of methods to handle different security events, enhancing team efficiency and ensuring critical steps are not missed.
  2. While tools like SOC Process Framework or Incident Response Playbooks provide guidance, security teams need to customize the approach based on specific scenarios and individual environments.
  3. GitHub repository for Microsoft Sentinel Incident Tasks Recipes is available for collaboration and sharing additional guidance on investigating and developing tasks.

Building Your Own Potential Malicious Events Heatmap for Microsoft Sentinel

Rod’s Blog 19 implied HN points 09 Jan 23
🕹 Technology Security Software
  1. Some organizations miss the heatmap feature in Microsoft Sentinel, and you can create your own version
  2. To create your heatmap, you need to create a new Workbook in Microsoft Sentinel, add a query module, input the code, and adjust map settings
  3. While the new heatmap may not be exact, it serves as a starting point and can be further customized to match your needs

There is no secure software supply-chain

On Engineering 44 implied HN points 12 Apr 23
🕹 Technology Security Open Source Cybersecurity
  1. The security of open source software is under threat due to a lack of reliable maintainers, leading to compromised secure software supply chains.
  2. Supply-chain attacks, like the SolarWinds attack, can have massive impacts on government agencies and organizations by compromising dependencies in software.
  3. Incentivizing open source maintainers with money may not always be the best solution; allocating real engineering time and resources to contribute and support open source projects can help maintain software reliability and security.

Threat Model

Reboot 21 implied HN points 18 Nov 23
🕹 Technology Privacy Security Internet Surveillance Digital ethics
  1. In the age of the internet, it's challenging to disappear in America due to the digital footprint left by basic needs like addresses, bank cards, and online accounts.
  2. There is a small community of tech-savvy individuals focused on extreme privacy, using specialized tools like privacy-focused operating systems, encrypted communication, and anonymous browsing.
  3. Extreme privacy can be isolating and exhausting, leading to a constant balance between the desire for privacy and the inherent risks and limitations of disappearing from the public eye.

Go fix your bugs

Basta’s Notes 40 implied HN points 04 May 23
🕹 Technology Coding Security Performance Validation
  1. Always validate the types of values your API accepts to prevent potential security vulnerabilities.
  2. Be cautious with regular expressions to avoid performance issues like ReDoS (Regular Expression Denial of Service).
  3. Check and handle subdomains and domain name validation to prevent unexpected bugs or failures in your application.

Think Like a Detection Engineer, Pt. 2: Rule Writing

Detection at Scale 39 implied HN points 25 Jul 22
🕹 Technology Security Software Development Testing Alerts Automation
  1. Analyzing security data effectively involves identifying and flagging bad behaviors near high-risk assets.
  2. Writing rules based on observed attacker techniques and behaviors allows for a clear path to action in response to detected threats.
  3. Testing rules through phases like unit testing, backtesting, staging, and production helps refine and ensure alert accuracy before implementation.

People, ideas, machines VII: 'The Wizard War' - lessons on technology, intelligence & organisation from World War II

Dominic Cummings substack 12 implied HN points 23 Feb 24
🌍 World Politics Intelligence Technology Organization Security Regulation
  1. RV Jones's memoir 'The Wizard War' from World War II offers lessons on technology, intelligence, and organization that are relevant today.
  2. The story highlights the importance of duty and public service in leadership roles, emphasizing the need for purpose and service over self-seeking easement.
  3. The blog post discusses significant issues like rot in nuclear weapon infrastructure, failures in Westminster over Ukraine, and the importance of security in technology, urging for better collaboration and regulation.

Lobster long-read #1: A short history of unlocking things

Design Lobster 119 implied HN points 12 Nov 20
🕹 Technology Privacy Security Internet Data Digital
  1. Locks have evolved over time, from simple mechanisms like holes in doors to more complex designs with pins and tumblers, highlighting the importance of privacy and security in history.
  2. The mental model of a lock, where a key unlocks a 'private' space, is now applied to digital privacy, but the reality is that we entrust our digital possessions to third parties online.
  3. An alternative paradigm for online privacy involves incorporating detection mechanisms, like Apple's iOS alerts, to make visible the handling of our digital data by third parties and promote transparency.

How Big is the Threat?

Diane Francis 119 implied HN points 13 Jan 21
🇺🇸 U.S. Politics Domestic Terrorism Intelligence Security Political violence Government Regulation
  1. There's a serious threat of domestic terrorism in America, and the size and nature of this threat are not well understood. This creates risks for public events, like the Inauguration.
  2. Many political and security experts suggest that America needs better laws to track and manage domestic terrorism, similar to what other countries have in place.
  3. The infiltration of extremist groups into law enforcement poses additional challenges. This complicates the ability to effectively monitor and respond to these threats.

10,000 Cybersecurity Products

The Security Industry 11 implied HN points 11 Mar 24
🕹 Technology Cybersecurity Products Vendors IT Security
  1. The cybersecurity industry has over 10,000 products from almost 4,000 vendors, making product discovery and purchasing complex.
  2. The approach to buying cybersecurity products differs from other tech areas due to the constant evolution of threat actors, leading to a wide range of products.
  3. Gartner, a key player in cybersecurity product evaluation, covers only a small percentage of the total number of products available, leaving gaps for buyers seeking specialized solutions.

Today’s Top 5 HN posts

Top 5 HN Posts of the day 2 HN points 26 May 24
🕹 Technology Security Programming Development Open Source Remote Jobs
  1. Cloudflare took down a site demanding $120k within 24 hours - a shocking story that highlights issues with online service providers.
  2. Home Assistant is being used for protection against missile and drone attacks - showing the diverse applications of technology for security purposes.
  3. Hurl, an Exceptional Language, is a topic of interest on HackerNews - showcasing the community's curiosity about new programming languages and tools.

Blockchain: Fad or future?

A Bit Gamey 27 implied HN points 30 Jul 23
🕹 Technology Blockchain Cryptocurrencies Applications Security Future
  1. Blockchain is a secure and tamper-proof way of storing information through a distributed database.
  2. Blockchain has diverse uses beyond cryptocurrencies, including financial transactions, supply chain management, healthcare, voting, and intellectual property.
  3. The future of blockchain involves potential applications like smart contracts, decentralized applications, IoT security, and government transparency, indicating it's more than just a passing trend.