The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

Microsoft Sentinel SOC 101: How to Detect and Mitigate Login Attempts Using Legacy Auth with Microsoft Sentinel

Rod’s Blog 119 implied HN points 24 Oct 23
🕹 Technology Security
  1. Legacy authentication poses a significant security risk as it makes it easier for attackers to compromise user accounts.
  2. Microsoft Entra ID recommends disabling legacy authentication to improve security.
  3. Microsoft Sentinel can help detect and mitigate login attempts using legacy authentication by analyzing sign-in logs, creating alerts, and taking appropriate actions.

Introducing ERC-8109 Diamonds, a Standard for Simpler Diamond Contracts

EIP-2535 Diamonds 7 implied HN points 31 Dec 25
🔮 Crypto Security
  1. Diamond contracts reduce on-chain complexity by exposing lots of functionality through a single address and breaking large systems into small, purpose-built facets that are easier to test, audit, and evolve.
  2. ERC-8109 simplifies and standardizes diamonds by clarifying terminology, requiring just two introspection functions, replacing the monolithic DiamondCut event with per-function events, and adding an optional, consistent upgrade function plus a clear upgrade path for existing diamonds.
  3. Compose is a practical library and tooling ecosystem that implements ERC-8109 ideas, providing reusable on-chain facets and deployment/testing tools to make building modular diamond systems straightforward for developers.

Agoda Universal MCP, Moltbook API Keys Leak, Radware + Pynt

The API Changelog 3 implied HN points 03 Feb 26
🕹 Technology Security
  1. APIs are shifting from fragmented, hand-wired integrations toward unified, AI-first ecosystems where machines can discover and use capabilities directly.
  2. That shift exposes serious security risks, as agent platforms and Model Context Protocol servers can leak API keys and sensitive data, so security needs to be built into the API lifecycle.
  3. APIs are becoming strategic infrastructure across industries — from finance and trading to robotics — enabling faster automation, compliance-by-design, and new AI-driven services.

A New Nuclear Role for Britain and France.

Comment is Freed 64 implied HN points 13 Jul 25
🌍 World Politics Security
  1. Britain and France are deepening their nuclear cooperation to enhance security for both nations and Europe. This means working together to better deter threats and coordinate their nuclear strategies.
  2. The recent agreement reflects concerns about global security, especially with uncertainties regarding the US's commitment to NATO. Both countries are worried about their safety and want to reinforce their positions.
  3. The Northwood Declaration builds on previous agreements and highlights a shared responsibility for European security, especially given the changing political landscape and challenges from neighbors.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

The DeFi Roundup (August 27, 2022)

DeFi Education 459 implied HN points 27 Aug 22
🔮 Crypto Security
  1. Chainlink and Aave, two important players in DeFi, shared some updates this week.
  2. There have been no major hacking incidents recently, suggesting a quieter time in crypto.
  3. Recent sanctions from Tornado Cash are still affecting the market's status.

Remote MCP is the key to secure and scalable AI for the enterprise

Dev Interrupted 46 implied HN points 21 Aug 25
🕹 Technology Security
  1. Moving from local Model Context Protocol (MCP) servers to remote ones can help keep sensitive data secure and manageable. This shift reduces security risks by limiting access points and providing a central control system.
  2. Using centralized agent gateways allows organizations to set strict permissions and guidelines for how AI tools interact. This helps maintain control and ensures that only trusted tools are used in the process.
  3. For large organizations, remote MCP servers are better suited for scaling AI solutions efficiently. They simplify complex tasks by letting managers pre-define toolsets, making it easier for AI agents to perform their jobs without user confusion.

A Turning Point

Diane Francis 559 implied HN points 28 Apr 22
🌍 World Politics Security
  1. Russia's war on Ukraine is now seen as a conflict against Europe and NATO. Many countries are joining together to support Ukraine in this struggle.
  2. The United States has committed significant military support to Ukraine. This shows stronger ties and alliances forming in response to the conflict.
  3. European countries, especially Germany and France, are stepping up their support for Ukraine. This unity among European nations is important for their collective security.

