The Chinese have a new tool called Massistant.

• Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
• The forensics tool works in tandem with

I am truly honored to join the Advisory Board of MindShield. This marks the beginning of an important journey—one focused on deciphering the underlying cognitive vulnerabilities that malicious cyber threats exploit. Our goal is to help individuals a

In my days there, Gartner had Maverick research (here is mine, from 2015 about social engineering AIs…. yes, really!) that “deliberately exposed unconventional thinking and may not agree with Gartner’s official positions.”

Here is a “maverick-ish” bl

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used th

Seems like an old system system that predates any care about security:

The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) de

We are excited to invite you to the CISO Cocktail Reception if you are there at the BlackHat USA, Las Vegas 2025. This event is organized by EC-Council with CISOPlatform and FireCompass as proud community partners.

Please note that this event is exc

It started in a rugby box.

There I was, watching the match from a VIP suite—surrounded by a handful of other cybersecurity leaders. The beers were cold, the banter flowing, but one comment cut through the noise:

“Cybersecurity’s no longer about tech

As healthcare will become increasingly digitized, the upward push of connected clinical devices—normally called the Internet of Medical Things (IoMT)—is revolutionizing patient care. From wearable glucose monitors and pacemakers to smart infusion pum

I am honored to be selected as the Thinkers360 Ambassador for Cybersecurity!

Congratulations to all the annual selectees, representing their fields of expertise!

Special call-out to my longtime colleagues:

• Chuck Brooks – Security

• Ingrid Vasiliu-Feltes –

Setting the Scene: The Rising Stakes in Cybersecurity

The cyber threat landscape isn’t just expanding—it’s convulsing. Ransomware, state-sponsored hacks, and zero-day exploits are wreaking havoc faster than organizations can respond. Yet, the workforc

UK shows leadership in a proposal to ban ransomware payments for public entities like healthcare, education, government services and other national critical infrastructure! This is a great step forward to undermine all ransomware attacks.

Such a strat

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsof

Building Real World Zero Trust

In cybersecurity’s early days, we built defenses like medieval castles big walls (firewalls), a drawbridge (VPNs), and guards at the gates (passwords). Once someone was inside, they could roam freely. But today’s world

Lately, a lot of people have been asking me about what “triggers” threat modeling. The question confused me: you think about threats as part of any design decision! There are lots and lots of design decisions, ranging from tiny to enormous. For each,