John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

I haven't yet decided exactly what kind of content I intend to post here. I love cooking and taking pictures so initially I'll probably just share recipes, photos and that kind of thing.

If I really start using the space I may expand on the blog capabilities. For now I'm keeping it quite simple.

Telus Digital Got Breached and Nobody's Talking About What They Actually Handle

John Z Black Mar 13, 2026

Data Breach #telus #breach #outsourcing #ai-training-data #enterprise-risk #canada #third-party

Telus Digital confirmed a data breach after a hacker claimed one petabyte of stolen data. The petabyte number is probably inflated. The real story is what Telus Digital handles on behalf of major enterprise clients.

Storm-2561: Googling Your VPN Download Just Became a Security Risk

John Z Black Mar 13, 2026

Threat Intelligence #seo-poisoning #storm-2561 #vpn #credential-theft #malware #social-engineering

Microsoft exposed Storm-2561, a threat actor using SEO poisoning to serve fake VPN downloads that steal corporate credentials. The attack requires zero phishing emails. Just a search engine.

China's Been Quietly Spying on Southeast Asian Militaries for Years

John Z Black Mar 13, 2026

Nation-State Threats #china #apt #espionage #southeast-asia #military #unit42 #nation-state

Unit 42 documented a suspected Chinese state-sponsored espionage campaign with years of undetected access to military networks across Southeast Asia. This is what patient intelligence collection looks like.

After the 'Worst Telecom Hack in History,' Washington Is Already Moving On

John Z Black Mar 13, 2026

Policy & Governance #salt-typhoon #telecom #section-702 #nsa #cyber-policy #china #surveillance

Salt Typhoon was called the most significant cyberattack on US telecom infrastructure ever. Policy reform momentum is stalling. Congress is more interested in restricting FBI surveillance than fixing the infrastructure that got hacked.

The SocksEscort Takedown: Your Linux Server Might Be Someone Else's Criminal Proxy

John Z Black Mar 13, 2026

Cybercrime #socksescort #botnet #proxy #linux #takedown #law-enforcement #infrastructure

US authorities dismantled SocksEscort, a proxy-for-hire botnet built on silently infected Linux devices. Here's why this takedown matters more than it seems, and why 'it's Linux, it's fine' isn't a security posture.

AI Is Now Both the Weapon and the Target

John Z Black Mar 13, 2026

AI Security #ai #malware #prompt-injection #copilot #slopoly #ransomware #enterprise

Slopoly is AI-generated malware used in a live ransomware attack. Microsoft Copilot can be hijacked through emails you just receive. AI security isn't future-tense anymore.