The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

Introducing the Restaurant Booking API

microapis.io 98 implied HN points 24 Mar 23
🕹 Technology Security
  1. The post introduces the Restaurant Booking API series with educational tutorials and practical examples.
  2. The API will cater to customers and restaurant owners, allowing tasks like booking tables and managing menus.
  3. Key URL paths in the API include '/restaurants', '/owners', and '/customers', with detailed functionalities for each.

Frame AI risk using the NIST RMF

Deploy Securely 98 implied HN points 09 Jun 23
🕹 Technology Security
  1. The NIST AI Risk Management Framework provides a governance, risk, and compliance framework for artificial intelligence.
  2. The document highlights the challenges in AI risk management, including identifying and cataloging risks, emergent risks, and availability of reliable metrics.
  3. The criteria to evaluate AI systems include validity, safety, security, accountability, transparency, privacy, and fairness in managing harmful bias.

Third-Party Security Risks

Rod’s Blog 39 implied HN points 04 Mar 24
🕹 Technology Security
  1. In the interconnected business landscape, managing third-party risks is crucial to protect sensitive information. Careful vendor selection, effective risk management strategies, and strong contracts can help minimize risks.
  2. Third-party risks can lead to severe consequences like financial losses, legal liabilities, reputation damage, and regulatory penalties. This highlights the importance of proactively addressing these risks.
  3. Common types of third-party risks include data breaches, system compromises, non-compliance with regulations, and supply chain disruptions. Understanding and mitigating these risks are key for organizational security.

Europe's Troubles Are Just Begining

John’s Substack 10 implied HN points 10 Dec 25
🌍 World Politics Security
  1. Europe looks set to face growing instability as the Ukraine war and other geopolitical pressures continue to unfold.
  2. Some political leaders are seeking legal shortcuts like asking for pardons before convictions, which undermines norms of justice and accountability.
  3. The U.S. policy of killing people in small boats near Venezuela is highly controversial and hard for officials to defend, and staying outside the ICC limits the risk of international prosecution.

Time to Double Down

Diane Francis 459 implied HN points 31 Mar 22
🌍 World Politics Security
  1. Russia is being described as a criminal organization driven by a passionate leader. They seem focused on taking control of parts of Ukraine.
  2. The message emphasizes the need for a strong response to aggression, implying that weakness won't lead to good outcomes.
  3. There's a sense that the situation calls for serious commitment and action, rather than avoiding tough choices.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

The GenAI D&R Revolution Begins

Detection at Scale 19 implied HN points 13 May 24
🕹 Technology Security
  1. Security companies at RSA are increasingly focusing on AI to enhance Detection and Response (D&R) processes.
  2. Automated Tier 1 Triage using autonomous SOC analysts can streamline alert triage and analysis, improving efficiency for SecOps teams.
  3. GenAI can also improve D&R through AI-powered chatbots for automating organizational Q&A and log summarization for quicker insights and analysis.

Adversarial Examples in AI

Rod’s Blog 39 implied HN points 29 Feb 24
🕹 Technology Security
  1. Adversarial examples can deceive AI systems by manipulating inputs, leading to incorrect outcomes in various domains like medical imaging and autonomous vehicles.
  2. Understanding these risks is crucial for building effective defenses and creating awareness about the vulnerabilities in AI systems.
  3. Researchers are actively working to develop robust defenses against adversarial attacks to enhance the security and reliability of AI technology.

A First Principles guide to Data Availability: Part 1

Matthew’s Substack 39 implied HN points 28 Feb 24
🔮 Crypto Security
  1. Data Availability (DA) is important for blockchain because it allows data to be accessible and verified by users. It helps ensure security, especially for rollups on Ethereum.
  2. Rollups process transactions on cheaper chains but rely on Ethereum's main network for security by posting necessary data. This means Ethereum validates transactions and can handle fraud cases effectively.
  3. The future of Data Availability includes new methods to lower costs and improve scalability, like Danksharding. This could make it easier to store data efficiently while maintaining security.

Weekend Update #103: North Korea shows itself to be a Great Ally

Phillips’s Newsletter 177 implied HN points 20 Oct 24
🇺🇸 U.S. Politics Security
  1. North Korean combat troops may soon join Russia in the Ukraine war, which could change the dynamics on the battlefield. Ukraine's leaders believe over 10,000 troops are being prepared to fight.
  2. Despite claims of rapid Russian advances, the actual progress on the ground has been minimal, raising concerns about the strategy of limiting support for Ukraine. The slow pace of advances suggests a grinding war continues.
  3. President Zelensky has proposed a five-point victory strategy for Ukraine, but there is little support from Western allies, particularly the US, making the situation challenging for Ukraine as it seeks increased military aid.

