Robin's Newsletter - Volume 7
Volume 7 of Robin’s Newsletter covers the year 2024.
November 2024
November 2024
Vol. 7, Iss. 47
Robin’s Newsletter #336
Black Friday scam warning. Microsoft Windows changes announced following CrowdStrike outage. Facebook take down of 2 million pig butchering accounts.
Vol. 7, Iss. 46
Robin’s Newsletter #335
£100M air traffic incident caused by duplicate airport codes. CISA, FBI says China was after wiretap data.
Vol. 7, Iss. 45
Robin’s Newsletter #334
Okta auth bypass for long usernames. Copyright infringement notices used to drop infostealers. Schneider Electric attacker wants payment in baguettes.
Vol. 7, Iss. 44
Robin’s Newsletter #333
Delta sues CrowdStrike for outage. Strava leaks location of French President. JP Morgan ATMs allowed fraudulent withdrawals.
October 2024
October 2024
Vol. 7, Iss. 43
Robin’s Newsletter #332
SEC fines four companies over misleading breach filings. Change Healthcare breach affects over 100M people. Sophos acquires Secureworks for $859M.
Vol. 7, Iss. 42
Robin’s Newsletter #331
Chinese accusations of Intel backdoors. Microsoft loses customer security logs. Hong Kong arrests in multi-milloin deepfake video scams.
Vol. 7, Iss. 41
Robin’s Newsletter #330
Chinese actors compromised major US telcos. Marriott agrees to 20-year FTC settlement.
Vol. 7, Iss. 40
Robin’s Newsletter #329
LockBit arrests. Evil Corp linked to Russian intelligence. Meta Ray Bans used in creepy facial recognition concept.
September 2024
September 2024
Vol. 7, Iss. 39
Robin’s Newsletter #328
Linux CUPS vuln hype. UK railway wifi portal defaced. Kaspersky pulls switchero on US customers.
Vol. 7, Iss. 37
Robin’s Newsletter #327
US dismantles massive Chinese botnet. Confidence testing questions for CISOs. Bumper load of interesting reads.
Vol. 7, Iss. 37
Robin’s Newsletter #326
TfL admits customer data stolen, 17-year-old arrested. UK data centres classified as CNI. Cydea turns 5!
Vol. 7, Iss. 36
Robin’s Newsletter #325
Yubikey's can be cloned. Telegram chief admits 'not enough' done on content moderation. On-going TfL cyber incident.
Vol. 7, Iss. 35
Robin’s Newsletter #324
Telegram CEO charged in France for illegal activity on the platform. Ukraine launches cyber range. Chinese attackers compromise four ISPs.
August 2024
August 2024
Vol. 7, Iss. 34
Robin’s Newsletter #323
US intel says Iran behind Trump campaign hack. Man hacks death register to get out of child support payments. How not to run a phishing test.
Vol. 7, Iss. 33
Robin’s Newsletter #322
Large data set published from US Data broker. Trump campaign blames Iran for leaked emails. Critical zero-click TCP/IP vulnerability in Windows.
Vol. 7, Iss. 32
Robin’s Newsletter #321
CrowdStrike's underwhelming root cause analysis. Progress escapes SEC action. Dutch DPA rules data scraping has no legal basis.
Vol. 7, Iss. 31
Robin’s Newsletter #320
Electoral Commission slammed for 'basic errors'. CrowdStrike faces multiple legal challenges. $75 million record-breaking ransomware payment.
July 2024
July 2024
Vol. 7, Iss. 30
Robin’s Newsletter #319
Changes in the ransomware ecosystem. KnowBe4 hrired a North Korean IT worker. FrostyGoop used to cut heat to 600 homes.
Vol. 7, Iss. 29
Robin’s Newsletter #318
CrowdStrike. What happened. What is means. What can we learn?
Vol. 7, Iss. 28
Robin’s Newsletter #317
AT&T lost call and SMS records from 'nearly all' of its customers. German bans Chinese telco kit. Vulnerability in RADIUS protocol.
Vol. 7, Iss. 27
Robin’s Newsletter #316
Unauthenticated RCE in OpenSSH. ShinyHunters release phone numbers of 33 million Authy users. Japan wins the 'war' on floppy disks.
June 2024
June 2024
Vol. 7, Iss. 26
Robin’s Newsletter #315
TeamViewer says it was compromised by Cozy Bear. Thousands arrested in law enforcement crackdown on scammers. Two critical MOVEit vulnerabilities.
Vol. 7, Iss. 25
Robin’s Newsletter #314
Updates on significant healthcare incidents. US gov bans Kaspersky. Spoofing Microsoft.com emails.
