Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ

Aggressive countries are leveraging cyber to conduct offensive operations against targets across the globe. The threat of nation-state attacks is growing and I had the opportunity to discuss the challenges with Jeremey Strozer, a strategic risk and i

When I heard of the MSI compromise, I had similar fears of an IT supply chain attack. However, after walking the logic and high-level details I felt that the current attack was unlikely a sophisticated play to compromise downstream consumers of MSI p

One of my cybersecurity predictions for 2023 is the rise of cyber Private Military Companies (PMC) to specialize in cyberattacks.

One of the most famous PMCs currently in the news is the Russian Wagner group that is fighting for Russia on the ground

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

On January 19, 2023, it was reported that thousands of PayPal accounts have been hacked. This news has caused concern among PayPal users who are now wondering if their own accounts have been compromised. In this blog post, we will provide an overview

The recent outage of the Federal Aviation Administration’s Notice to Air Missions (NOTAM) Pilot-Alert system, which triggered a 90 minute “ground stop” delayed over 9 thousand flights and was behind the cancelation of 1300, leaving countless flyers s

There are 3 things that LastPass customers need to know and do, to protect themselves from the recent encrypted vault breach! 

Consider this a community service video for LastPass users!

I hope this nonsense does not escalate down this path, but as Russia continues to fail with their attempts to conquer Ukraine, Putin will become more desperate and want to lash-out at Ukraine’s biggest international supporters.  Cyberattacks are a gr

Uber’s latest breach is big and fraught with concerns about the maturity of the company’s cybersecurity capability. Failure abounds across their technology, behaviors, and processes. We can all learn from Uber’s mistakes!

For more strategic insights

The Syniverse hack may be the most important data breach of the year!

Hackers had access for 5 years and potentially compromised hundreds of billions of SMS text messages, likely including 2nd Factor Authentication codes that protect logins and are us

No doubt you had heard about Chrysler’s recall of affected cars as it appeared in all the top media. You’ll be even more surprised if you see how many recalls happened because of technical issues in recent months. But there is something that we may m

Zoom is in crisis mode, facing grave and very public concerns regarding the trust in management’s commitment for secure products, the respect for user privacy, the honesty of its marketing, and the design decisions that preserve a positive user exper

The first warning sign was “hackproof” in the 360Lock marketing materials. As it turns out, with no surprise to any security professional, the NFC and Bluetooth enabled padlock proved to be anything but secure.

Straightforward penetration testing reve

A group of security vulnerability researchers, after many months of work, were able to figure out the update process and secret key used to decrypt Intel microcode updates for the Goldmont architecture product lines.

This is an important finding as it

Another vulnerability and exploit named VoltPillager has been published for Intel Corporation's SGX security technology.  The attack itself is simply a hardware version of a previously discovered PlunderVolt software vulnerability where voltage to th

Cyber attackers continue to move down the compute stack with the latest variant of TrickBot now targeting firmware for malicious manipulations.  This is when it gets serious.  The firmware sits below the operating system and is a perfect place for ma