John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Mostly security stuff...
Make sure you check out my main blog at https://gnerdsec.com/blog
Hackers Used Stryker's Own IT Tool to Nuke Its Entire Device Fleet
An Iranian-linked group called Handala reportedly hijacked Microsoft Intune and wiped Stryker's devices at scale. The tool designed to secure their fleet became the weapon that destroyed it.
Read More
Telus Digital Got Breached and Nobody's Talking About What They Actually Handle
Telus Digital confirmed a data breach after a hacker claimed one petabyte of stolen data. The petabyte number is probably inflated. The real story is what Telus Digital handles on behalf of major enterprise clients.
Read More
Storm-2561: Googling Your VPN Download Just Became a Security Risk
Microsoft exposed Storm-2561, a threat actor using SEO poisoning to serve fake VPN downloads that steal corporate credentials. The attack requires zero phishing emails. Just a search engine.
Read More
China's Been Quietly Spying on Southeast Asian Militaries for Years
Unit 42 documented a suspected Chinese state-sponsored espionage campaign with years of undetected access to military networks across Southeast Asia. This is what patient intelligence collection looks like.
Read More
After the 'Worst Telecom Hack in History,' Washington Is Already Moving On
Salt Typhoon was called the most significant cyberattack on US telecom infrastructure ever. Policy reform momentum is stalling. Congress is more interested in restricting FBI surveillance than fixing the infrastructure that got hacked.
Read More
The SocksEscort Takedown: Your Linux Server Might Be Someone Else's Criminal Proxy
US authorities dismantled SocksEscort, a proxy-for-hire botnet built on silently infected Linux devices. Here's why this takedown matters more than it seems, and why 'it's Linux, it's fine' isn't a security posture.
Read More