my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog

Mostly security stuff...

Make sure you check out my main blog at https://gnerdsec.com/blog

Your Antivirus Is Harvesting Passwords Now: BlueHammer Hits CISA KEV

John Z Black Apr 23, 2026

Vulnerabilities & Patching #microsoft #windows-defender #bluehammer #cve-2026-33825 #zero-day #cisa-kev #credential-theft #endpoint-security

The BlueHammer flaw has moved from a research curiosity to an active threat. This Windows Defender zero-day turns your security software into a password harvester by exploiting a race condition to steal credentials. CISA says patch now.

Read More

The Devices China Already Owns: Pre-Positioning for Future Conflict

John Z Black Apr 23, 2026

Threat Intelligence #china #volt-typhoon #flax-typhoon #cisa #ncsc #covert-network #pre-positioning #critical-infrastructure

China's state actors aren't just hacking networks; they're acquiring real estate. A massive joint advisory reveals how covert device networks are being pre-positioned inside everyday hardware like routers and NAS devices, waiting for the right moment to be activated.

Read More

The Billion-Dollar Bill: Why the Cost of a Breach Never Ends

John Z Black Apr 22, 2026

Incidents & Breaches #breach-cost #mgm #unitedhealth #sec-fine #settlement #ransomware #healthcare

A major breach cycle only lasts a week in the news but can last five years on the balance sheet. UnitedHealth spent $3.1 billion before the SEC fine even landed.

Read More

Management Planes: The Internet's Industrialized Front Door

John Z Black Apr 22, 2026

Vulnerabilities & Patching #management-plane #beyondtrust #palo-alto #cisco #sdwan #zero-day #rce #industrialized-attack

Hackers have stopped chasing individual servers. They are after the tools that manage thousands of them at once. BeyondTrust, Palo Alto, and Cisco are the current bulls-eye.

Read More

The Ephemeral Illusion: Why the Cloud Sandbox is not a Safe Zone

John Z Black Apr 22, 2026

Security Operations & Resilience #cloud-security #azure #aws-lambda #sandbox-escape #serverless #containers #iam

We have been told that serverless environments are secure because they are temporary. New research on Azure and AWS Lambda proves that attackers are learning how to live in the layer underneath.

Read More

The End of Optional Security: Snowflake and the Global ID Fallout

John Z Black Apr 22, 2026

Privacy & Digital Rights #mfa #snowflake #identity #breach #france #canada-life #saas-security

Snowflake is making MFA mandatory for all new users this May. It is a massive policy shift that marks the end of the choice to be insecure in a high-risk world.

Read More