My SSN was exposed in a breach at Columbia—a school I have no connection with
Columbia admits last year’s data breach exposed victims beyond its students, staff.
找到 677 篇相关文章
Columbia admits last year’s data breach exposed victims beyond its students, staff.
Who I Am I’m neo4 — a red teamer with ~3 years of offensive security experience, a hardcore Linux/Arch culture operator, and a Python developer who thrives in the terminal. My workflow is pure hacker logic: OPSEC first, root‑level control always. I’ve been recognized by Disney’s Vulnerability Disclosure Program for responsible disclosure, and I build tools that merge hacker culture with AI. Why I Built Cyber SH Agent Most AI tools today are cloud‑locked, API‑dependent, and surveillance‑heavy. That doesn’t fit hacker culture. So I built Cyber SH Agent — an offline AI CLI operator that runs locally, no servers, no API keys, no data leaks. Repo: https://github.com/neo4-svg/cybersh.git 🔧 Core Features Agent Mode → AI controls your CLI with system access. Sec Mode → Bug bounty & penetration testing expert. Vibe Mode → Creative coding & UI/UX assistance. Code Mode → Production‑ready code generation. Chat Mode → General AI assistant. All 100% offline — runs GGUF models via llama-cpp-python. No servers, no API keys, no data leaving your machine. hope you like it!
Hackers are convincing Meta’s AI support chatbot to let them take over other peoples’ accounts: A video posted on X showed the step-by-step process to hack someone’s Instagram account. The hacker allegedly used a VPN to spoof the targets’ presumed location to avoid triggering Instagram’s automated account protections. Then, the hacker opened a chat with Meta AI Support Assistant and asked the bot to add a new email address to the target’s account. The chatbot can be seen sending a verification code to the email address provided by the hacker; the hacker then shares the verification code with the chatbot, which prompts the chatbot to show a button to “Reset Password.” The hacker enters a new password and takes over the victim’s account...
As part of the GitHub Copilot Challenge, I revisited one of my older cybersecurity notes on Authentication Failures and transformed it into a clear, structured, and SOC‑focused write‑up. This challenge helped me improve my technical writing, organise my thoughts, and explain concepts in a more human, readable way. * BEFORE GITHUB SCREENSHOTS: * AFTER GITHUB SCREENSHOTS: What I Improved I rewrote my entire explanation of authentication failures, focusing on: Token leakage Weak or missing MFA Poor session management Brute force & credential stuffing Misconfigured OAuth / SSO I also added SOC detection examples to make the content more practical and relevant for blue‑team work. How GitHub Copilot Helped GitHub Copilot supported me by: Suggesting clearer explanations Expanding short bullet points into meaningful content Helping me structure the write‑up Improving readability and flow Encouraging a more human, natural tone GitHub Repository Here is the updated write‑up in my repo: https://github.com/sujalavnelavai/Cybersecurity-Notes/blob/main/OWASP-Authentication-Failures/README.md Final Thoughts This challenge helped me understand authentication failures more deeply from a SOC and IAM perspective. It also improved my documentation skills — something extremely important for cybersecurity roles. I’m proud of the transformation and excited to continue building my cybersecurity learning notes.
AWS Face Liveness has native SDKs for iOS and Android. That works well if you are building fully...
The company is also introducing a new age verification process in partnership with a European bank.