Calling Vlad's Bluff

Diane Francis 519 implied HN points 13 Jan 22
🌍 World Politics Security
  1. Many people are not worried about the possible Russian invasion of Ukraine because they have other pressing issues, like rising gas prices and COVID-19. It shows how different countries prioritize their concerns.
  2. In Western Europe, there is a strong sense of disbelief about Putin's actions due to the trauma from past world wars. This reflects a hesitant attitude towards viewing Russia as a real threat.
  3. The idea that Russia is engaging in a 'slow-motion hybrid war' is becoming more accepted, but not everyone sees it as a significant danger yet. People seem to underplay the risks involved.

Google Gemini and the Responsible AI Conundrum

Rod’s Blog 39 implied HN points 26 Feb 24
🕹 Technology Security
  1. Google's Gemini AI models are designed for various tasks and are based on responsible AI principles, but faced challenges like data poisoning attacks.
  2. The data poisoning attack on Google's Gemini showed the model's vulnerability and raised questions about the effectiveness of Google's Responsible AI policy.
  3. Experts suggest that Google should have better safeguards for data quality, transparency in model deployment, and more engagement with the AI community to address ethical implications.

The Madness Goes On and On

John’s Substack 8 implied HN points 20 Dec 25
🌍 World Politics Security
  1. A public discussion focused on how the West is handling diplomacy with Russia and Ukraine.
  2. That Western diplomacy is described as surreal and disconnected from practical reality.
  3. This approach is predicted to cause prolonged, deadly serious trouble and instability for a long time to come.

Le Figaro Interview

John’s Substack 7 implied HN points 27 Dec 25
🌍 World Politics Security
  1. An interview was published in Le Figaro Magazine on 12 December 2025. It was presented as a featured piece in that issue.
  2. High-resolution images of the interview are embedded and can be clicked to enlarge for easier reading.
  3. The post includes links and visible engagement counts (e.g., 132, 54, 26), indicating shares and reader interaction.

Preventing model exfiltration with upload limits

Redwood Research blog 19 implied HN points 08 May 24
🕹 Technology Security
  1. Preventing model exfiltration can be crucial for security; setting upload limits can be a simple yet effective way to protect large model weights from being stolen.
  2. Implementing compression schemes for model generations can significantly reduce the amount of data that needs to be uploaded, providing an additional layer of protection against exfiltration.
  3. Limiting uploads, tracking and controlling data flow from data centers, and restricting access to model data are practical approaches to making exfiltration of model weights harder for attackers.

The Challenges and Benefits of Quantum Computing Security

Rod’s Blog 39 implied HN points 19 Feb 24
🕹 Technology Security
  1. Quantum computing poses a serious threat to conventional cryptography due to powerful quantum algorithms like Shor's and Grover's, which can compromise commonly used encryption schemes.
  2. Preparing for quantum computing challenges now can lead to the development of quantum-resistant cryptography, using both classical and quantum techniques to withstand quantum attacks and enhance security.
  3. Quantum cryptography offers innovative possibilities like quantum key distribution and quantum secure communication, driving collaboration and innovation across various fields to enhance security and privacy.

Give despair a chance

Wrong Side of History 322 implied HN points 08 Feb 24
🌍 World Politics Security
  1. A Conservative Member of Parliament in London decided not to run for re-election due to threats from violent extremists.
  2. There have been several anti-Semitic incidents in London, including arson attacks, assaults, and threats to Jewish individuals.
  3. Despite these incidents, London is generally a safe city, but there are areas with security concerns.

Back Live! Academy

DeFi Education 259 implied HN points 11 Nov 22
🔮 Crypto Security
  1. The academy is back live and ready for business again.
  2. If you have payment issues, you can reach out to the contact provided.
  3. The information shared is not legal or financial advice; it comes from a group of anonymous cartoon animals.

Best Infosec-Related Long Reads for the Week of 2/3/24

Metacurity 39 implied HN points 10 Feb 24
🕹 Technology Security
  1. London Underground is testing AI surveillance tools to monitor passengers, aiming to improve safety but facing challenges like recognizing objects accurately and potential privacy concerns.
  2. Transitioning from passwords to passkeys promises enhanced security but requires users to adapt to new ways of authentication and storage methods like dedicated password managers or physical security keys.
  3. Using SMS for account logins can lead to security vulnerabilities like SIM-swap attacks; companies should offer more secure alternatives like Authy or Google Authenticator to improve security measures.

