March 26, 2023

TSD #034: Bombs in USB sticks 🤯

3 mins

Hello friend 👋

I hope you are keeping well! Spring is well and truly here in glorious Edinburgh. However, this week we will see -3 celsius/26 fahrenheit for a day! Super weird! I'm getting back into the rhythm of creating video content. Having baby number two threw me off a little, but I'm back in form again!

This week's cyber news:

Journalists targeted with bombs in USB sticks.

I thought I'd seen it all until I saw this. Narco-terrorists in Ecuador sent USB sticks with tiny amounts of explosives inside them to journalists. A journalist put it in their computer, and it exploded in their face. Unreal. Read more.

Ferrari's customer data is being held to ransom.

Ferrari is in a bit of a pickle with a ransomware gang that claims to have stolen some of their customer data. This data would be useful for hackers and car thieves alike! I think my next car will be a Volvo EX90 instead. Read more.

Pwn2Own contest nets 27 zero days.

Contestants disclosed 27 unique zero-days and won a combined $1,035,000 (and a car)! They pwned everything: Tesla Model 3, VirtualBox, Windows, Ubuntu, macOS and more. Brutal. A nice reminder that cybersecurity isn't real; cyber insecurity is. Read more.


Fun Things

📽️ My latest video

This week's video was fun to make. You'll learn some imagery intelligence techniques and you'll learn where Sherlock Holmes likes to hang out when he's in New York City!

🎥 New Equipment

I've made two productivity-boosting acquisitions recently:

​Sony ZV E10​

Thankfully Sony's ability to make a camera is better than their ability to give it a memorable name! I've been using my Leica Q2 to shoot most of my YouTube videos, the quality is insane, but it's just tricky to use in this way. The Sony has a pop-out screen, unrivalled eye-tracking autofocus, and a clever product focus capability. For the price...it's the perfect vlogging camera. Check it out on Amazon.

Logitech MX Keys Mini​

I've mostly used Apple keyboards over the years. Recently I ventured off the map and bought a full-size multi-device keyboard. It didn't work out. My right shoulder was taking a beating when using the mouse. So I've bought a Logitech keyboard and honestly: it's awesome. Solid build, has nice keys, and is not too wide! Check it out on Amazon.

👾 Cool Tools
​Decider​

A tool by CISA to help analysts map adversary behaviour to the MITRE ATT&CK framework. Decider makes creating ATT&CK mappings easier by walking users through the mapping process. Useful for incident responders and CTI folk alike.

​Comparitech's Ransomware Tracker​

An incredibly useful website for tracking the latest attacks in the ransomware landscape. Updated daily, covering the entire globe. And totally FREE! You don't even need to login. Refreshing!

‍

See you next week,

Gary

Say hi 👋 on Twitter or LinkedIn

☎️ Book a 1:1 call with me

‍

👋 Ways I can help you

  1. ​Sponsor this newsletter - get in front of 1,500+ infosec readers.
  2. Get daily cyber news - LinkedIn, Twitter, or Telegram.
  3. ​Cyber Career Course - the fastest way to a career in cybersecurity.
  4. ​Take a workshop - learn essential skills to create content.
  5. Have me speak at your event.