News & Commentary

3,000+ congressional staffers had their personal info leaked on the dark web 😨

A recent cyberattack on the U.S. Capitol led to some very sensitive personal data being exposed on the dark web. Security firm Proton found nearly 2,000 leaked passwords and other private data on the dark web — in part because the staffers used their official government emails to sign up for different websites, including social media and, uh, adult sites. 😅

It’s not believed that this attack was part of an espionage campaign, but it is calling to light a few cybersecurity best practices for the rest of us. So if you’re reusing passwords across multiple sites or using your work email for personal business, here’s your sign from the cosmos to stop that right now. 🌟

Kaspersky deletes itself, installs new antivirus software without warning 🫠

Remember earlier in the year, when it was announced that Kaspersky would be banned from the US by September 29? Well…it’s September, and boy is there an update to this news. 😅

Last week, Kaspersky users noticed two new developments on their machines. First, Kaspersky was gone. And second…UltraAV was just kinda…there. No warning. No announcement. Just one thing gone, replaced with another. (Which, by the way, led many people to assume they’d been infected with malware. Not a super far jump to that conclusion, IMO.)

Turns out, Kaspersky deleted itself and then installed UltraAV in its place. But the email they sent kinda sorta didn’t say any of this would happen automatically:

Nice of them to offer a continuation of services, but…maybe tell people what to expect first? 😅

Hackers are using AI to do their dirty deeds 🤖

We knew it was only a matter of time…

Hackers are more frequently turning to generative AI to develop malware, which we saw in a recent campaign targeting French users. The AI-written code delivers AsyncRAT malware, which is then sent out via phishing emails using HTML smuggling techniques.

AI-generated malware really opens up the door for script kiddies. Often, these malware samples include detailed comments that explain the code, making it so easy to execute, a script kiddie could do it. And this is not a barrier of entry I want to see become virtually nonexistent. We have enough of that on the dArK wEb. 😅

A small-town Kansas water plant reverts to “old school” operations following a cyberattack 🏛️

Yet again, we see the real-world impacts of cybersecurity making the headlines.

A Kansas water treatment plant (population: ~12,000) dealt with a cyberattack that forced operators to revert to manual, analog controls to maintain operations.

The attack targeted industrial control systems (ICS) and underlined the vulnerability of critical infrastructure to digital threats. They were lucky in that they were able to avoid significant disruptions (including to water quality), but this is yet another example of how you just can’t separate cybersecurity from the “real world” anymore.

For better or worse, it’s all the same.

Sponsor

AI is transforming DevSecOps. Can your team keep up?

Don’t miss DevSecCon: Developing AI Trust, a free virtual summit on October 8-9, 2024. Learn from industry leaders, including Daniel Miessler, Shannon Lietz, me!, and more, as we share insights on DevSecOps strategies and AI trust.

Engage with Snyk’s latest innovations and secure your spot for actionable thought leadership. Register now! 👇

Here’s a snippet of my to-do list for content you might see soon! 👀

• Hacking Active Directory Certificate Services with Bloodhound 😈

• Digital Forensics and Incident Response on a Ransomware Investigation

• SANS Holiday Hack Challenge!!!

• And seriously soon, my first foray into scambait content 😅

• October 8: DevSecCon

• October 9-11: Wild West Hacking Fest. I’ll be presenting on October 10: When I Grow Up, I Wanna Be a Script Kiddie (fun fun fun)

• October 16: SOC Analyst Appreciation Day with Devo

• October 21: "From the Source" Volatility Conference

• October 29-31: Bsides Cayman Islands

I went to TwitchCon last weekend!

Didn’t take too many pictures, but had a fantastic time catching up with ThePrimeagen, teej_dv, Low Level Learning, Theo, Melkey, Nate McGrady, and Pirate Software.

And I do have this really cool picture to share.

(Burritos consumed not pictured here.)

For 21 years now, the powers that be in the United States have deemed October Cybersecurity Awareness Month. It’s a chance to shine a light on how important cybersecurity is — which is more important now than ever, given the real-world repercussions we see in cybersecurity during every major breach and incident.

I’ll be involved in a bunch of different activities to celebrate the cause. Follow along on my socials and over on Discord!