securityXspace: a blog about cyber-philosophy.

  • FortiBleed: The Cyber Crisis Endangering National Security

    FortiBleed: The Cyber Crisis Endangering National Security

    The “FortiBleed” crisis reveals vulnerabilities in national security infrastructure, exposing over 80,000 firewalls due to compromised Fortinet systems. High-value government credentials are being sold, posing risks to critical services like healthcare. With state-supported hackers, this crisis necessitates immediate defenses and highlights systemic flaws in cybersecurity strategies.

  • Why Your Android TV Box Could Be a Digital Nightmare

    Why Your Android TV Box Could Be a Digital Nightmare

    Cheap Android TV streaming boxes may seem like bargains, but they are linked to a global cybercrime network, the Popa botnet. These devices can be hijacked to serve as proxies in cyberattacks, compromising home networks. Users are urged to avoid unknown brands and reconsider the true cost of such savings to their security.

  • The Tiny Library in Millions of Devices: Unpacking the FatFs Security Crisis

    The Tiny Library in Millions of Devices: Unpacking the FatFs Security Crisis

    RunZero discovered seven unpatched vulnerabilities in the FatFs filesystem library, a crucial yet overlooked component in modern technology, affecting various devices. Without centralized updates, security falls on developers. The findings highlight a significant supply chain risk, exposing devices to severe attacks, particularly through physical access, as AI advances in vulnerability detection.

  • Popcorn and Cyber: Episode 2 – WarGames

    Popcorn and Cyber: Episode 2 – WarGames

    In the second episode of Popcorn and Cyber, the hosts discuss the classic 1983 film WarGames, which explores early hacking and cybersecurity. The movie features David, a young hacker who accidentally threatens nuclear war by accessing a military supercomputer. While it dramatizes certain elements, it remains a foundational piece of cyber culture and highlights the…

  • AI’s Deceptive Code and Phishing’s New Playbook

    AI’s Deceptive Code and Phishing’s New Playbook

    A quick disclaimer: The information in this podcast is for informational purposes only and does not constitute legal or professional advice. The AI Double-Edged Sword: We discuss how benign-looking GitHub repositories can trick AI coding agents into running malware, and how threat actors are using fake OpenAI organisations to steal corporate data. On the flip…

  • The Truth about Threat Maps

    The Truth about Threat Maps

    Cybersecurity threat maps (often called “pew-pew maps”) are interactive, animated global maps that show glowing lines or lasers representing cyber attacks flying from one country to another. Major cybersecurity companies like Kaspersky, Fortinet, Check Point, Trellix (formerly FireEye), and SonicWall provide these maps. Key Threat Map Tools The Debates: Are they useful or just “pew-pew”…

  • AI’s Cyber Arms Race: Defending the UK’s Critical Infrastructure

    AI’s Cyber Arms Race: Defending the UK’s Critical Infrastructure

    Links from this week’s episode: Disclaimer: This podcast is for informational purposes only and does not constitute legal advice.

  • Conversations with Silicone

    Conversations with Silicone

    Conversations with Silicone sees another popular AI chatbot answer questions in its own inimitable style.

  • Really Warped!          Tales from the Dark Web

    Really Warped! Tales from the Dark Web

    Meet “Sarah”, who’s about to mess with the wrong dark web monster…

  • Popcorn and Cyber: Episode 1 – The Matrix

    Popcorn and Cyber: Episode 1 – The Matrix

    Films are not real…. but how real is real when it comes to Cyber and hacking. Let’s check out some examples.