Steve Puluka
@spuluka.bsky.social
đ¤ 239
đĽ 151
đ 1012
Network & Security Engineer / Cantor & Religious Education Instructor
http://puluka.com/home
The Python team at PyPI are changing procedures to detect when domain resurrection attacks are occurring in the eco system. These take over abandoned domains and use this to add malware to well known tools.
blog.pypi.org/posts/2025-0...
loading . . .
Preventing Domain Resurrection Attacks - The Python Package Index Blog
PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over PyPI accounts through password r...
https://blog.pypi.org/posts/2025-08-18-preventing-domain-resurrections/
about 20 hours ago
0
0
0
Interesting run down on how a threat actor is compromising domains on Snap Publisher in order to distribute malware.
blog.popey.com/2026/01/malw...
loading . . .
Malware Peddlers Are Now Hijacking Snap Publisher Domains
tl;dr: Thereâs a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have change...
https://blog.popey.com/2026/01/malware-purveyors-taking-over-published-snap-email-domains/
2 days ago
0
0
0
Interesting deep dive into the VoidLink Linux malware by Sysdig
www.sysdig.com/blog/voidlin...
loading . . .
VoidLink threat analysis: Sysdig discovers C2-compiled kernel rootkits | Sysdig
The Sysdig threat research team analyzes VoidLink, a Linux malware framework using C2-compiled kernel rootkits, eBPF stealth, and adaptive evasion techniques.
https://www.sysdig.com/blog/voidlink-threat-analysis-sysdig-discovers-c2-compiled-kernel-rootkits
3 days ago
0
0
1
Interesting report from Socket Security on 5 malicious Google Chrome extensions that hijack sessions to major ERP platforms. Fortunately on about 2k users were affected before they were removed.
socket.dev/blog/5-malic...
loading . . .
5 Malicious Chrome Extensions Enable Session Hijacking in En...
Five coordinated Chrome extensions enable session hijacking and block security controls across enterprise HR and ERP platforms.
https://socket.dev/blog/5-malicious-chrome-extensions-enable-session-hijacking
4 days ago
0
0
0
New open source tool from Splunk researcher Michael Haag called ADTrapper. This performs analysis on Microsoft AD logs looking for traces of exploits in progress.
github.com/MHaggis/ADTr...
loading . . .
GitHub - MHaggis/ADTrapper: Hunt Smarter, Hunt Harder
Hunt Smarter, Hunt Harder. Contribute to MHaggis/ADTrapper development by creating an account on GitHub.
https://github.com/MHaggis/ADTrapper
5 days ago
0
0
0
The next
#AI
updates to Apple Siri will be coming from Google Gemini. Another sign that OpenAI is loosing ground in the assistant race.
blog.google/company-news...
loading . . .
Joint statement from Google and Apple
Apple and Google have entered into a multi-year collaboration under which the next generation of Apple Foundation Models will be based on Google's Gemini models and clouâŚ
https://blog.google/company-news/inside-google/company-announcements/joint-statement-google-apple/
6 days ago
0
0
0
Time to check the list of VScode packages that have been removed by Microsoft from the Marketplace due to security issues and make sure they are not on your deployment.
github.com/microsoft/vs...
loading . . .
https://github.com/microsoft/vsmarketplace/blob/main/RemovedPackages.md
7 days ago
0
0
0
That time again to check all the new security advisories released on Palo Alto Networks gear and get patching.
security.paloaltonetworks.com
loading . . .
Palo Alto Networks Security Advisories
Palo Alto Networks Security Advisories - Latest information and remediations available for vulnerabilities concerning Palo Alto Networks products and services.
https://security.paloaltonetworks.com/
8 days ago
0
0
0
That time again to check all the new security advisories released on Juniper gear and get patching.
supportportal.juniper.net/s/global-sea...
loading . . .
