Posts
All the articles I've posted.
-
Instructure Paid. Now What? The Case For and Against the Canvas Ransom Deal.
Instructure reached an agreement with ShinyHunters hours before the May 12 deadline. The ransom debate is old but this case adds new wrinkles worth working through.
-
The Canvas Breach and What It Tells Us About Vendor Risk in Education
ShinyHunters breached Instructure and compromised data from thousands of institutions. The technical details matter less than what this breach pattern keeps telling us about third-party risk.
-
The Midnight Beachhead: A Real-World RCE Incident on a University Network
Shortly after midnight, an attacker exploited a known vulnerability in a web-facing server at one of our international campus locations. This is what happened next.
-
Sinkhole, Bursts, and a 142-Minute Retry Timer: Reading C2 Behavior in the Logs
A phishing click led to fixed-size C2 check-ins arriving in two distinct bursts with a 142-minute gap between them. The pattern told the story before we had a verdict.