Vol. 7, Iss. 24
Robin’s Newsletter #313
Six years! Wow. Thanks for subscribing 😊 (now go donate blood to help the NHS respond to a ransomware attack)
Vol. 7, Iss. 23
Robin’s Newsletter #312
Ransomware attack at NHS London supplier disrupts operations. Microsoft recalls Recall, promises improved security and privacy. Plus a puzzle for you.
Vol. 7, Iss. 22
Robin’s Newsletter #311
Ticket Master, Santander breached; Snowflake Possibly not? Plus Op Endgame takedown of 100 malware servers.
May 2024
May 2024
Vol. 7, Iss. 21
Robin’s Newsletter #310
Microsoft Recall is a 'privacy nightmare'. UK/China threat not being takn seriously. FBI says Scattered Spiter is ~1,000 people.
Vol. 7, Iss. 20
Robin’s Newsletter #309
NCSC software resilience call-to-arms. Ebury malware and the Linux kernel organisation. Arizona woman's role in North Korean IT worker scheme.
Vol. 7, Iss. 19
Robin’s Newsletter #308
RSA 2024 Recap. New US international cyber strategy. Three fascinating incidents.
Vol. 7, Iss. 18
Robin’s Newsletter #307
Microsoft ties exec pay to security. Change Healthcare paid $22M ransom. The UK bans default passwords for smart tech.
April 2024
April 2024
Vol. 7, Iss. 17
Robin’s Newsletter #306
US tries to force sell-off of TikTok. UnitedHealth says it paid a ransom, 'substantial portion' of America affected. Darktrace agrees deal to go private.
Vol. 7, Iss. 16
Robin’s Newsletter #305
Significant breach at data analytics firm Sisense. UK trade unions targeted. Perfect 10 vulnerability in Palo's GlobalProtect VPN product.
Vol. 7, Iss. 15
Robin’s Newsletter #304
Significant breach at data analytics firm Sisense. UK trade unions targeted. Perfect 10 vulnerability in Palo's GlobalProtect VPN product.
Vol. 7, Iss. 14
Robin’s Newsletter #303
CSRB slams Microsoft over 'preventable' Storm-558 breach that 'should never have occured'.
March 2024
March 2024
Vol. 7, Iss. 13
Robin’s Newsletter #302
Open-source project compromised to allow SSH backdoor. UK, US accuse China of targeting politicians. Facebook AiTM'd users to spy on Snapchat usage.
Vol. 7, Iss. 12
Robin’s Newsletter #301
3 million hotel door locks vulnerable. Esports tournament suspended after compromise. New variant of AcidRain satellite malware discovered.
Vol. 7, Iss. 11
Robin’s Newsletter #300
British Library lessons learned. Personal info of 43 million French citizens may have been leaked. McDonlad's outage caused by third-party configuration error.
Vol. 7, Iss. 10
Robin’s Newsletter #299
ALPHV pulls an exit scam after Change Healthcare seems to make ransom payment.
Vol. 7, Iss. 9
Robin’s Newsletter #298
Change Healthcare outage persists as ALPHV claims responsibility. Morris II GenAI worm. NIST CSF v2 launched.
February 2024
February 2024
Vol. 7, Iss. 8
Robin’s Newsletter #297
LockBit comprehensively pwned by UK, US and EU law enforcement. Leak at Chiense security copmany gives insight into outsourcing of government attacks.
Vol. 7, Iss. 7
Robin’s Newsletter #296
FBI disrupts GRU botnet. Dozens of Romanian hospitals impacted by ransomware. European court rules on encryption backdoors.
Vol. 7, Iss. 6
Robin’s Newsletter #295
No, 3 million toothbrushes didn't DDoS anything. But... Deepfake video used in CFO scam to steal £20 million. TfL has been trialling AI surveillance.
Vol. 7, Iss. 5
Robin’s Newsletter #294
FBI disrupted Volt Typhoon activity. Moody's downgrades UK water sector due to cyber threat. Stolen FTX millions linked to US SIM swapping ring.
January 2024
January 2024
Vol. 7, Iss. 4
Robin’s Newsletter #293
Australia names Medibank attacker. Microsoft comes under criticism for config blunder that let Russia snoop on mailboxes.
Vol. 7, Iss. 3
Robin’s Newsletter #292
Microsoft email accounts compromised by Russian espionage group. Bumper password dump added to HIBP? Gaza phone services out for a week.
Vol. 7, Iss. 2
Robin’s Newsletter #291
SEC Twitter account compromised; used to swing Bitcoin price. Pro-Ukraine group launches retaliatory attack on Russian ISP.
Vol. 7, Iss. 1
Robin’s Newsletter #290
Sandworm was in Kyivstar for at least seven months. British Library will spend 40% of reserves rebuilding after ransomware attack. Mandiant Twitter account compromised.