Cyber Defense Advisors

Year: 2023

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

Privilege Escalation Via a Cloud Compute Resource

ACM.133 Limiting Pass Role permissions using AWS IAM policies This is a continuation of my series on Automating Cybersecurity Metrics. In the last post I wrote about AWS IAM Permission Boundaries. AWS IAM Permission Boundaries In this post we’ll consider permission boundaries with the IAM Pass Role permission. The IAM Pass Role permission How does a […]

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

What is Cloud?

Defining a nebulous term This is a bonus topic as I’m working through this series on Automating Cybersecurity Metrics and reading other cybersecurity material simultaneously. I have run across a number of interesting definitions of cloud over the years and just recently read one again which prompted me to write this post. It’s just a random […]

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

Check the Blog for Updates to Stories Sent in Emails

A recommendation for my email subscribers, due to Medium limitations Just a note to my email list subscribers. For anything I write, you will probably want to check the blog for any updates when you read the posts. Medium will not let me send a link only in email unless I put a paywall in front […]

Cyber News, Cyber Threat Trends

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.

Cyber News, Cyber Threat Trends

Friday Squid Blogging: How to Buy Fresh or Frozen Squid

Good advice on buying squid. I like to buy whole fresh squid and clean it myself. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Cyber News, Cyber Threat Trends
  • by
  • January 14, 2023

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept (PoC) exploit. The issues are rooted in the router’s web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious

Cyber News, Cyber Threat Trends
  • by
  • January 14, 2023

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. “Users of ‘tiktok[.]com’ could not refuse cookies as easily as accepting them and they were not […]

Cyber News, Cyber Threat Trends

The Guardian Confirms UK Members’ Data Was Accessed in Ransomware Attack

The updates come from The Guardian’s CEO Anna Bateson and its editor-in-chief Katharine Viner

Cyber News, Cyber Threat Trends