The Bellingcat report on the Russian ProtonMail phishing campaign against them has now been published: https://www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/
We put together a list of all the stories my colleague and I wrote at #BlackHat, along with a few blurbs that we weren't able to publish as full articles. https://www.pcmag.com/feature/370092/black-hat-2019-the-craziest-most-terrifying-things-we-saw
Some fun #BlackHat shenanigans. Ruben Santamarta, a researcher at IOActive, gave a presentation about vulnerabilities he found in the Boeing 787 core network. Boeing has issued a strong denial, and has a PR rep here to boot. FAA has also chimed in, supporting Boeing.
I have been told (BUT HAVE NOT CONFIRMED) that there are Boeing engineers at the conference to refute the claims in person.
Santamarta and IOActive are emphatically standing behind their work.
DMARC really isn't that difficult. Your organization should be using it. https://www.zdnet.com/google-amp/article/dmarcs-abysmal-adoption-explains-why-email-spoofing-is-still-a-thing/
infosec @ financial services, healthcare, and telecoms
A Mastodon instance for info/cyber security-minded people.