Mike Kavka @siliconshecky@infosec.exchange
- Blog
- siliconshecky.com
Just another Infosec person
Joined Jan 2019
I do find it interesting that I have yet to hear of a PoC or an actual Exploit for CVE-2022-21907 given the Critical CVSS rating this vuln has gotten.
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21907
Another week and year started. Let's see what is in store for this one.
Good writeup, good information, use it wisely.
Everything old is new again, or This has all happened before and it will happen again...
A nice writeup on the DLL side loading technique used in the Kaseya attack:
Mike Kavka
boosted
🔒 May 2021 survey data from a ISACA, courtesy of IANS:
61% believe their cybersecurity teams are understaffed
55% have unfilled cybersecurity positions
53% had difficulty retaining talent during the pandemic
50% say their cyber applicants are not well-qualified
43% are training non-se... https://blog.grotenhuis.info/2021/06/30/may-survey-data.html
Mike Kavka
boosted
BlueTeam CTF Challenges https://cyberdefenders.org/labs/
New blog post about ransomware planning:
Detection IS prevention!
New blog post on Gatekeeping and the treatment of others.
https://www.siliconshecky.com/gatekeeping-and-treatment-of-others/
On June 5th, Hak4Kidz is hosting another free virtual Cyber Defense Clinic for EDUcation. The platform has been upgraded to version 4.1 so more edutainment!
Register and details: hak4kidz.com/activities/cdc…
Executives get blamed for a lot in the world of Security, but are they taking too much blame at times?
In my latest blog, I look at potential bottlenecks to Security projects and Deployments that are not due to Executives.
Today is PancakesCon! Check it out at https://pancakescon.com/ and learn about security and hobbies!
Mike Kavka
boosted
The theme of the Diana Initiative 2021 conference is “Spark a Journey”
First Round End Date - March 21st
Second Round CFP Start Date - March 22nd
Second Round CFP End Date - May 7th
Virtual Conference Dates - July 16th and July 17th
What happens if a third party limits password safety on financial accounts?
The every day person will be less secure.
https://www.siliconshecky.com/the-one-about-banking-passwords/
Mike Kavka
boosted
Check out the latest "Smashing Security" podcast with me, Carole Theriault, and special guest Alan Woodward, discussing:
⭐ Data bungles
⭐ SolarWinds
⭐ Lockdown love scams
⭐ My penchant for the late Dame Diana Rigg
⭐ Much much more...
Why would you not get events all in one place and set ip properly to find correlations?
I constantly feel like I am fighting just to get basic data for threat detection and hunting, let alone put it all into a SIEM together.
*Headesks*
If you throw out the simple just because it is simple, then you have most likely overlooked the proper answer.
Free summit geared to new people to the #infosec #cybersecurity field coming in April from SANS:
https://www.sans.org/event/newtocyber-summit-2021/
The holiday season is over, and so are the competition portions of the Holiday CTFs. This year I did
@RealTryHackMe
Advent of Cyber and
@KringleCon
. Here is a brief overview and rating of both.
- Blog
- siliconshecky.com
Just another Infosec person
Joined Jan 2019