CEC Juniper Community
https://supportportal.juniper.net/s/global-search/%40uri#t=KnowledgeArticles&sort=relevancy&f:ctype=[Security%20Advisories]
9 days ago
0
0
0
Interesting deep dive into the Ransomware strain CrazyHunter created by apparently Chinese groups and deployed in Taiwanese organizations.
www.trellix.com/blogs/resear...
loading . . .
Â
https://www.trellix.com/blogs/research/the-ghost-in-the-machine-crazyhunters-stealth-tactics/
10 days ago
0
0
0
Nice outline on just why sorting plastic for recycling centers is so hard and only 10% is currently recycled by NIST.
www.nist.gov/how-do-you-m...
loading . . .
How Do Recycling Facilities Sort Different Kinds of Plastic?
To quickly identify the main components of a plastic product, recyclers can use commercial tools to measure light that has interacted with the object.
https://www.nist.gov/how-do-you-measure-it/how-do-recycling-facilities-sort-different-kinds-plastic
11 days ago
0
0
0
Outline of the currently available Verifiable Digital Credentials from NIST. Good introduction to the current state of the options and how to evaluate them.
www.nist.gov/blogs/cybers...
loading . . .
Digital Identities: Getting to Know the Verifiable Digital Credential Ecosystem
Understanding mDL credential formatsStandards in the VDC Ecosystem
https://www.nist.gov/blogs/cybersecurity-insights/digital-identities-getting-know-verifiable-digital-credential-0
12 days ago
0
0
0
The new California DROP (Delete Request and Opt-out Platform) law has gone live. State residents can register to have over 500 data brokers remove them from sale collections.
privacy.ca.gov/drop/
loading . . .
Delete request and opt-out platform (DROP)
Protect your personal information. Data brokers collect, share, and sell your personal information. You can stop that from happening.
https://privacy.ca.gov/drop/
12 days ago
0
0
0
CES conference announcement that
#AI
is coming for every new TV model from Samsung.
techxplore.com/news/2026-01...
loading . . .
TV makers tout AI upgrades at CES, as smartphone threat looms
A century after Scottish inventor John Logie Baird demonstrated the first mechanical television system, TVs face mounting competition from a much more recent invention: smartphones.
https://techxplore.com/news/2026-01-tv-makers-tout-ai-ces.html
14 days ago
0
0
0
Rumor has it that Discord is getting ready to go public with their IPO and move to full monetization of the platform.
www.gamesindustry.biz/discord-repo...
loading . . .
Discord reportedly makes confidential filing for IPO
The chat platform has allegedly been working with Goldman Sachs and JPMorgan Chase on a listing for some time now
https://www.gamesindustry.biz/discord-reportedly-makes-confidential-filing-for-ipo
15 days ago
0
0
0
A new study by the Dutch government finds that most teen hackers do leave their criminal choices behind by their twenties.
www.tweedekamer.nl/kamerstukken...
loading . . .
Jong op het verkeerde pad. Verkenning maatschappelijke kosten van criminele carrières van adolescenten | Tweede Kamer der Staten-Generaal
https://www.tweedekamer.nl/kamerstukken/detail?id=2025D48844&did=2025D48844
16 days ago
0
0
0
Good news that Australian authorities have convicted and sentenced to 7 years the man responsible for deploying evil twin WiFi networks for phishing credentials in the Perth, Melbourne and Adelaide airports.
www.afp.gov.au/news-centre/...
loading . . .
WA man jailed for stealing intimate material and using âevil twinâ WiFi networks | Australian Federal Police
A West Australian man who created âevil twinâ WiFi networks to capture personal data and hacked into womenâs online accounts to steal intimate material has been sentenced to seven years and four month...
https://www.afp.gov.au/news-centre/media-release/wa-man-jailed-stealing-intimate-material-and-using-evil-twin-wifi
17 days ago
0
0
0
Unfortunately,
#AI
slop has come not just to search but to Wikipedia. At least the team seems to be on top of the influx of bad information and working on a solution.
18 days ago
1
0
0
Looks like ads and sponsored content are coming this year to ChatGPT.
www.tomshardware.com/tech-industr...
loading . . .
