Security Field Day 15 - Tech Field Day

I’m looking forward to being a delegate for @techfieldday.com #XFD15 with the Dell Tech presentations at on April 29, 2026, from 1:30 PM to 2:30 PM PT. Watch the live stream on LinkedIn, Techstrong TV, see -

tfd.bz/xfd15

Commission proposes measures to Google on sharing search engine data with third parties under Digital Markets Act The European Commission has sent preliminary findings to Google outlining proposed measures to comply with the Digital Markets Act (DMA).

The EU reports that Google has refused to share search engine with competitors per the EU Digital Markets Act requirements.

ec.europa.eu/commission/p...

Interesting new open source tool from Gabriel Pavel. This AWS linter reviews your cli command prior to execution and notifies of any known security issues with the pending procedures.

github.com/gabrielPav/a...

Fraudsters targeting cryptocurrency stopped and $12 million frozen in NCA-led Operation Atlantic More than $12 million has been frozen and 20,000 victims identified in an NCA-led international operation targeting cryptocurrency and investment scammers.

Good news the UK National Crime Agency along with US authorities have seized 12 million in stolen crypto taken from over 20k victims.

www.nationalcrimeagency.gov.uk/news/fraudst...

Seoul to guarantee access to basic mobile data after caps | Yonhap News Agency By Kang Yoon-seung SEOUL, April 9 (Yonhap) -- Mobile phone users in South Korea will hav...

The South Korean Government has made basic internet access along with phone and text service a required utility that cannot be stopped despite a user access plan limits.

en.yna.co.kr/view/AEN2026...

Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% The average production cost was sitting at $88,000 per bitcoin in mid-March, according to Checkonchain's difficulty regression model.

Apparently it now costs more to create 1 bitcoin than current value on the market.

www.coindesk.com/markets/2026...

Gemeenten testen autonome digitale werkplek 4 gemeenten starten met een pilot voor een autonome digitale werkomgeving. Zij testen een Linux-werkplek en MijnBureau. De pilot moet gemeenten helpen minder afhankelijk te worden van grote softwarele...

Looks like the Dutch governments are continuing their moves away from US tech giants by testing the move from Microsoft to Linux and LibraOffice.

vng.nl/nieuws/gemee...

Gemeenten testen autonome digitale werkplek 4 gemeenten starten met een pilot voor een autonome digitale werkomgeving. Zij testen een Linux-werkplek en MijnBureau. De pilot moet gemeenten helpen minder afhankelijk te worden van grote softwarele...

Looks like the Dutch governments are continuing their moves away from US tech giants by testing the move from Microsoft to Linux and LibraOffice.

vng.nl/nieuws/gemee...

New Open Source tool, the WolfSSL project has released a TCP/IP stack designed for embedded and safety-critical systems.

www.prweb.com/releases/wol...

Agent Name service to register and track #AI agent activity on web sites is being endorsed by both Cloudflare and GoDaddy.

www.cloudflare.com/press/press-...

Protecting Cookies with Device Bound Session Credentials Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April ...

The latest update for Google Chrome adds a new security feature Device Bound Session Credentials (DBSC). This prevents the stealing of cookies to highjack user authentication and access on other devices.

security.googleblog.com/2026/04/prot...

DomainTools Investigations | DPRK Malware Modularity: Diversity and Functional Specialization Explore the DPRK’s modular malware architecture. Analyze how North Korea uses compartmentalized toolchains for espionage, crypto theft, and strategic signaling.

Interesting deep dive by DomainTools on how the North Korean DPRK security are organizing into specialty teams that focus on either Espionage; e-crime or disruption attacks.

dti.domaintools.com/research/dpr...

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments | Microsoft Security Blog Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution be...

According to Microsoft security PHP web shells are shifting to using cookie values when controlling infected host systems instead of the usual URL parameters.

www.microsoft.com/en-us/securi...

That time again to review the new security advisories from Palo Alto Networks and get patching the affected gear.

security.paloaltonetworks.com

That time again to check all the new security advisories released on Juniper gear and get patching.

supportportal.juniper.net/s/global-sea...

Attackers Are Hunting High-Impact Node.js Maintainers in a C... Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

Interesting report that major developers from the open source software ecosystem are being targeted by North Korean state cyber actors in attempts are supply chain attacks.

socket.dev/blog/attacke...

