How often do CISOs smile? Not very often. The role is difficult, ambiguous, and chaotic. 

However, some cybersecurity events set themselves apart as CISOs build partnerships, commiserate, and communicate both best practices and pitfalls to avoid. 

Mindfluence was one of those events! (…although the perfect weather, being hosted in Napa CA, and amazing wines might have also contributed to overall jovialness)  

I am looking forward to future events!

Did you know that over 100 million AT&T customers had their data breached? Check out my latest post and video explaining what you need to know and what we all need AT&T to do, to secure customer data!

https://www.bulbapp.io/p/7573c365-5b11-453c-bc9e-b1c98822bdb4/att-data-breach-understanding-the-fallout

I am not too surprised that CrowdStrike customers are quiet-quitting and looking at other options. CrowdStrike refuses to acknowledge the root cause of their recent massive outage and aren't planning on fixing it.

Instead, they plan on boosting the error handling controls that reside on their clients machines, but not thoroughly testing all code and instructions before they push to customers.

That keeps a flawed model of using customers environments as their test network. Not a good practice.

This is an interesting tactic by cyber attackers — using virtual machine hard drive files to bypass email malware filters!

The use of virtual machine hard drive files like .vhd and .vhdx, that can be opened by Windows and function like a physical drive, are perfect to hide malware from email gateway filters.

This maneuvering is typical of the never-ending game of cybersecurity!

Related Article

I had a tremendous time at the InForum Montreal forum. The speakers, panels, fellow practitioners, and events were outstanding!

My panel, led by Nataliya Khylenko, discussed how to strike a balance when protecting data in the age of AI.  Fellow panelists Sandra Estok, Tania Tanic, and Brandon Pugh were brilliant in providing diverse and relevant perspectives.

The Gala Cocktail was spectacular, featuring a local mariachi band!

They also announced an expansion to San Antonio and Japan for 2025!

Conveying the risks and progress for a cybersecurity program to executives is difficult.  Over the years, I have explored countless ways to quickly and effectively distill the complexities of cyber risk into a simple graphic that informs management teams so the best decisions can be made. 

A "Perfect" 10 CVSS vulnerability score for Cisco Ultra-Reliable Wireless Backhaul (URWB) systems were expecting. CVE-2024–20418 is remote, easy, & gives Admin rights

Catalyst:
- IW9165D Heavy Duty Access Points
- IW9165E Rugged Access Points and Wireless Clients
- IW9167E Heavy Duty Access Points

Fraudsters Abuse DocuSign API for Legit-Looking Invoices!
Attackers create a legitimate DocuSign account that allows them to change templates and use the API directly. They employ a special template that masquerades as well-known brands to send the billing invoice. Because the fraudulent invoice is directly sent from the DocuSign platform, it appears legitimate and won’t be stopped by email filters.

The process can be automated on a massive scale, spraying large numbers of unsuspecting victims.

Did anyone notice that the CrowdStrike outage today reportedly only effected Microsoft Windows 10 machines? What decisions were made that left these machines so vulnerable to an update from a 3rd party software company, that it caused widespread Blue Screens of Deaths (BSOD) to appear across the globe?

Let's be clear, the root cause is with CrowdStrike, but Microsoft did have a hand in this game. They have the power to limit the impacts of 3rd party software that is misbehaving.