John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
I haven't yet decided exactly what kind of content I intend to post here. I love cooking and taking pictures so initially I'll probably just share recipes, photos and that kind of thing.
If I really start using the space I may expand on the blog capabilities. For now I'm keeping it quite simple.
Four Major Companies Still Won't Talk About the Oracle EBS Breach
Broadcom, Bechtel, Estee Lauder, and Abbott Technologies got named in the Cl0p Oracle EBS breach. None have said a word. The silence is becoming its own problem.
Read More
Iran Didn't Need Malware to Cripple Stryker. They Just Used Microsoft Intune.
The Handala group wiped tens of thousands of Stryker devices using the company's own MDM platform. No malware. No exploit. Just admin access and the willingness to press the button.
Read More
GlassWorm Is Hiding Malware in Invisible Code and Pushing It Into Your Python Repos
GlassWorm steals GitHub tokens, then injects malicious code written in invisible Unicode characters into repos developers already trust. 151 packages hit in one week.
Read More
Europe's Biggest Tech Fines Are Getting Overturned in Court
Amazon just got a $858 million GDPR fine thrown out. Cloudflare is fighting Italy's Piracy Shield. Big Tech's legal teams are now the real counterparty to European regulation.
Read More
ClickFix Went Cross-Platform This Week. Mac Users, You're Not Safe.
Three separate campaigns are using ClickFix to trick people into installing malware themselves. macOS, Windows, enterprise VPN users. No exploit needed. Just copy, paste, execute.
Read More
Google Paid Nearly $17 Million in Bug Bounties Last Year. What That Number Actually Tells Us.
Google's record $17 million in bug bounties sounds huge. Then you look at the exploit broker market, where a single iOS chain sells for $2.5 million, and the math gets interesting.
Read More