Issue #113

Infra Weekly Newsletter 13 implied HN points 09 Dec 25
🕹 Technology Security
  1. Ingress NGINX is being retired in favor of the Gateway API, so teams should plan and follow migration steps to switch to API Gateway.
  2. Infrastructure-as-Code best practices emphasize modular design, testing, and isolating dependencies; they also recommend safe update patterns like blue‑green deployments, cross-team collaboration, and secure, scalable provisioning.
  3. Linux 6.18 is the new LTS kernel and distributions like Alpine 3.23 are adopting it quickly, so operators should plan OS/kernel upgrades and test their stacks against this LTS.

November/December 2023 safety news: Weak-to-strong generalization, Superhuman concepts, Google-proof benchmark

AI safety takes 78 implied HN points 27 Dec 23
🕹 Technology Security
  1. Superhuman AI can use concepts beyond human knowledge, and we need to understand these concepts to supervise AI effectively.
  2. Transformers can generalize tasks differently based on the complexity and structure of the task, showing varying capabilities in different scenarios.
  3. Implementing preprocessing defenses like random input perturbations can be effective against jailbreaking attacks on large language models.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Brute Force Attacks with Microsoft Sentinel

Rod’s Blog 119 implied HN points 18 Sep 23
🕹 Technology Security
  1. Brute force attacks aim to exploit weak passwords by trying numerous combinations. Organizations must have robust security measures to detect and prevent these attacks effectively.
  2. To detect brute force attacks, organizations can use Microsoft Sentinel to collect and analyze security events. Creating analytic rules based on specific conditions helps in identifying potential attacks.
  3. Preventive measures like enforcing strong password policies, implementing account lockout policies, enabling multi-factor authentication, and monitoring logs are crucial in mitigating the risk of brute force attacks.

Oracle Manipulation: What You Need to Know

DeFi Education 599 implied HN points 10 Apr 22
🔮 Crypto Security
  1. Oracles are important because they bring outside data into blockchains, helping many DeFi services work properly. Without them, these services would struggle to function.
  2. Due to their importance, oracles can be targeted by hackers and exploiters who want to manipulate the prices or information they provide. This creates risks for all users relying on that data.
  3. Understanding how oracle manipulation works is crucial for anyone involved in DeFi. It helps you protect your investments and make informed decisions.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Inactive Account Sign-ins with Microsoft Sentinel

Rod’s Blog 59 implied HN points 05 Feb 24
🕹 Technology Security
  1. Microsoft Sentinel helps in detecting and mitigating inactive account sign-ins by collecting and analyzing sign-in logs from Microsoft Entra ID using the Kusto Query Language.
  2. To mitigate inactive account sign-ins, actions include investigating the source, blocking or disabling the account, resetting credentials, and educating users on security best practices.
  3. Best practices for managing inactive accounts in Microsoft Entra ID include defining a policy for account lifecycle, implementing provisioning and deprovisioning processes, monitoring account activity, and educating users.

The Monster AI, Security, and Wars That Come Home

God's Spies by Thomas Neuburger 80 implied HN points 06 Jun 25
🇺🇸 U.S. Politics Security
  1. AI is not just a technological advancement; it's driven by greed and will harm our political health and the environment. People are using AI without realizing the damage it causes.
  2. The security state in the U.S. is expanding its control under the guise of safety, which affects everyone. The focus is shifting towards monitoring thoughts and speech to prevent crime.
  3. The conflict abroad, especially in places like Gaza, can lead to violence and unrest at home. Understanding this connection is crucial as it shows the consequences of current U.S. policies.

The United States should silently cheer over Russia's invasion of Ukraine and a Chinese invasion of Taiwan

Bruce Fein's Pioneering Lyceum 117 implied HN points 16 Feb 23
🌍 World Politics Security
  1. Silently cheering over Russia's invasion of Ukraine and a Chinese invasion of Taiwan could make the United States safer.
  2. History shows that colonial conquests often lead to economic burdens and revolts, making them not worth the effort.
  3. Powerful countries like the United States should be cautious about seeking colonial conquests, as they may not bring the intended benefits.

Spy In The House Of Dumb

Everything's Broken 117 implied HN points 14 Apr 23
🇺🇸 U.S. Politics Security
  1. Be cautious with sharing classified information on public platforms like Discord.
  2. Consider the age and experience of individuals with access to sensitive information.
  3. Address the issue of assigning significant responsibilities to young individuals without proper oversight.

