Join us on January 28th at 10 AM PST for a captivating fireside chat where storytelling meets cloud innovation. Forrest Brazeal—acclaimed cloud architect, author, and the creative mind behind cloud computing's most beloved cartoons—teams up with Rubrik’s Chief Business Officer, Mike Tornincasa to explore the evolving challenges of data protection in a multi-cloud world.

Welcome to another_secpro!

We've run through the biggest stories over the festive period, looked ahead to the best conferences this year has to offer, and explored the best tools that we played with like they were our Christmas presents. There's something for everyone and we're making sure thatyouget whatyou need to do the best you can in your job.

And with that, we're going to jump straight in!

As always, make sure to check out the templates, podcasts, and other stuff on ourSubstackand access the very best that we have to offer. You might even learn something!

Cheers!
Austin Miller
Editor-in-Chief

Of course, we're not letting you go away empty handed. He's a little bit from the previous season of the podcast, ready for the next season's start in the next few weeks. Something to keep you out of trouble!

Bruce Schneier - FBI Deletes PlugX Malware from Thousands of Computers: "According to a DOJpress release, the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks. Details: "To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group.According to the FBI, at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023..."

Bruce Schneier - Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme: "Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content."

Bruce Schneier - Apps That Are Spying on Your Location: "404 Media and Wired arereporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: "The thousands of apps,included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS..."

Bruce Schneier - The First Password on the Internet: "It wascreated in 1973 by Peter Kirstein: "So from the beginning I put password protection on my gateway. This had been done in such a way that even if UK users telephoned directly into the communications computer provided by Darpa in UCL, they would require a password. In fact this was the first password on Arpanet. It proved invaluable in satisfying authorities on both sides of the Atlantic for the 15 years I ran the service ­ during which no security breach occurred over my link. I also put in place a system of governance that any UK users had to be approved by a committee which I chaired but which also had UK government and British Post Office representation." I wish he’d told us what that password was.

Krebs on Security - Microsoft: Happy 2025. Here’s 161 Security Updates: "Microsoft... unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017."

Krebs on Security - A Day in the Life of a Prolific Voice Phishing Crew: "Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices."

Krebs on Security - U.S. Army Soldier Arrested in AT&T, Verizon Extortions: "Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea."

Krebs on Security - Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm: "Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey."

Bipan101/Phishing-Site-Detector: A JavaScript-based browser extension that detects and blocks phishing sites, protecting users from malicious links.

codeesura/Anti-phishing-extension: Safeguard your online experience with Anti-Phishing Extension! This extension is meticulously developed to protect users from potential phishing attacks by actively scanning the websites visited in real-time. It employs an updated blacklist to cross-check each website and promptly alerts users if a potential threat is detected, enhancing.

julioliraup/Antiphishing: Suricata rulesets for protecting against phishing attack.

phishai/phish-protect: Chrome extension to alert and possibly block IDN/Unicode websites and zero-day phishing websites using AI and Computer Vision.

phished-co/phished_web_app: Protect your friends and family from phishing attacks by phishing them yourself.

Already, we've plunged back into the never ending conveyer belt of conference after conference (for those of you lucky enough to attend the Intersec meeting in Dubai, let us know how it went!). If you've started the year on the wrong foot, you might think you're already behind the pace of the industry and only have a difficult year battling with newer, more esoteric adversaries than ever before.

Here are the five conferences we're looking forward to the most this year (in no particular order...) and how you can get involved to boost your posture!

RSA Conference (28th April - 1st May): The RSA Conference is a cornerstone of the global cybersecurity calendar. Known for its comprehensive content tracks, this conference addresses everything from cloud security to zero-trust architectures. The event also features an innovation sandbox, where start-ups showcase breakthrough technologies.

CyberUK (6th-7th May): Organised by the UK’s National Cyber Security Centre (NCSC), CyberUK is the government’s flagship cybersecurity event. It brings together security leaders, policymakers, and industry professionals to discuss pressing cybersecurity issues. With a strong focus on collaboration and innovation, CyberUK is a hub for public and private sector expertise.

DSEI (9t-12th September): DSEI stands out as a global platform that bridges defence, security, and cybersecurity. With its broad focus on cutting-edge technologies, this event is critical for those involved in national defence, law enforcement, and private security. Cybersecurity is a prominent theme, with sessions addressing both offensive and defensive cyber strategies.

Defcon (7th-10th August): Defcon is a legendary event in the hacker and cybersecurity communities. Known for its hands-on approach, Defcon offers interactive workshops, capture-the-flag contests, and discussions on emerging threats. The conference is ideal for those looking to immerse themselves in technical aspects of cybersecurity.

Black Hat (2nd-7th August): Black Hat USA is synonymous with advanced security training and research. This premier event features technical briefings, hands-on workshops, and sessions led by global security experts. Attendees can explore the latest trends in penetration testing, malware analysis, and defensive techniques, making it a must-attend for cybersecurity professionals.