A quick Saturday digest of cybersecurity news articles from other sources.
SocGholish Campaigns and Initial Access Kit
SocGholish AKA FAKEUPDATES was first ...
Continue Reading →JUN
SocGholish AKA FAKEUPDATES was first ...
Continue Reading →Developers who contribute code to the popular repository will have to implement two-factor authentication by the end of 2023.
Identity theft ...
Continue Reading →If you missed Part 1 of this article, it can be found at last week’s post on May 5
When we use two or more cryptographic methods together, it is called Hybrid Cryptography. Common forms of Hybrid Cryptography included the creation and sharing of Symmetric session keys, through using Asymmetric Encryption.
Not all key exchange methods require using the PKI. Diffey-Helman, Oakley and other non-PKI key ...
Continue Reading →By Bob Weiss
May the Force be with you! It’s May the fourth, Star Wars Day.
I received an email from a CASP+ Student asking for some help with encryption. This is what I sent.
Encryption can be a mind bender. And then like magic, it is not.
If you are up for some outside reading (what! More reading? Sorry) there are a couple of books that helped me
The Code Book, by Simon Singh
Crypto ...
Continue Reading →Original release date: April 7, 2022
CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to share information about unusual cyber incidents or activity.
CISA uses this information from partners to build a common understanding ...
Continue Reading →by Bob Weiss
Email is one of the very first Internet protocols, going all the way back to 1971 and the early ARPANET. Ray Tomlinson is credited as the inventor of networked email; he developed the first system able to send mail between users on different hosts across the ...
Continue Reading →If you try to hide that your business has been hacked or you’ve paid ransomware, the Cybersecurity and Infrastructure Security Agency would like a word with you.
One of the dirty little secrets of many businesses, perhaps even most, is that far more of them than ever admit to it ...
Continue Reading →Beginning June 1, 2022, additional pretest items and time will be added to the CISSP exam for the Computerized Adaptive Testing (CAT) format.
The current CISSP CAT exam contains 25 pretest (unscored) items. The addition of 25 more items will bring the total count to 50 pretest items. With these added items, the minimum and maximum ...
Continue Reading →As many of you know, I teach a number of information security certification classes, especially the (ISC)2 CISSP certification. Almost a year ago the (ISC)2 update the course content and questions for the CISSP. Students that I have taught since then have started taking and passing the new exam, and here are some of their comments.
This is a ...
Continue Reading →