Sunday, December 04, 2022

What I am Reading 12/4/2022

Common Supply Chain Challenges (flowchart)

https://www.linkedin.com/feed/update/urn:li:activity:7002550665881214976/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A7002550665881214976%2C7002675978879598592)&dashCommentUrn=urn%3Ali%3Afsd_comment%3A(7002675978879598592%2Curn%3Ali%3Aactivity%3A7002550665881214976)&origin=COMMENTS_BY_YOUR_NETWORK

How Capitalism—Not a Few Bad Actors—Destroyed the Internet


https://www.bostonreview.net/articles/how-capitalism-not-a-few-bad-actors-destroyed-the-internet/

Online Safety Bill: Plan to make big tech remove harmful content axed


https://www.bbc.com/news/technology-63782082?at_medium=RSS&at_campaign=KARANGA

How to build a public profile as a cybersecurity pro


https://www.csoonline.com/article/3680390/how-to-build-a-public-profile-as-a-cybersecurity-pro.html#tk.rss_all

What Every Enterprise Can Learn From Russia’s Cyber Assault on Ukraine

https://www.darkreading.com/microsoft/what-every-enterprise-can-learn-from-russia-s-cyber-assault-on-ukraine

7 free cybersecurity resources you need to bookmark


https://www.helpnetsecurity.com/2022/11/28/7-free-cybersecurity-resources-you-need-to-bookmark/

The 5 Core Principles of the Zero-Trust Cybersecurity Model

https://www.imperva.com/blog/5-core-principles-of-zero-trust/

Cisco ISE Vulnerabilities Can Be Chained in One-Click Exploit


https://www.securityweek.com/cisco-ise-vulnerabilities-can-be-chained-one-click-exploit

US bans Chinese telecoms imports – won't even consider authorizing them

https://www.theregister.com/2022/11/27/fcc_china_equipment_authorization_ban/

Using Hardware Logic to Protect Critical Infrastructure

https://www.forcepoint.com/blog/x-labs/hardware-logic-protect-critical-infrastructure

The exodus from Elon Musk’s Twitter has begun. Should the infosec community care?

https://www.scmagazine.com/analysis/careers/the-exodus-from-elon-musks-twitter-has-begun-should-the-infosec-community-care

Mitsubishi Electric PLCs Exposed to Attacks by Engineering Software Flaws

https://www.securityweek.com/mitsubishi-electric-plcs-exposed-attacks-engineering-software-flaws

What the CISA Reporting Rule Means for Your IT Security Protocol

https://thehackernews.com/2022/12/what-cisa-reporting-rule-means-for-your.html

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

https://www.darkreading.com/application-security/one-year-later-log4shell-exposed-attack

Update added 12/4/2022: 

State of Emergency declared, FBI investigating power grid attack in Moore County, sheriff says

https://www.wsoctv.com/news/local/intentional-vandalism-leaves-38000-customers-without-power-moore-county-sheriffs-office-says/SNCENVLP5NH5VCBOEI4G2G5CZY/


If you have Audible I highly recommend this podcast "Operation Paperclip"  which revolves around the takedown of of Shadowcrew.com and then the subsequent return of Albert Gonzalez to credit card fraud via the TJX and Office Depot hacks.  https://www.audible.com/pd/Operation-Firewall-Podcast/B09YMRX5HM?eac_link=w8aV51BMTzPc&ref=web_search_eac_asin_1&eac_selected_type=asin&eac_selected=B09YMRX5HM&qid=uy6QCUZXie&eac_id=140-4680215-3707455_uy6QCUZXie&sr=1-1

No comments: