Note — I’ve known Marcus for a long time since he did “Dojosec” here in Maryland. I am an investor an adviser at ThreatCare. I like the ease of use it brings to testing and training your security staff and making sure your expensive array of security products is working as expected. Many security vendors are using it to demo their products and avoid a “Tanium” moment. I conducted the following interview with Marcus over email.
In April 14 2017, Shadow Brokers released information about an exploit tool written by the NSA called Eternal Blue. This tool exploited a zero day in Microsoft Windows covered by their MS17–010 update. The patch proceeded the disclosure as Microsoft issued MS17–010 on March 14, 2017. The WannaCry worm first got heavily noticed on Friday, May 12, 2017.
Cybrary’s Millionth User Party — May 11th, 2017
Cybrary is a free and open source cyber security learning platform that I constantly recommend to anyone wanting to learn cyber security or build a team of cyber security experts. This includes anyone from high school kids who want to learn about a potential career, veterans transitioning out of the military, service providers who want to offer cyber services and well funded institutions who need to grow the next generation of cyber leadership for the SOCs, audit and hunt teams.
(Cover artwork from Senator Coburn’s report on DHS)
A report from Senator Tom Coburn about the Department of Homeland Security details a variety of concerns about the organization’s ability to counter cyber attacks. ZDNet wrote an unflattering article about the cyber shortcomings with the headline “ New Report : DHS is a mess of cybersecurity incompetence”. The main points of the article are: