my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

Handala, Publicly Attributed: What the FBI Seizure Changes About Iran Cyber Signaling

John Z Black Mar 21, 2026

Threat Intelligence #iran #handala #mois #fbi #attribution #nation-state #wiper #threat-intelligence

The FBI seized Handala's sites and released a 40-page warrant formally linking the group to Iran's intelligence ministry. Attribution just moved from analyst opinion to federal court filing.

Read More

Your Encrypted Chat Is Fine. Your Trust Model Isn't.

John Z Black Mar 21, 2026

Threat Intelligence #signal #whatsapp #phishing #russian-intelligence #social-engineering #salt-typhoon #messaging-security

The FBI and CISA warn that Russian intelligence compromised thousands of Signal and WhatsApp accounts -- not by breaking encryption, but by tricking users into handing over access. Here's what that means and what to do.

Read More

Security Below the OS: Why Device Integrity Is Becoming a Boardroom Topic

John Z Black Mar 21, 2026

Security Operations & Resilience #firmware #supply-chain #eclypsium #device-security #hardware #iot #enterprise-risk

Eclypsium raised $25M for firmware security. A compromised security scanner and ongoing IoT campaigns add context. Enterprise security that stops at the OS is leaving a meaningful gap below it.

Read More

Dark Web Infrastructure Is Getting Harder to Monetize

John Z Black Mar 21, 2026

Policy, Law & Governance #dark-web #law-enforcement #operation-alice #unicredit #cybercrime #infrastructure-seizure

Operation Alice took down 373,000 dark web sites. European prosecutors indicted three for the UniCredit breach. The pattern: law enforcement is attacking the infrastructure layer, not just individual offenders.

Read More

AI Fraud Hits the Charts: What the Streaming Bot Conviction Really Means

John Z Black Mar 21, 2026

AI Security #ai #fraud #streaming #spotify #platform-abuse #bot-detection #criminal-conviction

A North Carolina musician pleaded guilty to collecting millions in fraudulent streaming royalties using AI-generated music and bot accounts. The scam worked for years. That's the part worth understanding.

Read More

Smuggled Silicon: The DOJ Case That Puts AI Export Controls in the Spotlight

John Z Black Mar 21, 2026

Policy, Law & Governance #ai #export-controls #china #doj #supply-chain #national-security #hardware #policy

Three men charged with smuggling US AI hardware to China represent the first major criminal test of export control law applied to high-performance compute. The era of treating AI export controls as background noise is over.

Read More