We Need a CyberCrowd

I keep going to the same topics, since we have the same issues come up again and again. We have discussed the Psychology of  Security (all of these topics are also in my book “Too Late You’re Hacked”), in this blog before – just search for Psychology of Security and you will see the posts. … Read more

Top 5 Prevent Hacks

Patch your software and hardware    (portswigger article) Password management – Keep passwords locked    – 2FA MFA, Backup and test backups – social engineering – Phishing education  (CISA – Cybersecurity& Infrastructure Security AgencyTips)  Test your environment     Why did i give the patching/upgrade the highest importance, because a policy of upgrading can lead your environment … Read more

Log4J: 4 Month Old Vulnerability – All is Fixed Right?

is everything fixed now about 4 months after the vulnerability was disclosed (and discussed here December 13,2021) So on this day in March (the 4th)   Threatpost has a story from a few days ago: Millions of Java Apps Remain Vulnerable to Log4Shell (a Log4J vulnerability) The main sentences in the story are the following: “Researchers … Read more

Catch22 CyberDefending: Why Defense Always Behind

why is the defense always behind? Are there some things that we inherently do not like to do?If there is something that is denying us from doing what is necessary to create a good defense then we have to be mindful of these actions – let’s review some Catch22 items.     Let’s face it … Read more