Dave’s LIfe – DavidJohnston.org

I’m back!

February 16, 2020 by Dave

My wife Grace just started a blog for a class she’s taking. Seeing her post each week, made me think about how much fun I had blogging years ago. I had a blog from 2004 to about 2013 with several names including dave.sonic.net, AngryVillagers.net, and FriendsofDave.org. I liked having a place to capture my thoughts. …

CISA Launches New Threat Detection Dashboard April 9, 2021
Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.
600K Payment Card Records Leaked After Swarmshop Breach April 8, 2021
A leaked database also contains the nicknames, hashed passwords, contact details, and activity history of Swarmshop admins, sellers, and buyers.
Handcuffs Over AI: Solving Security Challenges With Law Enforcement April 8, 2021
We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime.
Did 4 Major Ransomware Groups Truly Form a Cartel? April 7, 2021
An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.
Voice-Changing Software Found on APT Attackers' Server April 7, 2021
Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns.
Cring Ransomware Used in Attacks on European Industrial Firms April 7, 2021
Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report.
Cartoon Caption Winner: Something Seems Afoul April 7, 2021
And the winner of Dark Readings's March cartoon caption contest is ...
Crime Service Gives Firms Another Reason to Purge Macros April 6, 2021
Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.
Ryuk's Rampage Has Lessons for the Enterprise April 6, 2021
The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.
LinkedIn Phishing Ramps Up With More-Targeted Attacks April 5, 2021
Seeking to take advantage of out-of-work users, malware groups continue to use LinkedIn and business services to offer fictional jobs and deliver infections instead.