All Articles

I didn’t see much visibility on this DocuSign hack. This is a situation where the product features were not vetted to understand if they could be misused by malicious fraudsters. There is not a technical vulnerability, it comes down to a design weakn

I had a tremendous time at the InCyber Montreal forum. The speakers, panels, fellow practitioners, and events were outstanding!

I bumped into Dan Lohrmann and Nancy Rainosek before their panel with Sue McCauley on CISO challenges. We had some very int

This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!

Never underestimate the creativity and resourcefulness of intelligent adversaries in finding ways to leverage technology for the

Explaining cybersecurity is challenging, but with the right visual interface, it is easier to understand the behavioral, technical, and process aspects of cyberattacks.

For the full video Explaining Ransomware: https://www.youtube.com/watch?v=njXi-NoL

Ransomware is one of the most devastating challenges in cybersecurity today. The attacks are vicious, expensive, impactful, and becoming commonplace.

Over the years I have predicted its rise, discussed why it is so challenging, debunked myths like bla

I had a great discussion on the SECURITYbreak podcast talking about security vulnerability research impacting Apple vision pro VR headsets, MasterCard’s acquisition of threat intelligence vendor Recorded Future, and some horrific aspects of cybercrim

The cybersecurity landscape is evolving at an unprecedented pace, driven by rapid technological advancements and increasingly sophisticated cyber threats. What was sufficient yesterday, will be lacking for tomorrow. Organizations must stay ahead of t

The recent CrowdStrike outage provides valuable lessons in how to avoid causing problems and being more resilient when faced with 3rd party vendor issues. CEOs, CIOs, and Board members have a clear responsibility to protect the business and the inve

The Supreme Court struck down the Chevron Doctrine, sharply cutting back the power of federal agencies to interpret the laws they oversee and ruled that courts should rely on their own interpretation of ambiguous laws. The ramifications will have rip

California’s Department of Motor Vehicles will implement a blockchain to prevent vehicle title fraud. They will use Ava Labs’s Avalanche blockchain to allow over 39 million residents to claim and access their vehicle titles.

The online service is int

In the rapidly evolving field of software development, integrating advanced AI models like ChatGPT can provide significant advantages in enhancing user experience, automating customer support, and facilitating various development tasks. However, as w

Details emerge on how a bad CrowdStrike update was allowed to land on Windows systems and cause over 8 billion computers to fail.

I discuss their leadership and break down the preliminary Post Incident Review document to reveal the point of failure fo

Let’s break down the CrowdStrike outage in non-technical terms!

Thanks for watching! Be sure to subscribe for more Cybersecurity Insights!

Follow me on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/ and on my YouTube channel for more Cybersec

This is the replay of the live LinkedIn interview with Matthew Rosenquist (CISO at Mercury Risk. - Formerly Intel Corp, Cybersecurity Strategist, Board Advisor, Keynote Speaker) to discuss the Rise of Aggressive Nation State Capabilities. Hosted by A

Google wants to up-sell enterprise Gmail users for AI security enhancements, when in reality the feature is mitigating the advances that attackers are making through their own innovative use of AI, making their Social Engineering attacks more effecti

There is no indication that the root of Microsoft’s cybersecurity issues is being addressed. In fact, all indications are that the executive team is somewhat worried and bewildered at the diverse and numerous issues arising. After many embarrassing i

The Cybersecurity Vault - episode 34, with guest Chase Cunningham.

We take a hard look at when organizations make big cybersecurity mistakes, how the attackers see those as opportunities, and how they will maneuver to take advantage.

Chase’s LinkedIn

Microsoft created Recall as a tool to benefit the user, but it has far more value to cybercriminals, hackers, data brokers, digital extortionists, and malicious insiders!

In today’s video, I discuss the risks and what Microsoft should do to protect us

Operation Endgame has taken down a major cyber criminal infrastructure. This is important, but likely not for the reasons you may think.

The multi-national law enforcement effort, led by EUROPOL, seized over 100 servers and 2 thousand domains that hos

Attention IT departments, the FBI is warning US companies to be wary of inadvertently hiring North Koreans to remotely work in their IT departments, amid fears of data theft and hacking.

We are seeing organized activities designed to mask the origins