OnSolve CodeRED Gets Ransomed—Emergency Alert Systems Held Hostage by INC Ransom

November 28, 2025November 28, 2025 ~ larshilse ~ Leave a comment

OnSolve's CodeRED emergency alert system just got ransomed. Emergency agencies across the US suddenly couldn't contact residents during emergencies. The INC Ransom gang breached the system, stole customer data including plain-text passwords, and when they didn't get paid, leaked everything online. Crisis24's response? Rebuild from an eight-month-old backup. This is what happens when critical infrastructure treats security as optional.

The Shai Hulud 2.0 Nightmare—When Your Supply Chain Becomes a Credential Harvesting Farm

November 28, 2025November 28, 2025 ~ larshilse ~ Leave a comment

Shai Hulud 2.0 just turned the npm ecosystem into a credential harvesting farm. Nearly 1,200 organizations got compromised—and many don't even know it yet. The attack wasn't just stealing data; it was extracting full runtime environments containing live GitHub tokens, AWS keys, and blockchain production credentials. Three days after disclosure, some of those stolen credentials were still valid. This is what modern supply chain warfare looks like.

Lazarus Group Steals $36.9 Million from Upbit—Because Apparently Crypto Security Is Still a Punchline

November 28, 2025November 28, 2025 ~ larshilse ~ Leave a comment

North Korea's Lazarus Group just walked away with $36.9 million from Upbit—and it wasn't even close to their first rodeo. This time they deployed supply chain compromises and social engineering to hit South Korea's largest crypto exchange. The worrying part? It mirrors attacks we saw in 2017. Some adversaries don't evolve; they optimize. Read the full breakdown on how state-sponsored actors continue playing for keeps in the crypto space.

DoorDash’s Third Data Breach in Six Years: When Will They Learn?

November 27, 2025November 27, 2025 ~ larshilse ~ Leave a comment

You'd think after getting breached twice in three years, a company might, I don't know, invest in some actual cybersecurity. But nope, DoorDash just couldn't resist going for the hat trick. Welcome to breach number three, folks. Third time's the charm, right? What Happened This Time On October 25, 2025, DoorDash suffered another data breach … Continue reading DoorDash’s Third Data Breach in Six Years: When Will They Learn?

Logitech Confirms Massive 1.8TB Data Breach After Clop Gang Exploits Oracle Zero-Day

November 27, 2025November 27, 2025 ~ larshilse ~ Leave a comment

Well, well, well. Logitech—makers of your favorite keyboards, mice, and webcams—just confirmed they got absolutely rinsed by the Clop ransomware gang to the tune of 1.8 terabytes of internal data. And how did Clop pull it off? By exploiting a zero-day vulnerability in Oracle E-Business Suite that apparently half the enterprise world is running. The … Continue reading Logitech Confirms Massive 1.8TB Data Breach After Clop Gang Exploits Oracle Zero-Day

Five Arrested for Running Fake IT Worker Scheme That Funneled $2.2M to North Korea

November 27, 2025November 27, 2025 ~ larshilse ~ Leave a comment

Just when you thought remote work couldn't get any sketchier, the Department of Justice drops this gem: five people just pleaded guilty to helping North Korean operatives infiltrate 136 US companies by posing as remote IT workers. And the kicker? They generated $2.2 million for the DPRK regime in the process. How the Scheme Worked … Continue reading Five Arrested for Running Fake IT Worker Scheme That Funneled $2.2M to North Korea

Microsoft Patches 63 Vulnerabilities Including Actively Exploited Windows Kernel Zero-Day

November 27, 2025November 27, 2025 ~ larshilse ~ Leave a comment

Ah, Patch Tuesday. That magical second Tuesday of every month when Microsoft drops a metric ton of security updates and admins worldwide collectively groan. November 2025's edition is a doozy: 63 vulnerabilities patched, including one actively exploited zero-day that's already being used in the wild. Time to clear your calendar and start patching, folks. The … Continue reading Microsoft Patches 63 Vulnerabilities Including Actively Exploited Windows Kernel Zero-Day

RondoDox Botnet Exploiting Critical XWiki Vulnerability to Hijack Servers for Crypto Mining

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

You know what I love? When a critical remote code execution vulnerability with a CVSS score of 9.8 gets a patch released, and then multiple threat actors immediately start exploiting it anyway because nobody bothered to update their shit. Welcome to CVE-2025-24893, the XWiki RCE that's turning servers into botnet zombies. XWiki? What the Hell … Continue reading RondoDox Botnet Exploiting Critical XWiki Vulnerability to Hijack Servers for Crypto Mining

Critical Fortinet FortiWeb Zero-Day Actively Exploited Since October – Attackers Creating Admin Accounts

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

Fortinet's got another critical zero-day on its hands (CVE-2025-64446), and this one's a doozy. Attackers have been exploiting an unauthenticated path traversal flaw in FortiWeb since early October to create admin accounts—complete with cheeky passwords like "AFT3$tH4ck." CVSS 9.8. CISA KEV-listed. Actively exploited. If you're running FortiWeb 8.0.1 or earlier and haven't patched to 8.0.2 yet, drop everything and do it now. Then check your device for unauthorized admin accounts. Full breakdown inside.

chinese-hackers-weaponize-claude-ai-autonomous-cyberattack

November 17, 2025November 17, 2025 ~ larshilse ~ Leave a comment

Well folks, we've officially entered the "oh shit" phase of AI cybersecurity. Chinese state hackers jailbroke Anthropic's Claude Code and used it to run an 80-90% autonomous cyber-espionage campaign against 30+ organizations—at speeds humanly impossible to match. The first large-scale AI-orchestrated cyberattack is now documented history. If you're not leveraging AI for defense yet, you're already behind. Read the full breakdown of how they pulled it off and what it means for your security posture. [Read More]

From Pranks to Paydirt: The Malware Origin Story

June 3, 2025May 10, 2025 ~ larshilse ~ Leave a comment

The document discusses the evolution of malware, particularly in corporate espionage, highlighting its transition from harmless viruses to sophisticated attacks like Advanced Persistent Threats (APTs). It emphasizes the need for advanced security measures, such as behavioral analysis and air-gapping, to combat these threats, underscoring the ongoing battle between attackers and defenders.