The Venezuela Crisis and Europe

John’s Substack 7 implied HN points 07 Jan 26
🌍 World Politics Security
  1. US policy toward Venezuela and its posturing over Greenland can directly affect European security and political alignments.
  2. How the US handles those two issues will influence Europe's strategic calculations and potential shifts in alliances.
  3. Ongoing public debates are examining these developments to clarify their consequences for European politics and stability.

How to Deploy Microsoft Sentinel Effectively

Rod’s Blog 59 implied HN points 01 Feb 24
🕹 Technology Security
  1. To get the most out of Microsoft Sentinel, organizations should carefully plan and prepare their deployment by assessing security needs and goals.
  2. Choosing the right subscription and pricing model is crucial for optimizing the benefits of Microsoft Sentinel, based on data requirements, user protection, and features needed.
  3. Effective management of Microsoft Sentinel involves monitoring data ingestion, leveraging AI and ML capabilities, automating workflows, and learning from security incidents and feedback.

Your security policies are terrible

Deploy Securely 58 implied HN points 31 Jan 24
🕹 Technology Security
  1. Most security policies are often stagnant 'check the box' artifacts.
  2. Lack of accountability in security policies can lead to unclear responsibilities.
  3. Writing security policies as (no-)code can help maintain updates and improve clarity of accountability.

Why ASML Matters

False Positive 38 HN points 21 Mar 24
💼 Business Security
  1. ASML, a Dutch company, holds a monopoly on creating the world's most advanced microchips through their EUV lithography systems.
  2. The control of ASML by the Netherlands provides a unique chokepoint power in global microchip production, impacting international trade and security.
  3. Despite its power, ASML faces limitations in leveraging its monopoly, as it is enmeshed in Western-dominated supply chains and complexities that restrict its options for challenging export controls.

Introducing TapToAuth: Bringing the Familiarity of Contactless Payments to Open Banking

Building The Future of Payments by Mike Kelly 59 implied HN points 24 Jan 24
🕹 Technology Security
  1. TapToAuth combines contactless payments with the advantages of open banking, offering a new, secure, and cost-effective solution.
  2. This innovation minimizes fraud, reduces digital payment costs by enabling instant fund transfers, and enhances security with a cryptographically secured NFC protocol.
  3. TapToAuth not only provides a seamless customer experience but also integrates loyalty programs and digital receipts, transforming every transaction into an engagement opportunity for retailers.

Three Key Findings Every School Should Know from DOJ Report on Uvalde

School Shooting Data Analysis and Reports 59 implied HN points 24 Jan 24
🚌 Education Security
  1. During a school shooting, hiding in locked classrooms may not be effective as bullets can easily penetrate walls. It is safer for students and staff to evacuate quickly and get far away from the danger.
  2. Having reliable wifi coverage on campus is crucial for emergency alerts to reach all staff and teachers during a crisis. Depending on personal phones and apps may not be dependable under stress.
  3. Collaboration with the community is vital for creating safe evacuation plans during emergencies. Neighbors, businesses, and community leaders should be involved to support rapid evacuations and ensure a safe environment for students.

($) Stargate is America’s Sovereign AI

Interconnected 138 implied HN points 22 Jan 25
🕹 Technology Security
  1. Stargate is seen as a key AI technology for America, focusing on improving national capabilities. It aims to make the U.S. more self-sufficient in AI development.
  2. The project emphasizes the importance of sovereign technology, meaning that the U.S. can control and utilize its own AI resources without relying heavily on foreign technologies.
  3. Community support and subscriptions play a crucial role in sharing insights about such technologies, encouraging more people to get involved and informed.

Zelensky’s 'Victory Plan' is a sign of defeat

Aaron Mate 200 implied HN points 21 Oct 24
🌍 World Politics Security
  1. Zelensky warned that some Western countries wanted a long war in Ukraine, even if it meant Ukraine could suffer severely.
  2. He chose to ignore this warning and sided with Western leaders who pushed for ongoing fighting instead of peace.
  3. Now, Zelensky seems to be facing the consequences of that choice, feeling abandoned by those same allies he listened to.

