John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Machine-Speed Dwell Time: The Bot-Powered Recon of 'The Gentlemen'
A massive 1,570-host botnet linked to The Gentlemen ransomware has been unburied. These attackers are using automated proxy infrastructure to scout corporate networks before you even know they are there. Dwell time just got industrialized.
Read More
It Was a Good Week to Be a Federal Prosecutor
Two cybercrime sentences landed in the same week: 81 months for the access broker who sold entry into Yanluowang's victims, and 2 years for the operator of the Mario Kart botnet that extorted more than 70 US companies.
Read More
31.4 Terabits in 35 Seconds: Cloudflare's New Threat Report Shows Attacks Have Gone Industrial
Cloudflare's 2026 threat report documents a record-breaking 31.4 Tbps DDoS attack and reveals that 94% of bot-driven login attempts now bypass MFA by stealing session tokens instead of passwords.
Read More
The 31.4 Tbps Botnet Crackdown Signals a New DDoS Enforcement Phase
US, German, and Canadian authorities dismantled four major DDoS botnets spanning 3 million IoT devices and record-setting attacks. The how matters as much as the what.
Read More
Botnet Takedown at Massive Scale: Good News, Short Window
New scale confirmation makes this takedown meaningful, but defenders only win if they use the brief recovery window to harden fast.
Read More
The SocksEscort Takedown: Your Linux Server Might Be Someone Else's Criminal Proxy
US authorities dismantled SocksEscort, a proxy-for-hire botnet built on silently infected Linux devices. Here's why this takedown matters more than it seems, and why 'it's Linux, it's fine' isn't a security posture.
Read More
The Edge Is the Front Line: FortiGate, ASUS Routers, and the War on Network Perimeters
Enterprise firewalls and consumer routers are getting hammered. FortiGate credential theft and the KadNap botnet show the same failure at the network edge.
Read More