MD5 Is Broken — Stop Using It for Passwords (Use SHA256 Instead) MD5 was invented in 1991. It's 2026, yet I still see developers using MD5 for password hashing in production systems. Let’s break down why this is dangerous and what you should use instead. What Is a Hash Function? A hash function takes any input and produces a fixed-length output called a digest or hash . It is a one-way function , meaning you cannot reverse it to get the original input. Example: ```text id="hash1" Input: "password123" MD5: 482c811da5d5b4bc6d497ffa98491e38 SHA256: ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f Even a small input change completely changes the output. --- # Why MD5 Is Broken MD5 generates a **128-bit hash**, which was considered secure decades ago. Today, it's extremely weak. Modern GPUs can compute **billions of MD5 hashes per second**, making brute-force attacks trivial. --- ## The Rainbow Table Problem Attackers use precomputed databases called **rainbow tables**. These tables map common passwords → their hash values. So if you hash: ```text "password123" → MD5 → known value An attacker can instantly look it up. Collision Vulnerabilities Researchers have demonstrated that two different inputs can produce the same MD5 hash . This breaks the core security guarantee of hash functions. SHA256 — The Better Choice SHA256 produces a 256-bit hash and is part of the SHA-2 family. It is currently considered cryptographically secure. Example: ```text id="sha1" "hello" → 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 Even tiny changes completely change the output: ```text "hello" → 2cf24dba... "Hello" → 185f8db3... But Wait — Don’t Use SHA256 for Passwords Either This is where many developers make a mistake. SHA256 is not suitable for password hashing . Why? Because it is too fast . Fast hashing allows attackers to brute-force passwords quickly using GPUs. What You Should Use Instead For password storage, use: bcrypt scrypt Argon2 (recommended
Kubernetes is the industry standard for scaling cloud-native workloads While it offers tremendous scalability and flexibility, securing Kubernetes environments remains a significant challenge. Organizations often rely on a collection of disconnected security tools to handle vulnerability scanning, runtime monitoring, compliance validation, and incident response. As clusters grow in complexity, security teams face increasing alert fatigue, delayed response times, and difficulties correlating security events across multiple layers of the platform. Recent advancements in Agentic AI present an opportunity to rethink Kubernetes security. Instead of relying solely on static rules and isolated security products, organizations can deploy a collaborative network of AI-powered security agents that continuously monitor, investigate, and remediate threats. This blog explores how a Multi-Agent Security Framework can transform Kubernetes security operations through autonomous detection, investigation, and remediation. The Problem with Traditional Kubernetes Security Modern Kubernetes environments generate security signals from multiple sources: Runtime security tools Container vulnerability scanners Admission controllers Network monitoring systems Compliance platforms Cloud security posture management tools Each system produces valuable information, but most operate independently. Consider a common scenario: A container begins executing suspicious commands. A runtime security platform detects the behavior and raises an alert. However, determining whether the threat is critical requires additional context: Is the pod exposed externally? Does the workload have excessive privileges? Can it access sensitive namespaces? Is lateral movement possible? Does it violate organizational policies? Answering these questions often requires multiple tools and human intervention. This is where multi-agent systems become valuable. What is a Multi-Agent Security Framework? A Multi-Agent Security Fr
A security firm called PromptArmor published a writeup on May 27, 2026 showing that ChatGPT for Google Sheets, an OpenAI extension with more than 185,000 downloads, could be made to steal a user's spreadsheets through a single ordinary-looking request. Four days later, on May 31, OpenAI shipped a fix. The short version is that one benign question, typed by a real user into a sheet that contained hidden instructions, was enough to drain twelve linked workbooks out of that user's account and replace the assistant with a fake phishing chatbot. I want to walk through how this worked, because the mechanism matters far more than the headline, and because the same shape of problem is going to keep showing up everywhere we bolt an AI assistant onto data we did not write ourselves. What happened The attack is a textbook indirect prompt injection. The user does nothing wrong. They import a sheet, or pull in data through a connector, and somewhere in that data sits a block of text the attacker controls. In the PromptArmor demonstration the malicious instructions were written in white text on a white background, invisible to a human skimming the sheet but fully readable to the model parsing the cells. When the user later asks the assistant a normal question, the model reads the whole context, including those hidden instructions, and treats them as if they came from the user. The injected text tells the assistant to fetch and run an external script. That script runs with the permissions the extension already holds, which means it can read the current workbook, find URLs to other workbooks linked inside it, and walk outward from there. PromptArmor reported it exfiltrating twelve workbooks in total from a single trigger, then dropping a fake chat interface on top to harvest whatever the user typed next. The detail that should bother you most is this line from their report: the attack succeeds even when the user has explicitly disabled automatic edits. The human-in-the-loop approva
Draw the boundary first. Then write Terraform. A federal customer was ready to procure. The architecture was not. This is a redacted write-up of a real engagement: a FedRAMP Moderate authorization boundary built on AWS GovCloud for an AI SaaS vendor selling into federal buyers, against a customer-driven timeline tied to a fiscal year. The context The client ran production on commercial AWS with a strong engineering culture, modern Terraform practice, and zero prior federal experience. A federal customer had committed to procurement contingent on a FedRAMP Moderate path, with an aggressive deadline. The internal team understood the application deeply and had read enough FedRAMP material to know they were in trouble. The architecture decisions that worked beautifully for commercial customers each failed boundary review: shared accounts with the commercial environment a hosted vector store outside the cloud OpenAI behind the application an observability stack running outside the cloud account The remediation list grew faster than the team could keep up with, and the timeline did not move. They reached out for boundary architecture help. Not policy writing, not 3PAO selection. Engineering work to redesign the cloud footprint so the boundary could be drawn cleanly and the assessment could proceed. The approach: boundary before Terraform The most common FedRAMP failure pattern is to start with the existing environment and try to bend it to fit the boundary. We do not do that. The first deliverable was a boundary diagram drawn from scratch, before any IaC was touched, identifying every service inside, outside, and at the edge of the authorization boundary. From the boundary, every other architectural decision derived. The Terraform module library was written against the boundary, not the existing accounts. Identity federation, network architecture, KMS topology, and logging all followed. ┌─────────────────────────── FedRAMP Moderate Boundary (AWS GovCloud) ────────────────
Security advisory leaves out key details. Dashlane maintains complete silence.
