Can You Spot the Similarities?

Three seemingly disparate events spread across three years. Can you guess how they are related? In 2020, Marriot Hotels is hacked, and attackers steal the data of 5.2 million guests. In 2021, after compromising IT management contractor Solar Wind, Russian attackers compromised at least nine federal agencies. In 2022, a T-Mobile store owner is convicted […]

It’s Not What on The Inside

firmware attacks

One of the most concerning stories hitting the news this month is how ransomware groups are turning their focus toward firmware attacks. Leaked chats from the Conti ransomware group reveal that the organization is actively working to develop a set of firmware attack techniques. According to records, the group is interested in these attacks because […]

Don’t Build Your Cybersecurity Confidence on the Sand

The Bible uses the now-famous parable of the house “built on the sand.” When the rains came, and the storms hit, the house fell because it did not have a firm foundation. Unfortunately, many cyber departments are constructed the same way. They have survived the last couple of years without a major incident, so they […]

Remember the Mobile Devices!

There is probably no topic of contention that I encounter more as an IT security consultant and auditor than mobile device security. People and organizations just don’t want to secure themselves against mobile devices. The excuses are numerous: Regulating employee mobile devices will lower morale. Employees will think we are spying on them. Other organizations […]