ChatGPT could prioritize sponsored content as part of ad strategy â sponsored content could allegedly be given preferential treatment in LLMâs responses, OpenAI to use chat data to deliver highly pers...
Are we going to see ads in ChatGPT's answers soon?
https://www.tomshardware.com/tech-industry/artificial-intelligence/chatgpt-could-prioritize-sponsored-content-as-part-of-ad-strategy-sponsored-content-could-allegedly-be-given-preferential-treatment-in-llms-responses-openai-to-use-chat-data-to-deliver-highly-personalized-results
19 days ago
0
0
0
The latest move in advertising surveillance dystopia are facial recognition billboards at mass transit sites in Canada. Fortunately the privacy commissioner is already investigating their use.
therecord.media/canada-priva...
loading . . .
Canadaâs privacy regulator to probe billboards equipped with facial scanning tech
The billboards, located near Torontoâs Union Station, reportedly analyze only the age and gender of people nearby, according to their owner.
https://therecord.media/canada-privacy-regulator-to-probe-face-scanning-billboards
20 days ago
0
2
0
New regulations in South Korea apply fines to companies that have repeated data breaches or delay reporting of security incidents.
www.koreatimes.co.kr/southkorea/2...
loading . . .
Science minister vows punitive fines against companies with repeated security breaches - The Korea Times
Science Minister Bae Kyung-hoon said Friday the government will seek to introduce punitive fines on businesses with repeated data breaches amid gro...
https://www.koreatimes.co.kr/southkorea/20251212/science-minister-vows-punitive-fines-against-companies-with-repeated-security-breaches
21 days ago
0
1
0
The new Baseline Security Mode is rolling out on Microsoft products through March of this year. This dashboard makes applying recommended minimum security settings apply for enterprise administrators.
mc.merill.net/message/MC11...
loading . . .
MC1193689 - Microsoft baseline security mode for Office, SharePoint, Exchange, Teams, and Entra | Microsoft 365 Message Center Archive
Baseline Security Mode centralizes Microsoftâs recommended security standards for Office, SharePoint, Exchange, Teams, and Entra. Rolling out from November 2025 to March 2026, it provides admins with ...
https://mc.merill.net/message/MC1193689
22 days ago
0
0
0
Interesting end of year report from Cloudflare shows what the mix of traffic is and trends on their hosted domains.
radar.cloudflare.com/year-in-revi...
loading . . .
Cloudflare Radar 2025 Year in Review
The Cloudflare Radar 2025 Year In Review features interactive charts, graphs, and maps you can use to explore what changed on the Internet Worldwide throughout 2025.
https://radar.cloudflare.com/year-in-review/2025
23 days ago
0
0
0
Good news that Ukrainian authorities, in cooperation with Czech Republic, Latvia & Lithuania, have taken down fraud call center operators in three cities. There were over 400 victims with losses over âŹ10M.
www.eurojust.europa.eu/news/fraudul...
loading . . .
Fraudulent call centres in Ukraine rolled up
Authorities from the Czech Republic, Latvia, Lithuania and Ukraine with the support of Eurojust took action against a criminal network operating call centres in Dnipro, Ivano-Frankivsk and Kyiv, Ukrai...
https://www.eurojust.europa.eu/news/fraudulent-call-centres-ukraine-rolled
24 days ago
0
0
0
Researchers at KU Leuven found that brand new embedded devices are shipping with browsers 3 years old and thus vulnerable on day one. All 5 eReaders and 24 of 35 smart TVs. And firmware updates donât always include the browser.
nieuws.kuleuven.be/nl/2025/vero...
loading . . .
Veroudering ingebouwde webbrowsers leidt tot veiligheidsrisicoâs
Ingebouwde webbrowsers in toestellen zoals tablets, spelconsoles en autoâs lijken op het eerste zicht veilig. Een studie van KU Leuven toont echter aan dat die browsers vaak werken met sterk verouderd...
https://nieuws.kuleuven.be/nl/2025/veroudering-ingebouwde-webbrowsers-leidt-tot-veiligheidsrisicos
25 days ago
0
1
0
The US state of New York has passed a law requiring
#AI
companies with $500M or more in revenue to publish their safety protocols and report safety incidents within 72 hours.
iapp.org/news/a/hochu...
loading . . .
