German Cybersecurity Chief Faces Sacking Over Possible Russia Ties
Schoenbohm accused of having maintained contacts with people involved with Russian security services
Cyber NewsComplex Impersonation Story
This is a story of one piece of what is probably a complex employment scam. Basically, real programmers are having their resumes copied and co-opted by scammers, who apply for jobs (or, I suppose, get recruited from various job sites), then hire other people with Western looks and language skills are to impersonate those first […]
Cyber NewsCybersecurity Re-Launchers: Pivoting into Cybersecurity as a Mid-Career Professional
It is never too late to start a career in cybersecurity — this may sound cliché, but it holds a lot of truth. If you are passionate about the topic and are ready to put in the work to acquire the skills and knowledge needed, anyone, regardless of educational background, can break into cybersecurity. At […]
Cyber NewsWhen It Comes to M&A, Security Is a Journey
Shiva Persaud is the director of security engineering for Cisco. His team is responsible for the Cisco Secure Development Lifecycle (CSDL), a set of practices based on a “secure-by-design” philosophy developed to ensure that security and compliance are top-of-mind in every step of a solution’s lifecycle. This blog is the third in a series focused […]
Cyber NewsDeveloper Virtual Machines as Bastion Hosts
ACM.76 Why you might want to move development to cloud VMs This is a continuation of my series on Automating Cybersecurity Metrics. I’ve been logging into a VM on AWS to deploy CloudFormation scripts up to this point in this series. I am using a host I previously deployed in an automated fashion from another project, […]
Cyber NewsNew Report Uncovers Emotet’s Delivery and Evasion Techniques Used in Recent Attacks
Threat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control (C2) infrastructure to escape detection, according to new research from VMware. Emotet is the work of a threat actor tracked as Mummy Spider (aka TA542), emerging in June 2014 as a banking trojan before morphing into an all-purpose loader in 2016 […]
Cyber News6 Things Every CISO Should Do the First 90 Days on the Job
A CISO’s responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago.
Cyber NewsSerious Security: OAuth 2 and why Microsoft is finally forcing you into it
Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it.
Cyber NewsAWS Private Link and VPC Endpoints
ACM.75 An alternative to NATs and Internet Gateways This is a continuation of my series on Automating Cybersecurity Metrics. We looked at adding a VPC configuration for our Lambda function in an earlier post in this series where I demonstrated how a Lambda function that had Internet access may be abused. I also mentioned two options […]
Cyber News