Location
Folsom, CA
I am looking forward to a spirited discussion with my amazing colleague Cassie Crossley on the rapidly shifting threat landscape. We need to discuss how Anthropic’s Mythos is a signal for major disruption in the vulnerability management, security…
Apple and Intel formally reconcile to once again produce chips. As 2027 nears and the likelihood of a Chinese invasion of Taiwan rising, the risks to serious global chip disruption is something that cannot be ignored. Apple is smart to diversify…
What is MythosMythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software,…
With preliminary use, it uncovered thousands of sensitive flaws, some existing for decades without detection. It found them in every major operating system and web browser.Mythos’s capabilities don’t not stop there, as it can also create exploits…
The security company Fingerprint discovered how on Firefox browsers, websites could track users even if they used private browsing tabs or the anonymity focused TOR browser. Mozilla closed the vulnerability in Firefox 150, that was released on April…
How good are AI models getting at technical tasks? …better than most humans in MANY fields.This has serious implications for cybersecurity! The attackers and defenders will leverage these models in many ways that will impact the overall trust in…
I had a great discussion on the Full Metal Packet podcast, talking with Yegor Sak and Alex Paguis, about the cybersecurity risks and challenges that is accompanying the global adoption of AI. These fundamental issues are outlined in the 2026…
Anthropic’s latest AI Model, Claude Mythos, will break the cybersecurity vulnerability management operational models. Mythos is so good at discovering and building viable exploits it is currently being rolled-out in a controlled manner under…
Details emerge on how Axios was infected with a Remote Access Trojan in March, undermining the security in one of the most popular JavaScript libraries that has 100 million downloads weekly. The attack path was a customized social engineering…
The RSAC conference has once again descended upon San Francisco and delivered an event that brings together the largest collection of industry leaders, technologies, and cybersecurity community events! Over the course of several days, attendees…
AI has become the most powerful tool for financial fraud since the dawn of the Internet. As predicted, criminals are exploiting it faster, more effectively, and at scale. According to the latest Interpol Global Financial Fraud Report, AI-enhanced…
Cyber attackers increasingly target SMBs because they are often the easiest path into larger supply chains. As cyberattacks are ramping up, specifically against Critical Infrastructure sectors, Small and Medium Businesses (SMBs) are feeling the…
Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data and severed employee access, likely from an Iranian sponsored hacking group.Stryker Corporation is a global…
The military attacks involving Iran in the Middle East are the latest reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness. Concerns for elevated risks…
After the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber?Iran has a…
