Threat Research Report: The State of Cryptomining
A fantastic detailed write-up of the State of Cryptomining. – JJM
A Few Leadership Work-From-Home Tips
With so many people now being asked to work-from-home as part of the evolving COVAD-19 precautions, I figured it was worthwhile to put together a few tried-and-true practices to keep…
Overcoming crypto assessment challenges to improve quantum readiness
{JJM} I’ve been beating the drum about this for a while. As an industry, we need to consider how long it takes for us to find/replace the mountious number of…
To Scan or Not to Scan? Why Frequency Matters for DevSecOps
{JJM}There are strong cases to be made that by empowering developers to scan their code as often as they want, the number of vulnerabilites drops significantly.
How the US can avert a ‘quantum catastrophe’
{JJM} This is a great write-up on why we need to be concerned with quantum computing/cryptography NOW, regardless of what NIST recommends.
The Top Five Web Application Authentication Vulnerabilities We Find
One of the most important parts of a web application is the authentication mechanism, which secures the site and also creates boundaries for each user account. However, during my years…
Spear phishing is now the main attack vector for cybercriminals, says Europol
Spear phishing is the number one cyber-threat to organizations in the European Union, according to the European Cybercrime Centre (EC3), a group of cybersecurity experts set up by Europol to…
PPT Template: Build Your 2020 Security Plan
The end of the year is coming, and it’s time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding…
To Prove Cybersecurity’s Worth, Create a Cyber Balance Sheet
How tying and measuring security investments to business impacts can elevate executives’ understanding and commitment to cyber-risk reduction.
Linux users warned to update libarchive to beat flaw
The bug is identified as CVE-2019-18408, a high-priority ‘use-after-free’ bug when dealing with a failed archive.
How to Secure Critical Infrastructure When Patching Isn’t Possible
Mission-critical systems can’t just be switched off to apply security updates — so patching can take weeks if not years.
Reasons Behind the Cybersecurity Skills Gap
There have been a lot of studies this year examining the cybersecurity workforce and skills shortage, but the (ISC)2 Cybersecurity Workforce Study 2019 has taken a different approach to analyzing…
The Definitive RFP Templates for EDR/EPP and APT Protection
Advanced Persistent Threats groups were once considered a problem that concerns Fortune 100 companies only. However, the threat landscape of the recent years tells otherwise—in fact, every organization, regardless of…
5G and IoT: How to Approach the Security Implications
Experts from Nokia, iboss and Sectigo talk 5G mobile security for internet of things (IoT) devices in this webinar YouTube video (transcript included).
Black Hat USA 2019, Rebecca Lynch ‘s ‘Woke Hiring Won’t Save Us: An Actionable Approach To Diversity Hiring And Retention’
Thanks to Black Hat for publishing the Black Hat 2019 tremendous conference videos on their YouTube Channel Permalink The post Black Hat USA 2019, Rebecca Lynch ‘s ‘Woke Hiring Won’t…
In the Market for a MSSP? Ask These Questions First
Not all managed security service providers are created equal. These questions can reveal whether you are hiring the right people to help secure your business.
A Few Leadership Work-From-Home Tips
A few tried-and-true practices to keep you productive and sane while spending an unexpected few weeks in the home office.