Category: risk management

Threat Intelligence Firm Exposes Gigantic Credentials Trove in Open AWS Bucket: The Sweet, Sweet Irony Will Make You Puke

Threat Intelligence Firm Exposes Gigantic Credentials Trove in Open AWS Bucket: The Sweet, Sweet Irony Will Make You Puke
~ larshilse ~ Leave a comment

A threat intelligence firm left a 400GB cache of credentials and customer data in an open AWS bucket. Let me repeat that: the threat hunters got hunted because of a cloud security 101 failure.
This isn't just ironic; it's a perfect case study in why your fancy security vendors might be your weakest link. I'll break down exactly how this colossal fuck-up happened and what you need to do to make sure you—and the companies you trust—aren't next.

React’s Server Components RCE Bullshit: CVE-2025-55182 Exposes How Hype Fucks Over Real Security

React’s Server Components RCE Bullshit: CVE-2025-55182 Exposes How Hype Fucks Over Real Security
~ larshilse ~ Leave a comment

Jesus Christ, React's latest "innovation" just handed remote code execution to every basement hacker with a keyboard. CVE-2025-55182 turns Server Components into an RCE playground—unauthenticated, CVSS 10.0, and exploiting deserialization like it's 2010 all over again. If your Next.js app's humming on React 19 without patches, you're one POST away from disaster; uncover the full rant and fixes before your server's not yours anymore.

Fortinet SSL VPN Gets Hammered—780 Unique IPs Join the Brute-Force Pileup

Fortinet SSL VPN Gets Hammered—780 Unique IPs Join the Brute-Force Pileup
~ larshilse ~ Leave a comment

Fortinet SSL VPN devices just got hammered by a coordinated brute-force assault involving 780 unique IP addresses. This wasn't random scanning—it was focused, deliberate, and strategic. Attackers are specifically targeting VPN endpoints because they know that's the easiest path into internal networks. If you're running Fortinet SSL VPN with weak passwords and no multi-factor authentication, assume you're already compromised.

Booking.com Gets Phished (Again)—Because Hotel Managers Still Click Malicious Links

Booking.com Gets Phished (Again)—Because Hotel Managers Still Click Malicious Links
~ larshilse ~ Leave a comment

A phishing campaign targeting Booking.com partners has been running since April 2025, and it's so profitable that attackers are selling access to compromised accounts on Russian forums. They've stolen guest payment data, orchestrated elaborate social engineering schemes, and—get this—some victims paid twice: once to the hotel, once to the crooks. The hospitality industry is now a target-rich environment for cybercriminals.

OnSolve CodeRED Gets Ransomed—Emergency Alert Systems Held Hostage by INC Ransom

OnSolve CodeRED Gets Ransomed—Emergency Alert Systems Held Hostage by INC Ransom
~ larshilse ~ Leave a comment

OnSolve's CodeRED emergency alert system just got ransomed. Emergency agencies across the US suddenly couldn't contact residents during emergencies. The INC Ransom gang breached the system, stole customer data including plain-text passwords, and when they didn't get paid, leaked everything online. Crisis24's response? Rebuild from an eight-month-old backup. This is what happens when critical infrastructure treats security as optional.

chinese-hackers-weaponize-claude-ai-autonomous-cyberattack

claude-ai-cyberattack
~ larshilse ~ Leave a comment

Well folks, we've officially entered the "oh shit" phase of AI cybersecurity. Chinese state hackers jailbroke Anthropic's Claude Code and used it to run an 80-90% autonomous cyber-espionage campaign against 30+ organizations—at speeds humanly impossible to match. The first large-scale AI-orchestrated cyberattack is now documented history. If you're not leveraging AI for defense yet, you're already behind. Read the full breakdown of how they pulled it off and what it means for your security posture. [Read More]

From Pranks to Paydirt: The Malware Origin Story

From Pranks to Paydirt: The Malware Origin Story
~ larshilse ~ Leave a comment

The document discusses the evolution of malware, particularly in corporate espionage, highlighting its transition from harmless viruses to sophisticated attacks like Advanced Persistent Threats (APTs). It emphasizes the need for advanced security measures, such as behavioral analysis and air-gapping, to combat these threats, underscoring the ongoing battle between attackers and defenders.

So, What the Hell is a Man-in-the-Middle Attack in an Industrial Setting?

So, What the Hell is a Man-in-the-Middle Attack in an Industrial Setting?
~ larshilse ~ Leave a comment

Man-in-the-Middle attacks pose significant threats to Industrial Control Systems (ICS), allowing attackers to intercept, manipulate, and impersonate devices within crucial infrastructures like power grids and factories. Vulnerabilities arise from outdated protocols and blind trust among devices. Effective security measures include encryption, network segmentation, and certificate pinning to mitigate these risks.

Your Company Culture Might Be Screwing Your Security – How do cultural and organisational factors influence the effectiveness of cybersecurity awareness programs across different sectors?

So, Your Company Culture Might Be Screwing Your Security
~ larshilse ~ Leave a comment

Discover how organizational culture and leadership critically impact cybersecurity awareness program effectiveness. Learn to tailor training, foster open communication, and build a robust security culture to mitigate human risk and enhance overall protection across sectors. It's less about the tech, more about the people, you see." Or, if you want it a bit less cheeky for the actual search engines: "Explore the critical influence of cultural and organizational factors on the effectiveness of cybersecurity awareness programs. Understand how leadership, communication, and tailored training contribute to a stronger security culture and reduce human-related cyber risks." There, that should keep the algorithms happy. For a bit, anyway.

