Security Leftovers

posted by Roy Schestowitz on Jun 28, 2025

• Pen Test Partners ☛ How we turned a real car into a Mario Kart controller by intercepting CAN data

  TL;DR Introduction If you went to our PTP Cyber Fest over the Infosec week you may have seen the PTP hack car being used as a games controller for the game SuperTuxKart (a free and open-source Mario Kart type game).

• Security Week ☛ Man Who Hacked Organizations to Advertise Security Services Pleads Guilty

  Nicholas Michael Kloster has pleaded guilty to computer hacking after targeting at least two organizations.

• Security Week ☛ Bipartisan Bill Aims to Block Chinese Hey Hi (AI) From Federal Agencies

  The proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts.

• Federal News Network ☛ A cybersecurity ‘awakening’ at the VA

  The 2006 VA data breach shined a spotlight on cybersecurity challenges facing government. Many of those issues persist to this day.

• Security Week ☛ CISA Warns AMI BMC Vulnerability Exploited in the Wild

  CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17.

• Security Week ☛ Central Kentucky Radiology Data Breach Impacts 167,000

  The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology.

• Scoop News Group ☛ Notorious cybercriminal ‘IntelBroker’ arrested in France, awaits extradition to US

  Kai West, a 25-year-old British national, is accused of stealing data from more than 40 organizations during a two-year spree.

• Security Week ☛ British Man Suspected of Being the Hacker IntelBroker Arrested, Charged

  25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States.

• Funny Hacking Stories That Will Make You Question Everything You Know About Hackers

  From cupcake recipes replacing bomb instructions to AC/DC blasting through nuclear facilities, these amusing cyber incidents prove that sometimes the best security breaches make us laugh - funny hacking stories.

• Qt ☛ Why Cyber Resilience Requires a Cultural Shift

  The countdown to the European Union’s Cyber Resilience Act (CRA) is underway. The new regulation lays out an extensive set of cybersecurity requirements throughout the lifecycle of products with digital elements (PDEs) sold in the EU market. This brings about a need for a fundamental shift for organizations from cyber security to cyber resilience.

• OpenSSF (Linux Foundation) ☛ OpenSSF Welcomes New Members and Presents Golden Egg Award

• Federal News Network ☛ NCSC nominee calls for new counterintelligence career field

  The nominee for the NCSC director also called for ratcheting up efforts to thwart foreign adversaries attempting to recruit former government employees.