Category: Cybersecurity & Infosec

January 3rd, 2018 by John

https://www.csoonline.com/article/3245037/security/researcher-drops-15-year-old-macos-zero-day-that-leads-to-full-system-compromise.html

Posted in Cybersecurity & Infosec, Exploits & Attacks

January 3rd, 2018 by John

Posted in Cybersecurity & Infosec

January 2nd, 2018 by John

Posted in AI & Machine Learning, Cool-Stuff, Cybersecurity & Infosec, Vendors & Product Reviews

January 2nd, 2018 by John

Posted in Cybersecurity & Infosec, Exploits & Attacks, Supply Chain

December 6th, 2017 by John

US-CERT has released a security update regarding a vulnerability in Apache Struts versions 2.5 to 2.5.14. The Apache Software Foundation released Apache Security Bulletins S2-054 and S2-055, which respectively address CVE-2017-15707 and CVE-2017-7525.

The vulnerabilities could allow a remote, unauthenticated attacker to perform a denial-of-service (DOS) by submitting malicious JSON data. The vulnerable systems use an outdated JSON-lib library with the Struts REST plugin. Read More

Posted in Cybersecurity & Infosec, Exploits & Attacks

October 10th, 2017 by John

Title: “A Corporate Guide to Surviving Cyberwarfare Through Cyber Resiliency”

My presentation from Hacker Halted – Atlanta, GA – October 9, 2017 Read More

Posted in Cybersecurity & Infosec, Presentations & Webinars Tagged with: , , , , , ,

July 31st, 2017 by John

(via POLITICO) Senate lawmakers will mark up bills this week aimed at boosting cyber skills among small businesses and expanding the cyber workforce more broadly. On Wednesday, the Small Business Committee will consider legislation that would require workers at small business development centers to be certified in cyber training, and the Commerce Committee will consider a bill to expand cyber scholarships to people pursuing associate’s degrees. The scholarships bill would also create a National Science Foundation study on the success of the cyber scholarship recruiting program. Scholarships for young cyber professionals have emerged as a key tool to fill what experts say is an alarming and growing workforce shortage. Rep. Jim Langevin, co-chair of the Congressional Cybersecurity Caucus, recently introduced an amendment to the 2018 Pentagon funding bill that would add money to DoD’s own cyber scholarship initiative.

In related news, I was happy to offer Representatives Jim Langevin and Will Hurd a tour of R00tz at DEF CON this past weekend. It is great to know that Congress is taking cybersecurity and education seriously as we face a shortage in our field.

Posted in Community, Cybersecurity & Infosec

June 30th, 2017 by John

Posted in Cybersecurity & Infosec, Law and Regulations, Privacy