AI and Deepfake Threats: A Security Professional’s Perspective

By now you have probably used Artificial Intelligence in one way or another. All around us we are starting to see our society seemingly embrace the rise of AI and how it is being incorporated into our daily life. Major companies, such as xAI, are pumping millions and even billions into data centers, and companies that we have come to use in our daily basis are suddenly releasing products with AI built in. When it comes to Information Security it is no different in the embrace of AI. For example, just a few days ago, Kali Linux released Kali GPT which is built into the operating system and meant to help penetration tests. With the rise of Artificial Intelligence seemingly being used in our daily life it does raise an important concern. Moreover, there are many great benefits of AI but what about the dangers? Threat actors are not individuals who rest and if there is an opportunity to use AI for their own selfish benefit then there are chances that they will use it. The Rise of Deep Fakes and Impersonations Imagine that you have a direct supervisor that you work with at your organization. Everyday you hear their…

Continue reading
My personal adventure with the Comptia+ Security+

During the second-to-last day of May 2025, I finally accomplished a personal goal of mine that I had been working toward for the past five years. What goal was that?I finally became CompTIA Security+ 701 certified! This is an exam that I needed to obtain for quite some time — not only does it cover a lot of important cybersecurity concepts that I’ve wanted to master, but it also helps open up some government contracting positions in my local area, which I plan to pursue as I kick off my career. I wanted to take some time here to share the strategy that I used to prepare for the exam, in case it’s helpful to others looking to go down this path: March 2025 I started out my preparation in early March 2025 by purchasing a course on Udemy.com by Dion Training. The course contained roughly over 20 hours of learning material, and what I did during this entire month was simply to watch the videos and take notes. I did not quiz myself or do anything else — this phase was all about absorbing the information as best as I could. Some of the materials I understood already from…

Continue reading
We are so back! 🎉 Here is what is new.

Hey folks! It’s Austin, head writer at Info Sec Digest delivering you some exciting news! First and foremost, we are back with a lot of new articles about to be released this summer! 🎉The reason for the hiatus was that I found myself incredibly busy since March and needed to take a break. Moreover, I was studying for the Comptia Security+ certification and it took up a lot of my time 😬. More news on my experience with taking this Security+ exam to come in a upcoming blog post soon.  I wanted to post here to discuss our newest changes and the future direction of Info Sec Digest: Two posts per week  I will be publishing two blog posts per week for the foreseeable future! One blog post on Monday to get your week started and another blog post on Friday morning to finish off the week. There may be more articles by our independent contributors who sign up to write with us.  Seeking contributors We are always accepting new contributors who wish to write about anything within the Information Security arena. Unfortunately, we cannot provide any income for your writing efforts as we do not generate revenue. However, you…

Continue reading
The Ghost in the Machine: Why Your Smart Fridge Might Be Plotting Against You

Okay, hear me out—your smart fridge might not be as innocent as it looks, humming away in your kitchen, keeping your leftovers cold. I’m not saying it’s going to stage a midnight coup with your toaster, but the rise of Internet of Things (IoT) devices has opened up a wild new frontier in cybersecurity that’s equal parts fascinating and terrifying. Let’s dive into why that sleek, Wi-Fi-enabled appliance could be a Trojan horse for hackers—and what we can do about it. Picture this: it’s 2025, and you’ve got a fridge that texts you when you’re low on milk. Cool, right? My buddy Dave got one last year, and he swears it’s changed his life—no more soggy cereal mornings. But here’s the kicker: anything connected to the internet is a potential entry point for someone with a laptop and a grudge. Researchers have been warning us about this for years, and I stumbled across a study from a cybersecurity firm—let’s call it “Nerds R Us”—that found over 100,000 IoT devices, including fridges, had been hijacked into botnets by mid-2024. Botnets! That’s the stuff of sci-fi movies, except it’s real, and it’s happening in your kitchen. So how does this even work?…

Continue reading
Scammers Faking Fame: Don’t Get Played by Celebrity Catfish

The other day, I was browsing my social media feed when I saw a post from ENISA, a famous singer. She had posted on her social media page about scammers who were impersonating her and attempting to scam her fan base. Go ahead and take a look at the message that she posted below. Now, if the profanity and text in all capital letters were not enough, you can see that ENISA is upset about these scammers. Moreover, I do not blame her at all because I can imagine that she is constantly bothered by people who complain to her that they are getting scammed. Not to mention, I can't think of a single person, celebrity or not, who would appreciate people impersonating them maliciously. Scammers posing as celebrities are on almost every social media website that is out there. I cannot even begin to describe every instance of scammers that have slid into my DMs, The reason that the scammers pose as Influencers: Money, Money, Money. Scammers pose as Influencers for the money. The typical scammer doing these operations knows that these famous people have a lot of hardcore fans. Moreover, many people on a daily basis are trying…

Continue reading
Alabama’s Largest Credit Union Hit by BIN Attack: How Criminals Exploited Card Numbers to Target Walmart Transactions