The message looked completely normal. A recruiter, a short pitch, a "take-home challenge" hosted on GitHub. Clone it, run npm install , get the dev server up, build a small feature, send it back. Standard stuff. I have done a dozen of these. This one was trying to steal my wallet keys and browser session data before I ever wrote a line of code. It did not hide the malware in the app. It hid it in the build tooling. That is the whole trick, and it is the reason a lot of experienced developers get caught. You read src/ , it looks fine, so you trust it. Nobody reads the lockfile. Nobody reads the postinstall script. That is exactly where the payload lives. Here is the full teardown: what the lure looks like, the exact red flags, how I investigated it without running it, and the defenses you should adopt today. The setup: Contagious Interview This is a known campaign. Security researchers track it as "Contagious Interview," attributed to North Korea-aligned actors. The pattern is consistent: You get contacted about a job, often blockchain or full-stack, often with a salary that is a little too good. You are given a code repository to clone and run as a "technical assessment." The repo runs malicious code at install or build time, not at runtime. The payload pulls a second-stage downloader, grabs your environment variables, crypto wallet files, browser-stored credentials, and keychain data, then exfiltrates them to a remote host. The genius of it is the framing. A normal developer reflex when running untrusted code is "I will read the code before I trust it." But you read the application code. You do not read what npm install does, because npm install is something you run a hundred times a week without thinking. Red flag 1: a postinstall script that does not belong The first thing I do with any unfamiliar repo is open package.json and read the scripts block. Specifically, I look for lifecycle hooks: preinstall , install , postinstall , prepare . These run automatically w
Four people suing Elon Musk's AI firm under pseudonyms due to the risks of being identified may face a difficult choice: Reveal your real names, or drop the lawsuit.
The breach at wearable ring maker Ultrahuman stemmed from credentials stolen from a malware-infected employee laptop.
Hackers appeared to take over victims’ accounts even after Meta said it fixed its AI-powered support chatbot, which granted hackers access to victims’ accounts.
Syndicated from the FavCRM blog . The number that predicts whether an agent is safe to let loose isn't the tool count. When people compare agentic CRMs, they count tools. The number that actually predicts whether an agent is safe to let loose is a different one: annotation coverage . An MCP tool annotation tells the agent what a tool does to the world — whether it reads or mutates, whether it's safe to retry, whether it reaches an external service. Without annotations, the agent is guessing. This is what they are, and why a catalog's annotation coverage matters more than its tool count. What an MCP annotation is Every MCP tool can carry hints alongside its input and output schemas: readOnlyHint — the tool only reads; it changes nothing. Safe to call freely. destructiveHint — the tool mutates or deletes. The agent should confirm before calling. idempotentHint — calling it twice with the same input has the same effect as once. Safe to retry on a timeout. openWorldHint — the tool reaches an external service (sends an email, charges a card), so its effects leave the system. These are not documentation for humans. They are machine-readable signals the agent reasons over before it acts. Why they prevent the worst failures The dangerous class of agent failure is not "the agent couldn't do something." It's "the agent did the wrong destructive thing because it misread an ambiguous instruction." Delete the customer instead of the tag. Refund the wrong invoice. Cancel every booking instead of one. Annotations let the agent self-gate. A well-annotated catalog means the agent calls list_members without ceremony but pauses to confirm before cancel_booking , because one is marked read-only and the other destructive. Pre-MCP function-calling had no equivalent — every tool looked the same to the model, so safety lived entirely in the prompt. Why coverage matters more than count A 190+ tool catalog with 100% annotation coverage is safer than a 30-tool catalog with none. A tool that l
Two rules that can't both be true Event sourcing has one rule: you never delete. You append. The log is the source of truth, and rewriting history is the cardinal sin. GDPR Article 17 has one rule too: when a user asks, you erase their personal data. Not "hide it," not "flag it deleted" — erase it, everywhere, including backups. Put an event-sourced system in front of a privacy regulator and those two rules collide head-on. The user's name, email, and address are baked into CustomerRegistered , AddressChanged , OrderPlaced — dozens of immutable events, replicated to read models, snapshotted, and sitting in every nightly backup you've ever taken. "Just delete the events" breaks event sourcing. "Never delete" breaks the law. Most teams discover this tension after they've committed to append-only. A word on why this isn't