Cyber Defense Advisors

Cyber News

US to Launch Third Iteration of ‘Hack the Pentagon’ Bug Bounty Program

Cybersecurity researchers will try and find vulnerabilities in the government’s FRCS network

Cyber News, Cyber Threat Trends

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

What is Cloud?

Defining a nebulous term This is a bonus topic as I’m working through this series on Automating Cybersecurity Metrics and reading other cybersecurity material simultaneously. I have run across a number of interesting definitions of cloud over the years and just recently read one again which prompted me to write this post. It’s just a random […]

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

Privilege Escalation Via a Cloud Compute Resource

ACM.133 Limiting Pass Role permissions using AWS IAM policies This is a continuation of my series on Automating Cybersecurity Metrics. In the last post I wrote about AWS IAM Permission Boundaries. AWS IAM Permission Boundaries In this post we’ll consider permission boundaries with the IAM Pass Role permission. The IAM Pass Role permission How does a […]

Cyber News, Cyber Threat Trends
  • by
  • January 16, 2023

Check the Blog for Updates to Stories Sent in Emails

A recommendation for my email subscribers, due to Medium limitations Just a note to my email list subscribers. For anything I write, you will probably want to check the blog for any updates when you read the posts. Medium will not let me send a link only in email unless I put a paywall in front […]

Cyber News, Cyber Threat Trends

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon, a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.

Cyber News, Cyber Threat Trends
  • by
  • January 14, 2023

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept (PoC) exploit. The issues are rooted in the router’s web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious

Cyber News, Cyber Threat Trends

Friday Squid Blogging: How to Buy Fresh or Frozen Squid

Good advice on buying squid. I like to buy whole fresh squid and clean it myself. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Cyber News, Cyber Threat Trends
  • by
  • January 14, 2023

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. “Users of ‘tiktok[.]com’ could not refuse cookies as easily as accepting them and they were not […]

Cyber News, Cyber Threat Trends