Hochul enacts New York's AI safety and transparency bill | IAPP
Gov. Kathy Hochul, D-N.Y., signed into law a bill which would require safety disclosures by major AI developers and put in place an enforcement mechanism for those who do not abide by the rules. IAPP ...
https://iapp.org/news/a/hochul-enacts-new-yorks-ai-safety-and-transparency-bill
26 days ago
0
0
0
New Draft document from NIST with advice on applying the standard Cyber security frameworks to the new
#AI
technologies now available. Comments are accepted until January 30.
www.nist.gov/news-events/...
loading . . .
Draft NIST Guidelines Rethink Cybersecurity for the AI Era
New guidelines can help an organization determine ways to incorporate AI into its operations while mitigating cybersecurity risks.
https://www.nist.gov/news-events/news/2025/12/draft-nist-guidelines-rethink-cybersecurity-ai-era
27 days ago
0
0
0
Interesting report from Proofpoint on how phishing for Microsoft 365 OAuth device codes are being used by both criminal and state espionage actors.
www.proofpoint.com/us/blog/thre...
loading . . .
Access granted: phishing with device code authorization for account takeover | Proofpoint US
Key findings Proofpoint is tracking multiple threat clusters - both state-aligned and financially-motivated - that are using various phishing tools to trick users
https://www.proofpoint.com/us/blog/threat-insight/access-granted-phishing-device-code-authorization-account-takeover
28 days ago
0
0
0
New open source tool from Nebulock that creates an Agent Threat Hunting Framework to use AI tools in the automation for threat hunting processes.
nebulock.io/blog/agentic...
loading . . .
The Agentic Threat Hunting Framework | Nebulock blog
Give your threat hunting program memory and agency.
https://nebulock.io/blog/agentic-threat-hunting-framework
29 days ago
0
2
1
Report on the Google Wiz division zero day hacking event that found 11 exploits and awarded $320k in bounties for the event.
www.wiz.io/blog/wiz-zer...
loading . . .
ZeroâDays in the Age of AI: Behind the Scenes of ZeroDay.cloud 2025, with a Record High of CVEs in Critical Cloud Infra | Wiz Blog
ZDC awarded hackers $320,000 and uncovered a recordâbreaking tally of critical CVEs for core cloud infrastructure, underscoring the scale and urgency of securing the openâsource software that underpin...
https://www.wiz.io/blog/wiz-zeroday-cloud-hacking-competition-behind-the-scenes
30 days ago
0
0
0
Nice outline of how all the various Chinese APT groups are organized and operating collecting information from all the public reports from a range of security researchers.
nattothoughts.substack.com/p/the-many-a...
loading . . .
The Many Arms of the MSS: Why Provincial Bureaus Matter in Chinaâs Cyber Operations
Provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for cyber operations
https://nattothoughts.substack.com/p/the-many-arms-of-the-mss-why-provincial
about 1 month ago
0
0
0
Interesting report from ESET researchers potentially identifying a new Chinese APT they call LongNoseGoblin going after governments across Southeast Asia and Japan.
www.welivesecurity.com/en/eset-rese...
loading . . .
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions.
https://www.welivesecurity.com/en/eset-research/longnosedgoblin-tries-sniff-out-governmental-affairs-southeast-asia-japan/
about 1 month ago
0
0
0
Good news that Dutch authorities have arrested a suspect in bank fraud using real identities of victims to create bank accounts via facial recognition bypass. He was able to have victims eyes, nose & mouth placed over his face for the process.
www.politie.nl/nieuws/2025/...
loading . . .