Cambodia says new law tightens net on online scams Cambodia’s Justice Ministry floats a new draft law that could punish scam company leaders with life imprisonment, with minister Keut Rith stating the country’s reputation damage and its willingness to...

Good News that Cambodia is continuing the campaign to shut down internet scam centers by passing a new law focusing on those running the centers and their human trafficking operations to get the staff with serious jail time and fines.

mekongindependent.com/2026/04/camb...

Reverse engineering Apple’s silent security fixes I grabbed the latest iOS update, and diffed it with ipsw. The diff reveals at least two security-relevant changes that were shipped quietly.

Interesting deep dive on how the new Apple no reboot security update process works.

blog.calif.io/p/reverse-en...

The latest country to officially investigate the big five - Facebook Instagram Snapchat TikTok and YouTube is the Australian online safety commission for youth accounts.

www.esafety.gov.au/newsroom/med...

C++26 is done! — Trip report: March 2026 ISO C++ standards meeting (London Croydon, UK) News flash: C++26 is done! 🎉 On Saturday, the ISO C++ committee completed technical work on C++26 in (partly) sunny London Croydon, UK. We resolved the remaining international comments on the C++26…

The new standard for C++26 has been approved and ready for rollout with the work starting on the next version C++29.

herbsutter.com/2026/03/29/c...

Google Workspace Updates: Ransomware detection and file restoration for Google Drive now generally available

Good news that Google is rolling out a new feature for Workspace to prevent Ransomware attacks on the platform. Includes a detection and restoration service.

workspaceupdates.googleblog.com/2026/03/rans...

OpenClaw Trap: AI-Assisted Lure Factory Targets Developers & Gamers Netskope Threat Labs identified a link to a malware campaign operating across at multiple GitHub repositories, spanning over 300 delivery packages,

Interesting report from Netskope on disguised GitHub repos that host malware.

www.netskope.com/blog/opencla...

The EU parliament has passed a law banning #AI nudity apps that are able to create nudes of people without their consent.

www.europarl.europa.eu/news/en/pres...

Good news the US Department of Justice in cooperation with Canada and Germany has disrupted four DDoS botnet networks.

www.justice.gov/usao-ak/pr/a...

Commission investigates Snapchat\'s compliance with child protection rules under the Digital Services Act The European Commission has opened formal proceedings to investigate if Snapchat is ensuring a high level of safety, privacy and security for children online, in compliance with the Digital Services A...

The EU has announced a investigation into Snapchat failure to find and report grooming on their platform and properly implement child protection law requirements.

ec.europa.eu/commission/p...

Quantum frontiers may be closer than they appear An overview of how Google is accelerating its timeline for post-quantum cryptography migration.

Looks like Google has advanced to 2029 the date they believe Quantum will be able to crack some cryptography routines and have adjusted their product rollout timeline to match.

blog.google/innovation-a...

Alleged ‘Fake Prince’ Arrested in Nigeria as Another Apparent Victim of the Romance Scam Comes Forward A recent OCCRP investigation identified a Nigerian man who allegedly posed as a Dubai prince to scam a Romanian woman. Now, another apparent victim of the same online scam has emerged.

Good news that the Nigerian authorities continue their crackdown on scammers. They have arrested and charged an individual with stealing $2.5M from Business owners thinking they were supporting a humanitarian charity.

www.occrp.org/en/news/alle...

Good news that the US Justice Department has located and charged a scammer behind targeted phishing of professional athletes.

www.justice.gov/usao-ndga/pr...

Google has signed the Industry Accord Against Online Scams and Fraud. A look at Google’s support for the Industry Accord Against Online Scams and Fraud and its ongoing work to fight scammers.

Looks like the upcoming UN Global Fraud Summit has spurred action with eleven companies agreeing to share threat data to prevent abuse and scams on their platforms.

blog.google/innovation-a...

Cyber-attacks against the EU and its member states: Council sanctions three entities and two individuals The Council adopted restrictive measures against three entities and two individuals responsible for cyber-attacks against EU member  states and EU partners.

Good news that the European Union has imposed sanctions on three groups and two individuals for cyber crime activities in the EU. These are also operating in the US and other jurisdictions.

www.consilium.europa.eu/en/press/pre...