Incident Response

Physical security and cybersecurity are usually treated as separate disciplines. One involves cameras and locks, the other involves SIEMs and firewalls. But after designing and deploying a full surveillance system at a regional nonprofit, I came away with a clearer understanding of how tightly the two connect — and how much the operational challenges of physical security monitoring mirror the work of a SOC analyst. The deployment The system covers LRDA’s facility — a building with around 40 rooms across three entrances (front, rear, and side), with coverage both inside and outside. ...

This week GitHub confirmed that roughly 3,800 of its internal repositories were breached after an employee installed a malicious VS Code extension. The extension was live on the official Visual Studio Marketplace for 18 minutes. That was enough. The breach didn’t come out of nowhere. It’s the latest escalation in a coordinated supply chain campaign by a threat group called TeamPCP — and it connects back to a sophisticated npm attack that happened ten days earlier. Here’s how the whole thing fits together. ...