Oplichter aangehouden die met behulp van deepfake tientallen bankrekeningen opende en misbruikte
Het identiteitsverificatieproces bij de bank omzeilen door gezichtskenmerken te beĂŻnvloeden. Op deze manier wist een man uit Amsterdam 46 bankrekeningen op naam van anderen te openen. Het doel? Deze r...
https://www.politie.nl/nieuws/2025/december/17/05-oplichter-aangehouden-die-met-behulp-van-deepfake-tientallen-bankrekeningen-opende-en-misbruikte.html
about 1 month ago
0
2
1
Good news in the end of year report from the US Treasury Department shows a decline in payments made to Ransomware attacks. We are moving in the right direction, but still giving $700M to criminals in the process.
cyberscoop.com/ransomware-p...
loading . . .
Is ransomware finally on the decline? Treasury data offers cautious hope
Payments declined one-third to $734M, yet the number of victims confronting ransomware still remains a largely unchanged epidemic, sliding just 2% last year.
https://cyberscoop.com/ransomware-payments-decline-2024-fincen/
about 1 month ago
0
0
0
I ask my esoteric fact questions to search for answers. Both Microsoft & Google do well but sometimes Bing Copilot either misinterprets the question or gives a wrong answer while Gemini does well. This is a good example, was the Japanese internment camp ruled unconstitutional.
about 1 month ago
0
0
0
Summary recommendations from Microsoft on the Minimum Security standards for multiple products like Office, Sharepoint & Teams.
mc.merill.net/message/MC11...
loading . . .
MC1193689 - Microsoft baseline security mode for Office, SharePoint, Exchange, Teams, and Entra | Microsoft 365 Message Center Archive
Baseline Security Mode centralizes Microsoftâs recommended security standards for Office, SharePoint, Exchange, Teams, and Entra. Rolling out from November 2025 to March 2026, it provides admins with ...
https://mc.merill.net/message/MC1193689
about 1 month ago
0
0
0
Thanks for another year with the great presentations from Graphiant, Nokia & Cisco at
@techfieldday.com
at
#NFD39
Hope everyone has a great holiday season and happy new year.
about 1 month ago
0
2
0
Interesting report from Brattle on the threat actors in the energy sector and recommendations on cyber security in response.
www.brattle.com/insights-eve...
loading . . .
Securing Battery Energy Storage Systems from Cyberthreats: Best Practices and Trends for Protecting Critical Energy Infrastructure - Brattle
As battery energy storage systems (BESS) rapidly scale to become essential components of modern power grids, ensuring their cybersecurity has never been
https://www.brattle.com/insights-events/publications/securing-battery-energy-storage-systems-from-cyberthreats-best-practices-and-trends-for-protecting-critical-energy-infrastructure/
about 1 month ago
0
0
0
Interesting report from Bitsight finds that over 1k MCP servers found on the internet have no authorization in place and exposing sensitive data. Letâs be careful when adding new features to your services.
www.bitsight.com/blog/exposed...
loading . . .
Exposed MCP Servers: New AI Vulnerabilities & What to Do | Bitsight
Bitsight TRACE research team found roughly 1,000 exposed MCP servers with no authorization in place, revealing new AI vulnerabilities. Read the report now.
https://www.bitsight.com/blog/exposed-mcp-servers-reveal-new-ai-vulnerabilities
about 1 month ago
0
1
2
New rules from Microsoft are Expanding the Public Bug Bounty program to cover any vulnerabilities affecting their online services. This will include 3rd party domains for code that also affect Microsoft projects.
www.microsoft.com/en-us/msrc/b...
loading . . .
Evolving our approach to coordinated security research: In scope by default
https://www.microsoft.com/en-us/msrc/blog/2025/12/in-scope-by-default
about 1 month ago
0
0
0
New feature on Android phones rolling out in US, Mexico and Germany will allow the sharing of live video when making calls to emergency service numbers.
blog.google/products/and...
loading . . .
Share live video with emergency services to get the help you need
During an emergency call or text, a dispatcher can send a request to your Android phone to share live video.
https://blog.google/products/android/emergency-live-video/
about 1 month ago
0
0
0
Survey of EU Public and private critical sector organizations says they are having issues attracting and retaining Cyber Security professionals.
www.enisa.europa.eu/publications...
loading . . .
