John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
Iran Didn't Need Malware to Cripple Stryker. They Just Used Microsoft Intune.
The Handala group wiped tens of thousands of Stryker devices using the company's own MDM platform. No malware. No exploit. Just admin access and the willingness to press the button.
Read More
Hackers Used Stryker's Own IT Tool to Nuke Its Entire Device Fleet
An Iranian-linked group called Handala reportedly hijacked Microsoft Intune and wiped Stryker's devices at scale. The tool designed to secure their fleet became the weapon that destroyed it.
Read More
China's Been Quietly Spying on Southeast Asian Militaries for Years
Unit 42 documented a suspected Chinese state-sponsored espionage campaign with years of undetected access to military networks across Southeast Asia. This is what patient intelligence collection looks like.
Read More
APT28's Covenant Trick and North Korea's AirDrop Hack: How Nation-States Borrow Their Tools
Russia's APT28 hijacked an open-source red-team tool to hit Ukraine. North Korea's UNC4899 used Apple AirDrop to break into a crypto firm. Both attacks exploit the trust we put in legit software.
Read More
Russian Hackers Are Coming for Your Signal and WhatsApp
Dutch intelligence says Russian state hackers are running a global campaign to hijack Signal and WhatsApp accounts by abusing the linked-device feature. Here's how to check if you're compromised.
Read More
Your AI Assistant Is an Attack Surface Now
Exposed admin panels leaking API keys, prompt injection as a supply chain weapon, fake installer packages on npm, and nation-states using AI to hack at scale. AI agents just became everyone's security problem.
Read More