academic for me. I build from Germany. Article 17 is EU law — the GDPR, or DSGVO as we call it here — not a German invention, but Germany enforces it about as hard as anywhere in Europe: regional data-protection authorities that issue real fines, and "we were careful" has never been a defense that held up. That pressure is exactly why I wanted erasure to fall out of the architecture instead of being a promise I make to an auditor and then pray I can keep. Why "delete the row" doesn't actually erase anything Say you give in and hard-delete the events for one user. You've still got their data in: every read-model projection rebuilt from those events, every snapshot that rolled them up, every backup taken before the deletion, every replica and every export that already left the building. Chasing personal data across all of those, provably, on a 30-day regulatory clock, is a nightmare — and a single missed backup tape means you didn't comply. Physical deletion doesn't scale to a system designed to keep everything forever. Crypto-shredding: delete the key, not the data The trick is to stop trying to delete the data and instead delete the ability to read it
The Hook: The 48-Hour Re-Infection Nightmare It’s a scenario that keeps e-commerce founders and agency directors awake at night: You wake up to a critical alert that your flagship WordPress site is redirecting users to a spam domain. You immediately deploy a premium security plugin, run a deep scan, quarantine three suspicious files, and breathe a sigh of relief. The scanner gives you a green checkmark. You're safe. Then, exactly 48 hours later, the redirects return. What went wrong? The automated scanner checked the surface, but the attacker had already established a foothold deeper in the architecture. They didn't rely on a loose PHP file in your uploads directory; instead, they weaponized an overlooked, unauthenticated WordPress REST API endpoint to re-inject the payload the moment your scanner turned its back. When high-value enterprise sites are compromised, treating the symptoms with standard security plugins is like putting a band-aid on a structural fracture. To truly remediate a persistent infection, you must think like a forensic analyst, hunt down hidden persistence mechanisms, and harden the application perimeter. The Anatomy of Persistence: Where Malware Hides Modern WordPress malware is sophisticated. Attackers know that standard security tools look for modified core files or rogue scripts in the /wp-content/plugins/ directory. To survive cleanups, they embed themselves into the core infrastructure of your site using three primary vectors: 1. wp-config.php Pre-Loading Attackers frequently inject obfuscated code directly into the top of wp-config.php . Because this file executes before the rest of the WordPress core loads, malware can hook into the initialization process, silently recreating deleted malicious files every time a page is requested. 2. Malicious Must-Use (MU) Plugins Files placed in /wp-content/mu-plugins/ are executed automatically by WordPress and cannot be disabled from the admin dashboard . Attackers love this directory. They will ofte
From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging security incidents and data breaches of 2026.
Every detection vendor ships a MITRE ATT&CK heatmap, and every one of them is mostly green. Broad coverage, techniques lit up across the board, a reassuring wall of color in the sales deck and the board slide. It's the universal flex. We cover the matrix. Then you parse the actual rules – the real YAML in the public repo, not the marketing layer on top of it – and the green collapses into three tactics. Everyone covers execution and persistence. Almost nobody covers discovery, lateral movement, or collection. The heatmap wasn't measuring coverage. It was counting rules, and counting them in a way designed to look complete. What a green cell actually means A green cell in a Navigator layer means one thing: at least one rule somewhere references that technique tag. That's it. Not "we detect this reliably." Not "this fires on real attacks and stays quiet otherwise." Not "this survives an attacker who knows the rule exists." One rule that names the technique in its metadata turns the cell green, and forty rules turn it the same shade. Unless the layer is scored by rule count – and most published heatmaps aren't – one and forty are indistinguishable. I've written before that an untested detection isn't a detection, it's a query that runs on a schedule. The heatmap is the same lie one level up. A green matrix isn't coverage. It's a wall of queries that run, rendered in a color that means "present," dressed up as a color that means "protected." The vendor knows the difference. The buyer staring at the green doesn't. You can measure the real shape yourself Here's the part the heatmap marketing depends on you not doing: the rules are public, and you can count them. SigmaHQ, Elastic's detection-rules, Splunk ESCU, Panther, Sublime – all on GitHub, all tagged with attack.TXXXX technique IDs and tactic tags in the rule metadata. The method is boring on purpose. Walk the rule directories. Pull the ATT&CK tags out of each rule. Aggregate by technique, roll the technique counts up