An analysis of the Odido data breach, where attackers accessed a customer contact system, and what it teaches us about data segmentation and third-party risk.
A seven-level analysis of the Conduent data breach that exposed sensitive information of Volvo Group North America employees, highlighting the impact of third-party compromises.
An analysis of the BridgePay ransomware attack using the CyberLeveling Breach Anatomy Model, exploring how the incident became possible and what it reveals about risks in financial infrastructure.
An analysis of the cyberattack on La Sapienza University, applying a seven-level framework to understand the incident's causes, impact, and lessons for other large institutions.
An analysis of the Flickr data breach, where a third-party email service provider's vulnerability led to potential user data exposure, highlighting supply chain risks.
An analysis of the Substack data breach, exploring why a web or backend application vulnerability is the most plausible explanation, and applying a seven-level incident analysis lens.
An analysis of the cyberattack on Conpet, Romania's national oil pipeline operator, and the Qilin ransomware group's playbook.
An analysis of the NationStates data breach using the CyberLeveling Breach Anatomy Model, highlighting a classic application-layer compromise.
An analysis of the Crunchbase data breach, applying the CyberLeveling Breach Anatomy Model to understand the vishing campaign and its impact.
A structured analysis of the SoundCloud data breach affecting 29.8 million users, using the CyberLeveling Breach Anatomy Model to review the incident's surface, intrusion, and impact.
A structured analysis of the ransomware attack against the Concello de Sanxenxo, using the CyberLeveling Breach Anatomy Model to understand the incident's progression and lessons.
A retrospective on the Marks & Spencer ransomware attack, analyzing the entry points, attacker techniques, and long-term lessons for organizational resilience.
A summary of the cybersecurity incident at SegurCaixa Adeslas, detailing the exposed data, the company's response, and the potential risks for policyholders.
A summary of the alleged Under Armour data breach, including the potential exposure of 72 million customer records, the type of data involved, and the company's official response.
An analysis of the Illinois Department of Human Services (IDHS) data exposure, detailing the configuration issue that left over 700,000 residents' data publicly accessible for years.