5+All Security Resource Digest for 2023–11–29

Here are my favorite 5 security resources added to my security resource database since yesterday. These resources will range from blogs and Reddit posts, through paid resource subscriptions and events, to official agency communications or newsletters.

Top 5 Security Resource Summaries for Nov 29, 2023

#1: A Punishing Year of Thunderstorms Has Led to Record-Breaking Losses

Wall Street Journal (WSJ) | Link to Resource

• Severe convective storms causing record levels of damage in the U.S., with businesses hiring meteorologists, implementing coping strategies, and accepting policies with large deductibles, while potential damage is growing and climate change may contribute to storm intensity; some businesses utilizing parametric policies to mitigate unpredictability.

#2: Five Takeaways from Black Friday & Cyber Monday Cyber Attacks

Imperva | Link to Resource

• Imperva Threat Research highlights increased web traffic, with Cyber Monday surpassing Black Friday, ATO attacks rising by 85% on Black Friday, and an increase in attacks targeting retailers’ APIs during the 2023 holiday shopping season.

#3: Compromising Identity Provider Federation

Cybersecurity Blog | CrowdStrike | Link to Resource

• Increase in attacks exploiting identity provider federation observed, requiring vigilance and proactive security measures in order to prevent compromise.

#4: “Cyber incident” impacting transactions — c. 80 firms affected | Today’s Conveyancer

Today’s Conveyancer | Link to Resource

• Around 80 legal firms affected by cyber incident causing system disruptions and transaction delays; service provider working with cyber experts to restore systems, data integrity intact; external expertise brought in for system safety; similar issue faced by Simplify 2 years ago.

#5: Japan’s space agency suffers cyber attack, points finger at Active Directory

The Register — Security | Link to Resource

• Japanese Space Exploration Agency (JAXA) suffers cyber breach, suspected to be due to an Active Directory breach, and seeks assistance to assess the impact; no sensitive information believed to be stolen; previously faced cyber breaches in 2016 and 2012, as well as recent launch failures.

All Security Resources Added by Nov 29, 2023

View all of the security-related resources added in the last day

Access the full security database!

To see these full records — including any downloadable PDFs, files, or additional links to related sources — or find any of the other records added to the SSD, you can browse it (for free!):

• On desktop dashboards, with full search / sort / filter functionality
• In a mobile app, with embedded tables and a form for you to add your own materials :)

And, take a look at some of my other security projects — including research reports, guides, webinars, podcasts, and personal certifications.

Please share this digest and database with anyone you think would find these resources helpful! And, let me know what you think?

Final Notes:

• These are the top resources added to my personal security database in the last day. So, while many of them are timely, it’s based on their add date to the database. They might have been published five years ago or five minutes ago!
• This database project — including all its supporting automations and content subscriptions — is entirely self-funded. It’ll remain free to anyone who would like to use it! However, you can help support the project, either on Ko-Fi or simply by sharing it with others. :)
• Originally published on Medium.