Collaborate Disseminate
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold of privileg… Continue reading The changing face of identity security
Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near the end of the month, but with the early release, ear… Continue reading November 2024 Patch Tuesday forecast: New servers arrive early
Through their past military service, veterans are trained to think like adversaries, often share that mission-driven spirit and excel when working with a team to achieve a larger goal. They develop and champion the unique traits that cybersecurity comp… Continue reading 4 reasons why veterans thrive as cybersecurity professionals
In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. The Apple proposal will likely go up for a vote among Certification Authority… Continue reading Apple’s 45-day certificate proposal: A call to action
In September 2024, the Federal Trade Commission (FTC) released an eye-opening report that digs into the data habits of nine major tech giants, including Amazon (Twitch), ByteDance (TikTok), Discord, Facebook, Reddit, Snap, Twitter, WhatsApp, and YouTub… Continue reading Consumer privacy risks of data aggregation: What should organizations do?
The open-source software (OSS) industry is developing the core software for the global infrastructure, to the point that even some proprietary software giants adopt Linux servers for their cloud services. Still, it has never been able to get organized … Continue reading Open-source software: A first attempt at organization after CRA
Yet again, connected devices are in the news for all the wrong reasons. In October, security researchers found that robot vacuums from Chinese company, Ecovacs, can be compromised via a backdoor. In one case, hackers gained control over the device and … Continue reading IoT needs more respect for its consumers, creations, and itself
Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, rather than fire suppression experts designing environments that refuse to burn…. Continue reading Risk hunting: A proactive approach to cyber threats
In the war against malicious cyber activity, it’s time for security vendors to step in – and it’s not how you might think. CISA Director Jen Easterly put it right at this year’s Black Hat conference: “We got ourselves into this; we have to get ourselve… Continue reading A good cyber leader prioritizes the greater good
Climbing Mount Everest isn’t a feat for the faint hearted. Extreme weather, dangerous terrain and acclimatization requirements make the trek challenging for even the most experienced climbers. It’s estimated that the expedition takes more than two mont… Continue reading Achieving peak cyber resilience