Earlier in the week, we wrote about how the largest credit union in Alabama, Redstone Federal Credit Union(REDFCU) , was the target of a cyber incident in which members reported fraudulent charges from Walmart.com on their accounts. At the time of that article, REDFCU was quite secretive about what happened, but finally, later in the week, the bank released information to a local news outlet in Huntsville that the attack was the result of a Bank Identification Number (BIN) attack. Brief Information About BIN attacks: Every credit card has six digits at the beginning of the card that are tied to a specific bank. When attackers obtain those six digits, which are the same digits for thousands of customers, they can then utilize software programs to brute-force the remaining digits along with accompanying CVV security codes and expiration dates. The threat actors might then use another tool to push out these generated credit card numbers, expiration dates, and CVV security codes, among thousands of different online matches in hopes that they will get a match and successfully scam unsuspecting bank customers.  In the case of REDFCU, it appears that these threat actors were plugging in the numbers to Walmart.com until…

Continue reading
The Growing Menace of Ransomware in 2025

In 2025, ransomware remains a relentless cyber threat, with attackers refining their strategies to maximize damage. Unlike earlier variants, modern ransomware combines advanced encryption with cunning infiltration methods, targeting organizations’ most valuable assets. Criminals demand steep cryptocurrency ransoms, leaving victims weighing financial ruin against data loss. Austin Gomez at InfoSecDigest.com recently explored data on Ransomware.live which is a cybersecurity resource created by security researcher Julien Mosqueton. We examined several recent attacks, and identified a striking trend. A clear shift has emerged: attackers now prioritize small and medium-sized enterprises (SMEs) over large corporations. For example, a regional accounting firm in Ohio, was hit in January 2025, losing decades of tax records after attackers exploited an unpatched server. Similarly, a family-owned manufacturer in Texas faced a “double extortion” attack in February, where hackers encrypted production systems and leaked client contracts online after the ransom went unpaid. Another case saw a rural school district in Montana crippled in March, with student records held hostage via malware delivered through a compromised third-party app. These examples highlight the pivot to softer targets—SMEs often lack the dedicated IT teams or budgets of bigger firms. Attackers infiltrate via outdated software, weak passwords, or third-party vendors, then escalate…

Continue reading
X.com Outage: Is a Hacktivist DDoS Attack Targeting Elon Musk to Blame?

On March 10, 2025, X.com—one of the world’s leading social media platforms—experienced a prolonged outage, leaving users and observers puzzled. While downtime isn’t unheard of for major websites, the extended disruption has sparked widespread speculation about its cause. However, Elon Musk, X.com’s owner, took to the platform to reveal that a massive cyberattack is behind the outage, actively disrupting services. https://twitter.com/elonmusk/status/1899149509407473825 Our analysis of the cyber attack: Using the term "Cyber attack" can mean a lot of things. However, we at InfoSecDigest.com believe that this could possibly be a large-scale DDoS(Distributed Denial of Service) attack by haktivists. Notebly, Elon Musk has been making headlines lately from his remarks about Ukraine to to his Tesla facilities across the nation being attacked by activists.

Continue reading
Crypto Storage 101: How to Keep Your Bitcoin & Altcoins Safe from Hackers

If you’re itching to jump into Bitcoin, Algorand, or any of those shiny cryptocurrencies, you’d better have a plan to keep them safe. The ugly truth? These digital coins are like catnip for hackers and scammers prowling the wilds of the internet. I’m here to break down how you can stash your crypto without handing it over to the bad guys on a silver platter. Let’s dig in. Storing Your Coins on a Crypto Exchange: Picture crypto exchanges as the online banks of the digital world—places where you can buy, sell, and park your coins, all from your comfy browser. Sounds convenient, right? It is, kind of like trusting a bank to guard your cash. Banks have vaults, guards, and fancy security cameras; the good exchanges try to flex similar muscle with tech and firewalls. But here’s the rub—not every exchange is Fort Knox. We’ve seen cyrpto exchanges get cracked open like piñatas, spilling users’ coins into the ether. When you hand over your crypto, you’re betting on their defenses, and sometimes, they roll snake eyes. Locking Down Your Exchange Stash: Choosing an exchange means you’re trusting them to not screw up, but you’re not helpless here. Slap on two-factor…

Continue reading
Beware: Physical Letter Scams Targeting Executives Pretend to Be BianLian Group

On March 6th, 2025, the FBI dropped a heads-up about a sneaky scam hitting mailboxes across the U.S. This time, it’s not your typical email phishing nonsense—crooks are sending physical letters to corporate bigwigs, pretending to be the infamous BianLian Group. You know, those ransomware pros who’ve been making headlines for all the wrong reasons? Thing is, there’s no solid proof these letters actually come from BianLian. Seems like some opportunists are just borrowing the name to sound scary. The game plan here is pretty obvious: trick executives—the folks who can sign off on big money moves—into wiring cash straight to the scammers. It’s a bold phishing play, skipping the usual “encrypt your files” ransomware routine for something more old-school. And honestly, that’s what makes it so wild—it’s a letter you can hold, not just some sketchy link in your inbox. So, what’s a corporate exec supposed to do when the mail turns into a minefield? First off, get everyone in the company clued in with some solid cybersecurity training. I’m talking workshops or quick sessions where the team learns how to spot a scam from a mile away. Weird phrasing, demands for cash out of nowhere, or anything that…

Continue reading