Inside an averted school shooting plot

School Shooting Data Analysis and Reports 39 implied HN points 10 Feb 24
🚌 Education Security
  1. A 14-year-old student in Ohio was arrested for planning a school shooting, targeting specific students and involving anesthetic gases.
  2. The plot involved coordination with an adult in Colorado Springs, highlighting the complex nature of the planned attack.
  3. Despite the detailed planning of this attack, the student was reported, emphasizing the importance of alertness and communication in preventing such incidents.

Issue #114

Infra Weekly Newsletter 4 implied HN points 15 Jan 26
🕹 Technology Security
  1. GCP favors consistency and global networking primitives and is stronger in data, analytics, and ML. It uses a project-based organization that makes builds faster but more opinionated than AWS.
  2. Platform teams now sit between security, compliance, finance, and application groups and need clearer ownership and decision authority to avoid an accountability gap.
  3. A sophisticated, modular Linux malware framework is targeting cloud servers and containers for credential theft and stealthy persistence, so organisations should assume such threats are coming and tighten access controls, monitoring, patching, and Linux/cloud EDR.

#13: The UK's Multilateral AI Safety Institute + Open-sourcing Advanced AI + Biden's Executive Order

Navigating AI Risks 78 implied HN points 18 Oct 23
🕹 Technology Security
  1. The UK, US, and other Western countries are establishing a Multilateral AI Safety Institute to evaluate national security risks of advanced AI models.
  2. Biden's Executive Order will set public procurement standards for AI to mitigate risks, with the aim to influence industry safety standards.
  3. Open-sourcing AI models presents risks of misuse by malicious actors, irreversible releases, and challenges in ensuring safety without compromising the benefits of public access.

The Ways Microsoft Security Copilot Can Enhance Security Operations with Microsoft Intune

Rod’s Blog 59 implied HN points 08 Dec 23
🕹 Technology Security
  1. Microsoft Security Copilot is an AI-powered security solution that supports security professionals in various scenarios like incident response and threat hunting, using plugins for wider threat visibility and context.
  2. Security Copilot integrates seamlessly with Microsoft Intune, aiding in managing user access to organizational resources, simplifying device management, and supporting the Zero Trust security model.
  3. Security Copilot helps analysts manage identities and devices, deploy apps, and monitor compliance and security posture using natural language commands, queries, and AI-generated dashboards and reports.

Fake LastPass App Made Its Way Onto Apple's App Store, Likely Used to Steal Credentials

Metacurity 39 implied HN points 09 Feb 24
🕹 Technology Security
  1. A fake LastPass app managed to get onto Apple's App Store and was likely designed to steal user credentials.
  2. Iranian cyber operations against Israel are becoming bolder and more sophisticated, posing risks to American critical infrastructure and the 2024 elections.
  3. The FCC has cracked down on AI-generated voice calls, recognizing them as 'artificial' and restricting their use for non-emergency purposes without consent.

Correlating AWS S3 Breaches

Detection at Scale 19 implied HN points 29 Apr 24
🕹 Technology Security
  1. AWS S3 buckets are a common target for attackers due to misconfigurations and high-value data. Security teams should focus on monitoring S3 activity to ensure authorized access and detect breaches early.
  2. S3 serves as a major storage solution for various data types in the cloud. Its widespread use makes it a prime target for attackers seeking to compromise sensitive information.
  3. Monitoring S3 bucket activity is crucial for detecting suspicious behavior that could signal a breach. Using tools like CloudTrail, GuardDuty, and CloudWatch can provide valuable insights and enhance security measures.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Multiple Microsoft Teams Deleted by a Single User with Microsoft Sentinel

Rod’s Blog 39 implied HN points 07 Feb 24
🕹 Technology Security
  1. Use Microsoft Sentinel to detect and respond to multiple Teams deletion events in your organization.
  2. Collect Teams activity logs in Microsoft Sentinel to monitor data and detect security risks.
  3. Write custom analytics rules in Microsoft Sentinel to generate alerts for suspicious activities, such as multiple Teams deletion by a single user.

Let's talk about school lockdowns

School Shooting Data Analysis and Reports 59 implied HN points 05 Dec 23
🇺🇸 U.S. Politics Security
  1. In school lockdowns, students are often told to hide in classrooms, while in other dangerous situations people are advised to run, hide, or fight.
  2. There is a lack of research supporting the effectiveness of school lockdowns compared to evacuating the school during shootings.
  3. The school security industry heavily influences lockdown procedures, despite shootings often happening outside the classroom.

How to be Notified When Microsoft Sentinel Data Stops Populating

Rod’s Blog 79 implied HN points 02 Oct 23
🕹 Technology Security
  1. Being notified when data ingestion stops is crucial for security analysts to maintain the integrity of security tools.
  2. A KQL query can be set up as an Analytics Rule to alert if a specific table has not received new data within a set timeframe, allowing for timely action.
  3. Email alerts can be configured instead of generating unnecessary security incidents, ensuring the operations team can address potential issues efficiently.

