I do find it interesting that I have yet to hear of a PoC or an actual Exploit for CVE-2022-21907 given the Critical CVSS rating this vuln has gotten.

msrc.microsoft.com/update-guid

Another week and year started. Let's see what is in store for this one.

Mike Kavka boosted

🔒 May 2021 survey data from a ISACA, courtesy of IANS:

61% believe their cybersecurity teams are understaffed
55% have unfilled cybersecurity positions
53% had difficulty retaining talent during the pandemic
50% say their cyber applicants are not well-qualified
43% are training non-se... blog.grotenhuis.info/2021/06/3

Mike Kavka boosted

On June 5th, Hak4Kidz is hosting another free virtual Cyber Defense Clinic for EDUcation. The platform has been upgraded to version 4.1 so more edutainment!

Register and details: hak4kidz.com/activities/cdc…

Executives get blamed for a lot in the world of Security, but are they taking too much blame at times?

In my latest blog, I look at potential bottlenecks to Security projects and Deployments that are not due to Executives.

siliconshecky.com/are-you-sure

Today is PancakesCon! Check it out at pancakescon.com/ and learn about security and hobbies!

Mike Kavka boosted

The theme of the Diana Initiative 2021 conference is “Spark a Journey”

First Round End Date - March 21st

Second Round CFP Start Date - March 22nd
Second Round CFP End Date - May 7th

Virtual Conference Dates - July 16th and July 17th

dianainitiative2021.busyconf.c

About: dianainitiative.org/

What happens if a third party limits password safety on financial accounts?
The every day person will be less secure.
siliconshecky.com/the-one-abou

Mike Kavka boosted

Check out the latest "Smashing Security" podcast with me, Carole Theriault, and special guest Alan Woodward, discussing:

⭐ Data bungles
⭐ SolarWinds
⭐ Lockdown love scams
⭐ My penchant for the late Dame Diana Rigg
⭐ Much much more...

smashingsecurity.com/listen

Why would you not get events all in one place and set ip properly to find correlations?
I constantly feel like I am fighting just to get basic data for threat detection and hunting, let alone put it all into a SIEM together.
*Headesks*

If you throw out the simple just because it is simple, then you have most likely overlooked the proper answer.

The holiday season is over, and so are the competition portions of the Holiday CTFs. This year I did
@RealTryHackMe
Advent of Cyber and
@KringleCon
. Here is a brief overview and rating of both.

siliconshecky.com/holiday-ctf-

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.