TechLetters #159 Light sensor privacy leaks; Data leaks from LLM uses; Cybersecurity plans of a potential US 2025 White House

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique 58 implied HN points 22 Jan 24
🕹 Technology Security
  1. Data leaks from AI/LLM systems, affecting devices like iPhones
  2. Cybersecurity plans for potential future US 2025 White House President include integrating cyber and electronic warfare capabilities
  3. Risk of privacy leaks from ambient light sensors validated by research, emphasizing the need for safe configurations

Substack Live coming up in half an hour!

Daniel Pinchbeck’s Newsletter 2 implied HN points 06 Feb 26
🔮 Crypto Security
  1. There’s a Substack Live event today at 2 pm EST featuring David Z. Morris.
  2. David Z. Morris is an investigative technology and finance journalist and the author of Stealing the Future, and he’s known for exposing major crypto and corporate frauds and for creating the Crypto Crooks podcast.
  3. Liminal News is reader-supported and is asking readers to subscribe to receive new posts and support the work.

Why security is a bad business

Frankly Speaking 457 implied HN points 07 Dec 23
💼 Business Security
  1. Cybersecurity industry is highly competitive and fragmented.
  2. Investment in cybersecurity is driven by the prevalence of technology and evolving threats.
  3. Developing security for technology typically happens after its success and use cases are known.

Microsoft Sentinel SOC 101: How to Detect and Mitigate a VIP Account that has Multiple Failed Logons within a Threshold with Microsoft Sentinel

Rod’s Blog 99 implied HN points 17 Oct 23
🕹 Technology Security
  1. Microsoft Sentinel helps in detecting and mitigating brute-force attacks on VIP accounts, which are high-level privileged user accounts in organizations.
  2. Brute-force attacks involve trying multiple passwords to gain unauthorized access to accounts or systems, making VIP accounts attractive targets.
  3. Organizations can use Microsoft Sentinel to set thresholds for failed logon attempts, create custom detection rules, investigate alerts triggered by VIP accounts, and take necessary response actions.

JJM vs. Kishore Mahbubani

John’s Substack 5 implied HN points 15 Jan 26
🌍 World Politics Security
  1. John J. Mearsheimer and Kishore Mahbubani appeared together on Tom Switzer’s podcast "Switzerland" on December 21, 2025.
  2. They focused on the rise of China and debated how the United States should respond to that challenge.
  3. They also covered a range of other geopolitical issues, speaking as friends and intellectual rivals.

Iran Update

The Cosmopolitan Globalist 5 implied HN points 09 Jan 26
🌍 World Politics Security
  1. A nationwide wave of protests has spread to all provinces, starting in Tehran’s bazaar over a collapsing currency and rising food prices but quickly turning into broad anger at the clerical regime with people from many walks of life joining in.
  2. The government has moved to crush the unrest with brutal repression — dozens reported killed, thousands arrested, crackdowns in markets and hospitals, and a near-total internet blackout — highlighting a deep legitimacy crisis even without a single coherent leadership.
  3. International responses are mostly rhetorical warnings and condemnations while Iranian leaders insist protesters are foreign-backed; opposition figures have urged people onto the streets and parts of the financial sector appear sympathetic, but decisive outside action remains unclear.

Mastermind: Gary Kasparov on the Global Leadership Vacuum

The Octavian Report 8 implied HN points 23 Dec 25
🌍 World Politics Security
  1. There is a global leadership vacuum and short-term politics are weakening democracies and international institutions, which lets extremists and rivals gain influence.
  2. Authoritarian leaders operate like poker players, using secrecy, chaos, corruption, and tactical provocations to undermine NATO, the EU, and democratic norms instead of playing a transparent long-term game.
  3. The remedy is strong, early deterrence and renewed American-led moral and strategic leadership with long-term planning, because if leaders don’t act the vacuum will be filled by hostile actors.