Must Learn Quantum Security Preface: The Power of Quantum Computing in Advancing Artificial Intelligence

Rod’s Blog 79 implied HN points 15 Sep 23
🕹 Technology Security
  1. Quantum computing has the potential to significantly enhance computational power and speed in AI tasks, offering faster and more accurate predictions.
  2. Quantum computing enables the development of more sophisticated machine learning techniques by processing and analyzing large amounts of data more efficiently.
  3. Quantum-inspired algorithms can be leveraged to improve classical AI algorithms, showcasing the benefits of quantum computing even without fully-fledged quantum computers.

Update now: Stop Running Playbooks Directly from Analytics Rules

Rod’s Blog 79 implied HN points 08 Jun 23
🕹 Technology Security
  1. Microsoft Sentinel is deprecating the capability to assign Playbooks directly to Analytics Rules, encouraging the use of Automation Rules for better efficiency and management.
  2. With Automation Rules, you can manage all your automations from one place, trigger playbooks for multiple analytics rules with a single rule, define playbook execution order, and set expiration dates for playbook runs.
  3. Consider migrating existing Analytics Rules with directly assigned Playbooks to the new Automation Rules method to enhance effectiveness.

PSA: Migrate from the Threat Intelligence Platform Connector to the Threat Intelligence Solution in Microsoft Sentinel

Rod’s Blog 79 implied HN points 21 Jun 23
🕹 Technology Security
  1. The Threat Intelligence Platform Connector in Microsoft Sentinel is being deprecated, so users should consider migrating to the new Threat Intelligence Solution soon.
  2. There is no definitive date for the deprecation, but users are advised to start using the new version within the next 6 months.
  3. The new version of the Threat Intelligence Solution offers more artifacts like Rules and Hunting Queries, providing additional capabilities.

Must Learn AI Security Part 4: Trojan Attacks Against AI

Rod’s Blog 79 implied HN points 21 Aug 23
🕹 Technology Security
  1. Trojan attacks against AI involve disguising malware as legitimate software to gain unauthorized access, steal data, or manipulate algorithms, leading to dangerous outcomes.
  2. Common steps in a Trojan attack against AI include reconnaissance, delivery of the Trojan, installation, establishing command and control, exploitation, and covering up tracks to avoid detection.
  3. Mitigation of Trojan attacks against AI involves measures like using antivirus software, regular software updates, strong access controls, employee education on social engineering, and implementing monitoring strategies like real-time monitoring, intrusion detection, and machine learning for anomaly detection.

Monitor Azure Open AI Deployments with Microsoft Sentinel

Rod’s Blog 79 implied HN points 20 Apr 23
🕹 Technology Security
  1. Defender for Cloud Apps can now monitor Azure Open AI activity, making it easier to track and locate activity using Microsoft Sentinel.
  2. Utilize KQL queries to identify Azure Open AI deployments and create a maintained Watchlist in Microsoft Sentinel for easy monitoring.
  3. Automate the updating of the Watchlist with Logic Apps to ensure it always contains the most up-to-date information on Azure Open AI instances.

Low-carbon energy does not have the same energy security risks as fossil fuels

Sustainability by numbers 284 implied HN points 07 Mar 24
🌞 Climate & Environment Security
  1. Low-carbon energy is more secure compared to fossil fuels due to different risk factors.
  2. Fossil fuel supplies pose an energy security risk due to being fuels that can be cut off or become expensive, impacting a country's energy security.
  3. Mineral inequities for clean energy transition are a separate issue, as expensive minerals may slow down the transition but do not impact the operation of existing technologies.

A deep dive on Bitcoin's flaws and how to fix them

Senatus’s Newsletter 78 implied HN points 21 Jul 23
🔮 Crypto Security
  1. A perfect cryptocurrency needs to have uncensorability, certainty of supply, and transferability as a store of value.
  2. Bitcoin faces challenges with decreasing security spend and centralization of hashrate, impacting its resilience to attacks.
  3. Issues in Bitcoin such as affordability, speed, and scalability make it less efficient as a medium of exchange, while alternative cryptocurrencies offer better solutions.

Snyk: Shift left security

The Product Person 78 implied HN points 17 Apr 23
💼 Business Security
  1. Snyk is a $7.4 billion startup focusing on helping developers find and fix vulnerabilities in open-source code.
  2. Snyk offers a range of products like Snyk Code, Snyk Container, and Snyk Infrastructure as Code to enhance security.
  3. Snyk's growth was fueled by a developer-first approach, leading to rapid adoption and a unique product-led growth strategy.