Best Infosec-Related Long Reads for the Week of 11/2/24
Cops can't keep up with the rise of infostealers, How a third-party script exploited British Airways, Setting up a risk appetite statement, The security threats poised against Smart Grid 2.0
Read more
Some ChatGPT customers' data were exposed by a breach at vendor Mixpanel
Lazarus Group suspected of $30.6m breach of Upbit, Korea's shopping platform Coupang hacked by a former insider to access 30m customers' data, Lazarus Group and Kimsuky are DPRK's most prolific hackers, Korea arrests four for hacking 120K IP cameras, OnSolve CodeRED platform hit by attack, much more
Cyberattack on a critical third-party vendor could expose top banks' customer data
An insider shared internal CrowdStrike screenshots on Telegram, Hackers stole Salesforce-stored data from 200+ companies, DOGE has purportedly disbanded, Harvard is the latest Ivy to get hacked, AI models can sabotage coding projects, Singapore raids scam-connected firm, much more
Best infosec-related long reads for the week of 11/15/25
Scammers who go to unbelievable lengths, How to expose a DPRK hacker seeking IT work, A Kiwi hacker conference installed a literal anti-virus system, Trump is turning his back on supercharged disinformation, How the EU and US acted differently to the Collins Aerospace hack
SEC drops ill-fated cyberattack lawsuit against SolarWinds, CISO
FCC gets rid of Biden-era reporting rules addressing Salt Typhoon intrusions, Cybercrime money laundering network active in the UK bought a bank, Russian intel services funded former Wirecard exec's spy ring, Salesforce probes another third-party cyber incident, NSO appeals judge's ruling, much more