Kelly Shortridge

This post will explore why both YOLO security (YOLOsec) and FOMO security (FOMOsec) are pernicious disservices to infosec defense and how you can spot them so that you may yeet them from your organization's security strategy. The tl;dr is that #yolosec and #fomosec are disconnected from the goals and needs of the business, forsaking pragmatism and prudence in favor of fanatical flavors of recklessness.

Kelly Shortridge

Co-founder of cyber fraud prevention startup arrested for alleged fraud - CyberScoop

Written by Shannon Vavra Sep 17, 2020 | CYBERSCOOP The co-founder of a cyber fraud prevention company was arrested Thursday and charged with leading an alleged scheme to trick investors into sinking hundreds of millions of dollars into the startup, the Department of Justice and the Securities and Exchange Commission (SEC) announced Thursday.

CyberScoop

Arkady Bukh: Man in the Middle

Sergey Pavlovich needed a fixer. The 32-year-old ex-con was living in Moscow in 2015 after serving nearly eight years behind bars in Belarus for his role with CarderPlanet.com, an internet forum where scammers bought and sold millions of credit and debit card numbers.

CyberScoop

Windows Server Vulnerability Requires Immediate Attention

One of the most important things you can do for your cybersecurity is to update your software - and if your network relies on Microsoft Windows Active Directory, a critical vulnerability exists that requires your attention.

Cisa

'Dark Overlord' hacker Nathan Wyatt pleads guilty, is sentenced for ransomware scheme

Years after he threatened to publicly release information from hacking victims unless they agreed to his digital extortion demands, Nathan Wyatt is headed to a U.S. prison. A judge in the Eastern District of Missouri on Monday sentenced Wyatt, 39, to five years in prison after he pleaded guilty to assisting a hacking crew known as The Dark Overlord.

CyberScoop

Creating An Internal Cybersecurity Hub Inside Your Company

In 2019 more than 16 billion records were exposed through data breaches. This trend has continued in the first quarter of 2020 and so far, it has been one of the worst in data breach history.

Forbes

Red Team + Blue Team Doesn't Mean You Have A Purple Team | Operationalizing Purple With @ch33r10, Erik Van Buggenhout, Ben Goerz, Craig Balding

We can't deny the value of the Red and Blue Teams. One tests the weaknesses of an environment and the other the controls and processes as they get attacked.

Linkedin

Smashing Security

A helpful and hilarious take on the week's tech SNAFUs. Computer security industry veterans Graham Cluley and Carole Theriault chat with guests about cybercrime, hacking, and online privacy. It's not your typical cybersecurity podcast... Winner: "Best Security Podcast 2018" and "Best Security Podcast 2019."

Smashing Security

Federal Agencies Tapped Protesters' Phones in Portland

This summer, Portland looked like a warzone. Phalanxes of shadowy law enforcement personnel fired crowd control munitions, as plumes of tear gas billowed out into the sky. Federal agents without clearly visible identification rounded up protesters and loaded them into unmarked cars, on American streets.

The Nation

Cyber insurer's security scans reduced ransomware claims by 65%

A cyber insurer's security scans during the underwriting phase and post-issuance have led to a 65% reduction in ransomware claims. At this years's RSA security conference, FBI Special Agent Joel DeCapua stated that 70-80% of all network breaches are caused by attackers hacking into remote desktop servers exposed on the Internet.

BleepingComputer

British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies

British hacker Nathan Francis Wyatt sentenced to 5 years for hacking and blackmailing US Healthcare and companies.

The Hacker News