John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

Europol Took Down Tycoon2FA. It Was Back in Days, and Smarter Than Before.

John Z Black Mar 31, 2026

Ransomware & Cybercrime #phishing #tycoon2fa #phishing-as-a-service #microsoft-365 #entra-id #conditional-access #mfa #aitm #europol #crowdstrike

Tycoon2FA's rapid return after Europol's March 4 takedown shows why seizing infrastructure doesn't shut down phishing platforms. The operators pre-staged backup infrastructure before the first domain was seized.

Your Security Scanner Was the Weapon: How the Trivy Supply Chain Attack Worked

John Z Black Mar 31, 2026

Threat Intelligence #trivy #supply-chain #github-actions #cicd #aqua-security #devsecops #secrets #sha-pinning #software-supply-chain

ShinyHunters Just Hit the EU. Here's Why They Keep Getting Away With It.

John Z Black Mar 31, 2026

Incidents & Breaches #shinyhunters #european-commission #data-breach #aws #cloud-security #ticketmaster #europa-eu #extortion

Russia Convicted 26 Cybercriminals, Including a Hacker the US Has Been Hunting for Years

John Z Black Mar 31, 2026

Ransomware & Cybercrime #russia #flint24 #cybercrime #payment-card-fraud #stroganov #extradition #accountability #military-court

Russia sentenced 26 members of the Flint24 card fraud network, including a man on the US Secret Service's most-wanted list. It looks like accountability. It isn't.

Three Vendors, Three Critical Bugs, All Exploited This Week: The Edge Device Emergency

John Z Black Mar 31, 2026

Vulnerabilities & Patching #f5 #big-ip #citrix #netscaler #fortinet #forticlient-ems #cisa-kev #rce #cve #patch #perimeter-security

F5 BIG-IP, Citrix NetScaler, and Fortinet FortiClient EMS all have critical vulnerabilities under active exploitation this week. Here's what happened and what you need to do right now.

Three Chinese Hacker Groups Hit the Same Government. At the Same Time.

John Z Black Mar 31, 2026

Threat Intelligence #china #apt #mustang-panda #unit42 #espionage #southeast-asia #usb-worm #hiupan #nation-state