John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
I haven't yet decided exactly what kind of content I intend to post here. I love cooking and taking pictures so initially I'll probably just share recipes, photos and that kind of thing.
If I really start using the space I may expand on the blog capabilities. For now I'm keeping it quite simple.
The Next Enterprise Exposure Wave: Old Management Surfaces, New Root Paths
An unpatched telnetd with unauthenticated root RCE. Nine critical IP-KVM flaws. A Linux privilege escalation tied to systemd timing. Different CVEs, same underlying problem: forgotten management plumbing.
Read More
Breach Disclosure Lag Is Becoming the Real Story in Financial Supply Chains
The Marquis breach started with a ransomware attack. The damage is still accumulating months later -- not because of what happened technically, but because of how disclosure was handled.
Read More
iPhone Exploit Chains Are Becoming a Market, Not a One-Off
DarkSword iOS exploit capability is showing up across multiple actor sets -- state-linked groups, commercial spyware vendors, and infostealer campaigns. The old 'rare nation-state' framing doesn't hold anymore.
Read More
Zero-Day by Default: Why Cisco FMC Should Reorder This Week's Patch Queue
Interlock operators have been exploiting a Cisco FMC zero-day since January. If you're still sorting patch queues by CVSS score, that's the problem.
Read More
Ransomware Is Getting Less Profitable and More Prolific
Mandiant's latest report shows ransomware payments declining while victim counts hit record highs. The ecosystem isn't dying. It's fragmenting faster than defenders can track.
Read More
Patch Alert: Wing FTP Exploited, Two Patch Tuesday Zero-Days, and a D-Link RCE That Doesn't Need a Login
Three vulnerability disclosures in one week across different parts of the stack. Wing FTP is actively exploited, March Patch Tuesday dropped two zero-days, and D-Link has an unauthenticated RCE in its DNS config.
Read More