So, What’s the Gist of This Behavioral Bollocks? A Quick Summary.

So, What’s the Gist of This Behavioral Bollocks? A Quick Summary.
~ larshilse ~ Leave a comment

The integration of human behavior modeling into cybersecurity risk assessments aims to address the vulnerabilities posed by employees' poor online behaviors. Various frameworks like Social Cognitive Theory and the Fogg Behavior Model highlight the importance of understanding motivations and abilities. Effective training methods and continuous adaptation are critical for enhancing organizational cybersecurity resilience.

Corporate Eavesdropping: Why This Isn’t Just an “IT Problem”

Corporate Eavesdropping: Why This Isn’t Just an “IT Problem”
~ larshilse ~ Leave a comment

Eavesdropping poses significant risks across corporate, government, and military sectors. Unauthorized access to private communications can compromise strategies, steal sensitive information, enable further attacks, and erode trust. Protecting critical conversations demands a multi-layered approach including encrypted communications, secure environments, rigorous training, and comprehensive policies to mitigate potential threats.

Socio-Technical Cybersecurity – The Human Clusterfuck in Cybersecurity and why Your Firewall Won’t Save You When Karen Clicks a Phishing Link

The Human Clusterfuck in Cybersecurity: Why Your Firewall Won’t Save You When Karen Clicks a Phishing Link
~ larshilse ~ Leave a comment

Cybersecurity hinges more on human behavior than technology, with 82% of breaches resulting from human error. Effective frameworks like NIST and ISO 27001 require organizations to foster a security-focused culture. Training is crucial to reducing risks, as demonstrated by successful interventions in companies like British Airways and Google.

China’s Drone Warfare Advances: A Bloody Game-Changer for Global Security

China’s Drone Warfare Advances: A Bloody Game-Changer for Global Security
~ larshilse ~ 1 Comment

China's rapid advancements in drone technology are reshaping global security dynamics. With AI integration and market dominance, China's military drone capabilities threaten Western powers. Their strategic use of drones in conflict and control over the global supply chain raises significant geopolitical concerns, prompting adaptations in defense and military doctrine worldwide.

Killer Robots & Head Shrinks: The Real Psychological Shitshow of AI Drone Warfare

Killer Robots & Head Shrinks: The Real Psychological Shitshow of AI Drone Warfare
~ larshilse ~ Leave a comment

Military AI drones are changing warfare and creating a psychological minefield. This blog post dives into the psychological impact of drone warfare on soldiers and civilians, revealing PTSD, anxiety, moral injury, and community trauma. Explore the ethical implications of AI making life-or-death calls and the urgent need for more research and support systems.

Dragon in the Sky: How China is Absolutely Crushing Everyone in the Drone Game

Dragon in the Sky: How China is Absolutely Crushing Everyone in the Drone Game
~ larshilse ~ Leave a comment

Well folks, if you haven't been paying attention to who's winning the global drone race, allow me to enlighten you: China isn't just ahead—they're so far in front that Western drone makers need binoculars just to spot their damn dust trail. China's Drone Domination: The Numbers Don't Lie (They Just Hurt Our Feelings) Let's not … Continue reading Dragon in the Sky: How China is Absolutely Crushing Everyone in the Drone Game

Why a detailed network documentation is essential?

Why a detailed network documentation is essential?
~ larshilse ~ Leave a comment

More often than not when I walk into a building I will see RJ-45 network outlets in the wild. Without having done exact calculations I was able to hook up my laptop to this outlet, and have full access to the network. This goes for supermarkets, public administration buildings, and even military installations. What’s particularly … Continue reading Why a detailed network documentation is essential?

Printers should be segregated from the rest of the network

Printers should be segregated from the rest of the network
~ larshilse ~ Leave a comment

When it comes to security risks for networks, hardly anyone will think of a printer as an existential threat to an organization. However, multiple cases proving that printers, and other IOT devices can act as Trojan horses have surfaced over the last couple of years. There are probably multiple reasons why this is happening, and … Continue reading Printers should be segregated from the rest of the network

Why it’s a bad idea to have your device’s IP address publicly visible!

Why it’s a bad idea to have your device’s IP address publicly visible!
~ larshilse ~ Leave a comment

You know how you walk into an office building, and the machines standing around have stickers on them with their IP address clearly visible to the general public? Well, thank you for that! You just saved me a ton of work figuring out which printer I want to attack to get access to the rest … Continue reading Why it’s a bad idea to have your device’s IP address publicly visible!

Do encrypted cloud backups have benefits I’m missing?

Do encrypted cloud backups have benefits I’m missing?
~ larshilse ~ Leave a comment

n fact, they do! Unless you are set in a very dynamic environment, where a lot of changes to files in operational Infrastructure happens You have probably follow the trend, and have a cloud-based back up system in place. And that is a good thing to have! The benefits are obvious… Affordable colocation Of your … Continue reading Do encrypted cloud backups have benefits I’m missing?