Weekendowa Lektura: odcinek 657 [2026-01-02]. Bierzcie i czytajcie

🇵🇱 https://zaufanatrzeciastrona.pl/post/weekendowa-lektura-odcinek-657-2026-01-02-bierzcie-i-czytajcie/

🇬🇧 https://badcyber.com/it-security-weekend-catch-up-january-2-2026/

Przestępcy – jak można się było spodziewać – ani myślą o noworoczno-świątecznej przerwie, stąd całkiem sporo artykułów, które mieliśmy okazję przejrzeć i dla Was wybrać.

#infosec #cyberbezpieczenstwo #cybesecurity #weekendowalektura

Wazuh: Детальный разбор localfile — настройка сбора логов в SIEM-системе

Привет, хабровчане! Если вы занимаетесь DevOps, системным администрированием или кибербезопасностью, то Wazuh — это ваш must-have для мониторинга и SIEM. В этой статье (и соответствующем видео на моём канале) мы разберём секцию в конфигурации агента Wazuh. Это ключевой компонент Logcollector'а, который отвечает за сбор логов из файлов, системных событий, команд и даже journald. Без правильной настройки вы рискуете пропустить важные события или утонуть в шуме. Статья основана на официальной документации ( https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#localfile ), с практическими примерами из реальных конфигов. Если необходимо видео, то можно посмотреть тут ( https://youtu.be/69mVhQsjXZU ).

https://habr.com/ru/articles/964290/

#siem #сием #wazuh #вазух #security #cybesecurity

I'm not sure if you all read the news about the rogue communication devices found in Chinese solar power inverters?

If not here is a short recap of the Reuters article from 2025-05-14:

Two anonymous U.S experts stated that they found "rogue" communication devices that were not listed in product documents in some Chinese solar inverters.
They also claimed that similar undocumented communication devices, including cellular radios, have also been found previously in some batteries from Chinese suppliers.

These communication devices could be used to bypass firewalls and switch off inverters remotely, or change their settings, could destabilize power grids, damage energy infrastructure, and trigger widespread blackouts. In the end the devices could be used to physically destroy the grid.

The whole article is here:
https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/

While Reuters stayed vague enough to not be wrong, other news outlets were quick to postulate that a Chinese “kill switches” had been found hidden in American solar farms.

While I don't doubt the theoretical possibility of the envisioned attack, the story still feels off to me!

The story just contains too few details. Reading it carefully it just states that undocumented components or undocumented communication devices were found. The "rogue" part is an interpretation. The theoretical consequences are valid nevertheless.

It remind me a lot of the story of spy chips on server boards (2018), which The Register described as a "mishmash of disparate and inaccurate allegations" .
https://www.theregister.com/2021/02/12/supermicro_bloomberg_spying/

What do you think?

#Cybesecurity #CriticalInfrastructure

Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe

malicious PDFs delivered via SMS messages whose senders impersonate the United States Postal Service

Attacks commence once the victim clicks on the malicious link hidden in the PDF; usually containing requests for personal information, including names, addresses and credit card details

#PDF #Phishing #messaging #USPS #security #cybesecurity #hackers #hacking

https://www.techradar.com/pro/security/millions-at-risk-as-malicious-pdf-files-designed-to-steal-your-data-are-flooding-sms-inboxes-how-to-stay-safe

The biggest underestimated security threat of today? Advanced persistent teenagers

If you ask some of the top cybersecurity leaders in the field what’s on their worry list, you might not expect bored teenagers to be top of mind. But in recent years, this entirely new generation of money-driven cybercriminals has caused some of the biggest hacks in history and shows no sign of slowing down.

#teenagers #security #cybesecurity #databreach #infosec #hackers #hacking

https://techcrunch.com/2024/11/01/the-biggest-underestimated-security-threat-of-today-advanced-persistent-teenagers/