Apple products, such as the iPhone, iPad, and Macbook are NOT immune from successful attack and exploitation. Why? Because the weakest part of Apple security is the user behind the keyboard. That’s right, it’s YOU!. Email and website based attacks work the same for Apple users, Windows users, and even Linux users. Send a well-crafted phishing email, and wait for the target to ...
A quick Saturday digest of cybersecurity news articles from other sources.September is a busy time for me, there are a wedding anniversary, and three birthdays in my family in the first week. Then there are a panoply of other special events. At least they are special enough to be recognized in this weblog. Here they are. Please celebrate responsibly. Or not. But have some fun, we all ...
Continue Reading →
Having trouble finding a job in Information Technology or Cybersecurity? You may be doing it wrong. Once you have a fully developed LinkedIn profile, jobs should be finding you.
Having a well developed profile on social network sites seems like a hassle, and if you are avoiding the social scene, LinkedIn needs to be an exception. Especially if you are sending resumes to ...
Continue Reading →
Do you find your cybersecurity career is limited by your inability to program? Few of the cybersecurity professionals I know personally know how to program, with the exception of those who work in a programming environment. If you are considering learning to program, what languages are best for a cybersecurity career? Do you need more than one? Where is the best place to start?
Prepare by setting up a couple practice ...
Continue Reading →
On Monday I started this two-part article on developing a career in Information Technology or Cybersecurity. This advice could apply to any technical field. In the first part, started out covering the basics, and if you missed that part you might want to check out Monday’s post before continuing.
That said, looking back on my career, I see the different stages that are a great career progression ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what DevSecOps is and how companies can use it to improve application security by designing security in from the start. Read interview…
As you are studying for the CISSP, CASP+, or Security+, you will come across these two important NIST frameworks. They seem the same, but they are not.
If you are deploying one or both of these frameworks in your organization, understanding the difference between them is even more important.
Today we are republishing an article by Rick Tracy. Rick Tracy is the senior vice ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: July 27, 2020
CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.
All QNAP NAS devices are potentially vulnerable to QSnatch malware if not ...
Continue Reading →
How do you get a job in cybersecurity? Here’s how it worked for me.
I have joined several LinkedIn and Facebook groups that are focused on cybersecurity, and very frequently there is a post from a newcomer asking the question “How do I get a job in cybersecurity?” The actual question can vary, from “what certifications are best, where can I look for ...
Continue Reading →
