Hot Topics

Cyberlaw

Satya Nadella and President Xi Jinping

‘China’ Azure Breach: MUCH Worse Than Microsoft Said

| | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
Security Boulevard
Kevin Mitnick

R.I.P. Kevin Mitnick, 1963–2023

| | Kevin Mitnick, SB Blogwatch
Kevin is Free: Hackers’ hacker dies, aged 59 ...
Security Boulevard

AI and Microdirectives

| | Artificial Intelligence, courts, essays, law enforcement, laws, Privacy, surveillance, Uncategorized
Imagine a future in which AIs automatically interpret—and enforce—laws. All day and every day, you constantly receive highly personalized instructions for how to comply with the law, sent directly by your government ...
Schneier on Security
detection-as-code, misconception

House Panel OK’s Bill to Ban Law Enforcement from Buying Data from Brokers

| | Congress, Cyberlaw, Data Brokers, Data Privacy, Data Security
Legislation that would ban law enforcement and federal agencies from buying consumer data from data brokers without a warrant is on its way to the full House ...
Security Boulevard
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

| | android spyware, Biden administration, Commerce Department, Cytrox, Department of Commerce, Entity List, eu, Europe, European Union, European Union (EU), Intellexa, iOS spyware, Malware Spyware, Predator spyware, SB Blogwatch, spyware
European cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S ...
Security Boulevard
industrial Colonial Pipeline critical infrastructure OT Utilities

Russia Expected to Increase Critical Infrastructure Attacks

| | Critical Infrastructure, cyberattacks, Espionage, Russia, Ukraine
Russia’s war strategy increasingly involves cybersecurity, with the country expected to ramp up attacks on critical infrastructure in Ukraine and countries that are members of NATO, according to Switzerland’s Federal Intelligence Service ...
Security Boulevard
OPSEC FAIL: US Military Email Going to Mali — via Typo

OPSEC FAIL: US Military Email Going to Mali — via Typo

| | defense department, Department of Defense, DoD, E-mail, email, Johannes Zuurbier, Mali, military, Military Communications, mxrecords, pentagon, Russia, SB Blogwatch, U.S. Department of Defense, U.S. military, United States Department of Defense, US DOD, US Military
MX Mixup: Russian-allied government can intercept “highly sensitive information”—because there’s no “I” in .ML ...
Security Boulevard

Tracking Down a Suspect through Cell Phone Records

| | cell phones, crime, forensics, Uncategorized
Interesting forensics in connection with a serial killer arrest: Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island—two areas connected to a “burner ...
Schneier on Security
PRC flag

China Breaches Microsoft Cloud — Spied on US Govt. Email

| | Active Directory, Authentication, Azure Active Directory, Azure AD, Exchange, Microsoft, Outlook.com, SB Blogwatch, Storm-0558
Storm-0558 Brewing: Multiple Microsoft failures cause data leaks at State and Commerce depts., plus 23 other orgs ...
Security Boulevard
Solar array, ground mounted in field, under blue sky

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

| | Contec, CVE-2022-29303, CVE-2022-44354, CVE-2023-23333, ICS, ICS/SCADA, iot, Mirai, Mirai botnet, OT, SB Blogwatch, SCADA, SolarView
PV OT: VPN PDQ! 9.8 CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems ...
Security Boulevard
Load more