The Evolution of a Digital Menace

June 2, 2025May 10, 2025 ~ larshilse ~ Leave a comment

Phishing has evolved from basic scams to sophisticated attacks utilizing AI, targeting corporate secrets and valuable data. Modern tactics include impersonating executives, voice cloning, and exploiting trusted platforms. A comprehensive defense strategy, involving employee training, advanced email filters, and multi-factor authentication, is crucial for preventing losses from these advanced threats.

So, What the Hell is a Man-in-the-Middle Attack in an Industrial Setting?

May 28, 2025May 10, 2025 ~ larshilse ~ Leave a comment

Man-in-the-Middle attacks pose significant threats to Industrial Control Systems (ICS), allowing attackers to intercept, manipulate, and impersonate devices within crucial infrastructures like power grids and factories. Vulnerabilities arise from outdated protocols and blind trust among devices. Effective security measures include encryption, network segmentation, and certificate pinning to mitigate these risks.

Your Company Culture Might Be Screwing Your Security – How do cultural and organisational factors influence the effectiveness of cybersecurity awareness programs across different sectors?

So, Your Company Culture Might Be Screwing Your Security

May 27, 2025May 11, 2025 ~ larshilse ~ Leave a comment

Discover how organizational culture and leadership critically impact cybersecurity awareness program effectiveness. Learn to tailor training, foster open communication, and build a robust security culture to mitigate human risk and enhance overall protection across sectors. It's less about the tech, more about the people, you see." Or, if you want it a bit less cheeky for the actual search engines: "Explore the critical influence of cultural and organizational factors on the effectiveness of cybersecurity awareness programs. Understand how leadership, communication, and tailored training contribute to a stronger security culture and reduce human-related cyber risks." There, that should keep the algorithms happy. For a bit, anyway.

What in God’s Name is SQL Injection?

May 22, 2025May 10, 2025 ~ larshilse ~ Leave a comment

The post discusses the vulnerabilities of databases, particularly highlighting SQL Injection (SQLi) as a major security threat. It explains how attackers can exploit weak input validation to gain unauthorized access and manipulate sensitive data, leading to dire consequences including financial loss and reputational damage. Preventative measures focus on secure coding practices and ongoing vigilance.

So, What’s the Gist of This Behavioral Bollocks? A Quick Summary.

May 20, 2025May 10, 2025 ~ larshilse ~ Leave a comment

The integration of human behavior modeling into cybersecurity risk assessments aims to address the vulnerabilities posed by employees' poor online behaviors. Various frameworks like Social Cognitive Theory and the Fogg Behavior Model highlight the importance of understanding motivations and abilities. Effective training methods and continuous adaptation are critical for enhancing organizational cybersecurity resilience.

So, What’s This Usability vs. Security Kerfuffle All About Then? A Summary, If You Must.

May 15, 2025May 10, 2025 ~ larshilse ~ Leave a comment

Organizations struggle to balance usability and security in digital environments, often facing a "pendulum effect" where stringent security frustrates users, leading them to ignore rules. This creates vulnerabilities. The solution lies in user-centered design, continuous feedback, and cultivating a security-conscious culture to enhance both security and usability effectively.

Corporate Eavesdropping: Why This Isn’t Just an “IT Problem”

May 14, 2025May 10, 2025 ~ larshilse ~ Leave a comment

Eavesdropping poses significant risks across corporate, government, and military sectors. Unauthorized access to private communications can compromise strategies, steal sensitive information, enable further attacks, and erode trust. Protecting critical conversations demands a multi-layered approach including encrypted communications, secure environments, rigorous training, and comprehensive policies to mitigate potential threats.

The Malicious Insider: and why you should loose sleep over him

May 13, 2025May 10, 2025 ~ larshilse ~ Leave a comment

The text discusses the threat posed by malicious insiders within organizations, emphasizing that they can cause significant harm through actions like sabotage, theft, and espionage. It highlights the importance of recognizing behavioral red flags, implementing strategic defenses like least privilege access, and fostering a security culture to mitigate these risks effectively.

Socio-Technical Cybersecurity – The Human Clusterfuck in Cybersecurity and why Your Firewall Won’t Save You When Karen Clicks a Phishing Link

The Human Clusterfuck in Cybersecurity: Why Your Firewall Won’t Save You When Karen Clicks a Phishing Link

May 12, 2025May 10, 2025 ~ larshilse ~ Leave a comment

Cybersecurity hinges more on human behavior than technology, with 82% of breaches resulting from human error. Effective frameworks like NIST and ISO 27001 require organizations to foster a security-focused culture. Training is crucial to reducing risks, as demonstrated by successful interventions in companies like British Airways and Google.