NIS Investments 2025 | ENISA
ENISA is the EU agency dedicated to enhancing cybersecurity in Europe. They offer guidance, tools, and resources to safeguard citizens and businesses from cyber threats.
https://www.enisa.europa.eu/publications/nis-investments-2025
about 1 month ago
0
0
0
Good summary from the UK NCSC on just what LLM prompt injection is and how it works. They note that the very nature of LLM will make this a forever cyber security problem.
www.ncsc.gov.uk/blog-post/pr...
loading . . .
Prompt injection is not SQL injection (it may be worse)
There are crucial differences between prompt and SQL injection which â if not considered â can undermine mitigations.
https://www.ncsc.gov.uk/blog-post/prompt-injection-is-not-sql-injection
about 1 month ago
0
0
0
Both Apple and Google have started notifying users of spyware being deployed on their phones with up to 150 countries around the world affected.
www.reuters.com/technology/a...
loading . . .
Apple, Google send new round of cyber threat notifications to users around world
Apple and Google have sent a new round of cyber threat notifications to users around the world, the companies said this week, announcing their latest effort to insulate customers against surveillance ...
https://www.reuters.com/technology/apple-sent-new-round-cyber-threat-notifications-users-84-countries-2025-12-05/
about 1 month ago
0
0
0
There are security vulnerabilities discovered in the PCIe communications found by CMU in Pittsburgh. Just in time for the even broader use of PCI in shared environments like
#AI
data centers.
kb.cert.org/vuls/id/404544
loading . . .
CERT/CC Vulnerability Note VU#404544
Vulnerabilities identified in PCIe Integrity and Data Encryption (IDE) protocol specification
https://kb.cert.org/vuls/id/404544
about 1 month ago
0
0
0
The Android anti scam call prevention pilot program is expanding from Brazil and India to the UK. The feature monitors calls and alerts the user when financial scams are likely.
security.googleblog.com/2025/12/andr...
loading . . .
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Goo...
https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
about 1 month ago
0
0
0
Interesting report from the AWS team on the Chinese threat actors Earth Lamia and Jackpot Panda exploiting web application vulnerabilities around the world.
aws.amazon.com/blogs/securi...
loading . . .
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182) | Amazon Web Services
Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat g...
https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/
about 2 months ago
0
0
0
Interesting deep dive by CISA on the BRIKSTORM malware attack on government systems.
www.cisa.gov/news-events/...
loading . . .
PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems | CISA
https://www.cisa.gov/news-events/alerts/2025/12/04/prc-state-sponsored-actors-use-brickstorm-malware-across-public-sector-and-information-technology
about 2 months ago
0
0
0
Good introduction on how to check out and get started with FRR, the Free Range Routing open source project for network engineers.
ctrlaltroute.com/2025/11/14/g...
loading . . .
Getting Started with the FRRouting Project (FRR)
When youâre experimenting with routing in a homelab, you usually face one of two options: spin up vendor simulators that require heavy resources, or rely on static routes and hope itâs âgood enoughâŚ
https://ctrlaltroute.com/2025/11/14/getting-started-with-the-frrouting-project-frr/
about 2 months ago
0
1
0
Interesting case study from Amazon on how Iranian state cyber actors are coming into the kinetic world once they compromise the cyber assets with two examples.
aws.amazon.com/blogs/securi...
loading . . .
New Amazon Threat Intelligence findings: Nation-state actors bridging cyber and kinetic warfare | Amazon Web Services
The new threat landscape The line between cyber warfare and traditional kinetic operations is rapidly blurring. Recent investigations by Amazon threat intelligence teams have uncovered a new trend tha...
https://aws.amazon.com/blogs/security/new-amazon-threat-intelligence-findings-nation-state-actors-bridging-cyber-and-kinetic-warfare/
about 2 months ago
0
0
0
Load more
feeds!
log in
