January 3rd, 2018 by John
https://www.csoonline.com/article/3245037/security/researcher-drops-15-year-old-macos-zero-day-that-leads-to-full-system-compromise.html
Posted in Cybersecurity & Infosec, Exploits & Attacks
January 3rd, 2018 by John
Posted in Cybersecurity & Infosec
December 6th, 2017 by John
US-CERT has released a security update regarding a vulnerability in Apache Struts versions 2.5 to 2.5.14. The Apache Software Foundation released Apache Security Bulletins S2-054 and S2-055, which respectively address CVE-2017-15707 and CVE-2017-7525.
The vulnerabilities could allow a remote, unauthenticated attacker to perform a denial-of-service (DOS) by submitting malicious JSON data. The vulnerable systems use an outdated JSON-lib library with the Struts REST plugin. Read More
Posted in Cybersecurity & Infosec, Exploits & Attacks
October 10th, 2017 by John
Title: “A Corporate Guide to Surviving Cyberwarfare Through Cyber Resiliency”
My presentation from Hacker Halted – Atlanta, GA – October 9, 2017 Read More
Posted in Cybersecurity & Infosec, Presentations & Webinars Tagged with: 2017, cybersecurity, cyberwarfare, Hacker Halted, Infosec, presentation, resiliency
(via POLITICO) Senate lawmakers will mark up bills this week aimed at boosting cyber skills among small businesses and expanding the cyber workforce more broadly. On Wednesday, the Small Business Committee will consider legislation that would require workers at small business development centers to be certified in cyber training, and the Commerce Committee will consider a bill to expand cyber scholarships to people pursuing associate’s degrees. The scholarships bill would also create a National Science Foundation study on the success of the cyber scholarship recruiting program. Scholarships for young cyber professionals have emerged as a key tool to fill what experts say is an alarming and growing workforce shortage. Rep. Jim Langevin, co-chair of the Congressional Cybersecurity Caucus, recently introduced an amendment to the 2018 Pentagon funding bill that would add money to DoD’s own cyber scholarship initiative.
In related news, I was happy to offer Representatives Jim Langevin and Will Hurd a tour of R00tz at DEF CON this past weekend. It is great to know that Congress is taking cybersecurity and education seriously as we face a shortage in our field.
Posted in Community, Cybersecurity & Infosec