All Articles

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial

I spoke at the Black Hat Conference in Las Vegas for the first time since the COVID-19 pandemic. Here’s what I learned and a few takeaways to share.

I just returned from Black Hat in Las Vegas, and once again, AI dominated all conversations on b

Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able to spy o

LinkedIn Security Tips to Protect from Fraud, Social Engineering, and Hacking

Stay updated on best #cybersecurity practices, be smart, and stay safe!

For more cybersecurity insights, follow me:

• LinkedIn: https://www.linkedin.com/in/matthewrosenquist

• You

San Francisco, Calif., Aug. 1, 2025, CyberNewswire—Comp AI, an emerging player in the compliance automation space, today announced it has secured $2.6 million in pre-seed funding to accelerate its mission of transforming how companies achieve complia

Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that makes the argument that we shouldn’t trust any of the quantum factorization benchmarks, because everyone has been cooking the books:

Simil

LinkedIn is a great communication tool for business professionals that informs, provides opportunities, and fosters collaboration — which is exactly why it is attractive to sophisticated cyber adversaries, including aggressive nation state actors, wh

We’re excited to bring you an insightful fireside chat with Sandro Bucchianeri (Group Chief Security Officer at National Australia Bank Ltd.) and Erik Laird (Vice President - North America, FireCompass). 

Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here’

I will be really, really honest with you — I have been totally “writer-blocked” and so I decided to release it anyway today … given the date.

So abit of history first. So, my “SOC visibility triad” was released on August 4, 2015 as a Gartner blog (it

ProPublica is reporting:

Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its lead

Microsoft faces ongoing, systemic cybersecurity failures rooted in blind spots within its very organizational design. These vulnerabilities repeatedly result in serious product blunders and damaging breaches. This has once again become evident with t

I froze when the question came in. If you work in cyber, you’ll know this question all too well. It’s the one that continues to resurface, both in boardrooms and at industry events:

“Why are people still the weakest link?”

Yes, it was familiar. Yes

The Chinese have a new tool called Massistant.

• Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
• The forensics tool works in tandem with

I am truly honored to join the Advisory Board of MindShield. This marks the beginning of an important journey—one focused on deciphering the underlying cognitive vulnerabilities that malicious cyber threats exploit. Our goal is to help individuals a

In my days there, Gartner had Maverick research (here is mine, from 2015 about social engineering AIs…. yes, really!) that “deliberately exposed unconventional thinking and may not agree with Gartner’s official positions.”

Here is a “maverick-ish” bl

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used th

Seems like an old system system that predates any care about security:

The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) de

We are excited to invite you to the CISO Cocktail Reception if you are there at the BlackHat USA, Las Vegas 2025. This event is organized by EC-Council with CISOPlatform and FireCompass as proud community partners.

Please note that this event is exc

It started in a rugby box.

There I was, watching the match from a VIP suite—surrounded by a handful of other cybersecurity leaders. The beers were cold, the banter flowing, but one comment cut through the noise:

“Cybersecurity’s no longer about tech