Risky Business: Ian Bremmer on Political Risk, Russia, North Korea, and Trump

The Octavian Report 8 implied HN points 23 Dec 25
🌍 World Politics Security
  1. Political risk is now the primary global uncertainty, with higher chances of direct military clashes between major powers and a broader geopolitical slowdown.
  2. The current U.S. presidency increases unpredictability and erodes traditional guardrails, raising the risk of accidental conflicts while also making unusual diplomatic outcomes, like a deal with North Korea, more conceivable.
  3. Cyber attacks and other non-nuclear threats are growing and hard to deter or attribute, and the old rules-based global order is fragmenting into more regional, thematic, or multi-stakeholder systems.

Coming soon

Identity, Authenticity, and Security 19 implied HN points 18 May 24
🕹 Technology Security
  1. This newsletter focuses on modern system design, especially around identity and security.
  2. It's suited for anyone wanting to learn, whether you're a beginner or looking to grow in your career.
  3. The goal is to provide useful resources to help you understand and improve your knowledge in these areas.

Xmas Eve with The Judge

John’s Substack 8 implied HN points 24 Dec 25
🌍 World Politics Security
  1. Free speech is eroding across Western countries and that decline is presented as a serious threat to democratic life.
  2. There are signs of a renewed aggressive U.S. foreign policy — from talk of annexing Greenland to harsher actions in Cuba and Venezuela and risky naval moves that could provoke China.
  3. Tensions over Israel are growing both inside the Republican Party and between leaders, with claims like Trump being labeled the "first Jewish president" and pressure from Netanyahu to attack Iran raising the risk of new Middle East conflict.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Malware Attacks with Microsoft Sentinel

Rod’s Blog 99 implied HN points 20 Sep 23
🕹 Technology Security
  1. Malware attacks can result in data breaches, financial losses, and damage to an organization's reputation, underscoring the importance of robust security measures and tools like Microsoft Sentinel.
  2. Microsoft Sentinel offers customizable anomaly detection and User and Entity Behavior Analytics (UEBA) anomalies to identify and respond to potential threats effectively without complex tuning.
  3. Threat intelligence integration, data connectors, and built-in analytics rule templates in Microsoft Sentinel help organizations import, centralize, and leverage threat indicators to proactively detect and respond to malware attacks.

Polish Railway Sabotage on the Cheap

Natto Thoughts 99 implied HN points 15 Sep 23
🌍 World Politics Security
  1. Recent disruptions in Poland's train system raise concerns about the vulnerability of critical infrastructures.
  2. There is suspicion of amateurish sabotage involving the activation of emergency brakes on trains in Poland, highlighting system vulnerabilities.
  3. The incidents on Polish railroads underscore the importance of digital system transitions to enhance security and prevent potential threats.

Imperial And China

Surfing the Future 39 implied HN points 06 Mar 24
🌍 World Politics Security
  1. Geopolitical trends will impact the sustainability revolution, causing controversy as the sector grows.
  2. China's focus on solar cells, lithium-ion batteries, and EVs is reshaping the sustainability sector's priorities.
  3. Collaboration between scientists and companies linked to China's military is now raising concerns compared to the past.

Marjorie Taylor Greene shakes confidence in Darwin's theory of evolution

Bruce Fein's Pioneering Lyceum 98 implied HN points 14 Feb 23
🇺🇸 U.S. Politics Security
  1. Marjorie Taylor Greene's controversial statements shake confidence in Darwin's theory of evolution
  2. Comparison between Marjorie Taylor Greene and historical figures like James Madison shows a decline in intellectual capacity
  3. Greene's outlandish claims, including denial of historical events, demonstrate a concerning trend in Congress and society

The future of APIs is promising and bleak

microapis.io 58 implied HN points 11 Jan 24
🕹 Technology Security
  1. The way APIs are built today makes them pervasive, but we still struggle to work effectively with them.
  2. Improving API development involves focusing on accountability and security.
  3. For better APIs, focus on clear specifications, formal documentation, and rigorous security testing.

The War on Terror and the everyday infrastructure of oblivion

Wars Of Future Past 98 implied HN points 20 Mar 23
🌍 World Politics Security
  1. Cars, which are part of our daily lives, can also be turned into deadly weapons like car bombs.
  2. The book 'Buda's Wagon' delves into the history and evolution of car bombs, showing how they have been used as tools of asymmetrical warfare.
  3. The use of car bombs highlights the intersection of everyday technologies with violent intentions, shaping the tactics of conflicts and the consequences of warfare.