Location
Folsom, CA
I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is not a technical vulnerability, it comes down to a design…
I’m thrilled to join the incredible team at The Cyber Express as a member of their Editorial Advisory Board! It’s an honor to collaborate with an esteemed group of cybersecurity experts, all dedicated to delivering accurate, timely, and valuable…
A “Perfect” 10 vulnerability score is not what users of Cisco Ultra-Reliable Wireless Backhaul (URWB) systems were expecting. The recently discovered cybersecurity vulnerability CVE-2024–20418 is remote, easy, and gives full Admin rights to the…
I had a tremendous time at the InCyber Montreal forum. The speakers, panels, fellow practitioners, and events were outstanding!I bumped into Dan Lohrmann and Nancy Rainosek before their panel with Sue McCauley on CISO challenges. We had some very…
This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!Never underestimate the creativity and resourcefulness of intelligent adversaries in finding ways to leverage technology for…
The SEC has fined four major companies for materially misleading investors regarding cyberattacks.Tech in TroubleRegulatory actions have been brought against Unisys, Avaya, Check Point, and Mimecast for their purposeful decisions to not clearly…
It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries.A top US national cybersecurity advisor stated in a recent op-ed, “This is a troubling practice that must…
The most influential cybersecurity experts discuss adversaries, risks, cyber warfare, and supply chain outages on the Cybersecurity Insights podcast! Reality of Cybersecurity Risks for AI — Ejona Preci Cybersecurity is Adversarial — Our Failures are…
Secureworks released a report detailing how North Korean attackers are targeting western countries with a new tactic. Attackers are fraudulently obtaining positions so they can victimize the employer!I predict we will see more of these types of…
A recent report by Trellix indicated that due to growing complexity, responsibility, and regulatory accountability, a majority of CISOs believe their role should be split into separate positions.This finding struck me as a little odd. It seems…
Explaining cybersecurity is challenging, but with the right visual interface, it is easier to understand the behavioral, technical, and process aspects of cyberattacks.For the full video Explaining Ransomware:…
Two Cryptocurrency Exchanges were recently taken down by authorities. The PM2BTC and Cryptex sites were seized.Video: https://youtube.com/shorts/wvRelrVSOcE This is important for two reasons:1. It disrupts illegal money laundering, in this case,…
Ransomware is one of the most devastating challenges in cybersecurity today. The attacks are vicious, expensive, impactful, and becoming commonplace.Over the years I have predicted its rise, discussed why it is so challenging, debunked myths like…
This is how to redefine CISO events! I had a spectacular time at the “Locked In — The Cybersecurity Event of the Year!” Organized by Rinki Sethi and Lucas Moody, it was nothing short of epic! Forget long boring sessions and tracks, this was about…
