Did you know that over 100 million AT&T customers had their data breached? Check out my latest post and video explaining what you need to know and what we all need AT&T to do, to secure customer data!

https://www.bulbapp.io/p/7573c365-5b11-453c-bc9e-b1c98822bdb4/att-data-breach-understanding-the-fallout

I am not too surprised that CrowdStrike customers are quiet-quitting and looking at other options. CrowdStrike refuses to acknowledge the root cause of their recent massive outage and aren't planning on fixing it.

Instead, they plan on boosting the error handling controls that reside on their clients machines, but not thoroughly testing all code and instructions before they push to customers.

That keeps a flawed model of using customers environments as their test network. Not a good practice.

Cybersecurity is no longer just an IT issue, it’s a business risk that CEOs and Boards must own. As regulatory pressure mounts and cyber threats grow more disruptive, Boards must evolve their oversight strategies to integrate cybersecurity into core business decisions, or risk failing in their fiduciary duties.
In my latest article I discuss how the Board and CEO can establish a framework for the inclusion of cyber risks into business planning. 

More attacks targeting cryptocurrency users. StilachiRAT is sophisticated, stealthy and persistent so it can harvest crypto wallet credentials via Chrome browser extensions, including wallets:
Bitget, Trust, TronLink, MetaMask, BNB Chain, OKX, Sui, Coinbase, Keplr, Phantom, and others!

Full List: https://www.bulbapp.io/p/fd4b147a-d6b8-461f-a520-40486b433762/advanced-malware-targets-cryptocurrency-wallets

We must always look at our cybersecurity defenses from the viewpoint of those attacking them! Here is a clip from my recent interview with HMG Global Viewpoint, talking about the path-of-least-resistance.

Check out the full interview and Q&A, where I discuss a broad range of cybersecurity challenges, including: CISOs under siege, Navigating Escalating
Cyber Threats, AI Disruption, and the Boardroom Divide in 2025.

Full
Interview: https://www.youtube.com/watch?v=Kr-NbI5_5XU

Did anyone notice that the CrowdStrike outage today reportedly only effected Microsoft Windows 10 machines? What decisions were made that left these machines so vulnerable to an update from a 3rd party software company, that it caused widespread Blue Screens of Deaths (BSOD) to appear across the globe?

Let's be clear, the root cause is with CrowdStrike, but Microsoft did have a hand in this game. They have the power to limit the impacts of 3rd party software that is misbehaving.

Massive Increase in Unwanted Cell Calls - My cell has been lighting up with unknown callers – a 30x increase!

I don't give out my number so I suspect it is either cybercriminals, sales vendors, or pissed-off Nation State actors.

Anyone else suddenly experiencing this?

https://www.bulbapp.io/p/ac235f4c-705d-4f3b-8eac-ea326885f0e5/massive-increase-in-unwanted-cell-calls

Ransomware Attack Ends a 150 Year Company.

A 150-year-old UK company is gone – due to a cyberattack! It is an example of how #cybersecurity matters to every company that depends on digital technology. Failures in cybersecurity can cause catastrophic impacts, including the total loss of a business.

Fraudsters Abuse DocuSign API for Legit-Looking Invoices!
Attackers create a legitimate DocuSign account that allows them to change templates and use the API directly. They employ a special template that masquerades as well-known brands to send the billing invoice. Because the fraudulent invoice is directly sent from the DocuSign platform, it appears legitimate and won’t be stopped by email filters.

The process can be automated on a massive scale, spraying large numbers of unsuspecting victims.