ThreatCare CEO Marcus Carey Interview — Simulating attacks with ease

0*dY-DddgFXkTaWkFf

Note — I’ve known Marcus for a long time since he did “Dojosec” here in Maryland. I am an investor an adviser at ThreatCare. I like the ease of use it brings to testing and training your security staff and making sure your expensive array of security products is working as expected. Many security vendors are using it to demo their products and avoid a “Tanium” moment. I conducted the following interview with Marcus over email.
Read More…

What is your reason for not patching MS17–010 — the main vulnerability behind WannaCry?

0*UvcKlP7mpNCZORDZ
In April 14 2017, Shadow Brokers released information about an exploit tool written by the NSA called Eternal Blue. This tool exploited a zero day in Microsoft Windows covered by their MS17–010 update. The patch proceeded the disclosure as Microsoft issued MS17–010 on March 14, 2017. The WannaCry worm first got heavily noticed on Friday, May 12, 2017.
Read More…

Cybrary Reaches 1,000,000 Users

0*AM_42Wz9xHUCLqjf

Cybrary’s Millionth User Party — May 11th, 2017

Cybrary is a free and open source cyber security learning platform that I constantly recommend to anyone wanting to learn cyber security or build a team of cyber security experts. This includes anyone from high school kids who want to learn about a potential career, veterans transitioning out of the military, service providers who want to offer cyber services and well funded institutions who need to grow the next generation of cyber leadership for the SOCs, audit and hunt teams.

Read More…

DHS and Cyber Security Readiness

0*cKiFTPEblljA4bQ3

(Cover artwork from Senator Coburn’s report on DHS)

report from Senator Tom Coburn about the Department of Homeland Security details a variety of concerns about the organization’s ability to counter cyber attacks. ZDNet wrote an unflattering article about the cyber shortcomings with the headline “ New Report : DHS is a mess of cybersecurity incompetence”. The main points of the article are:

Read More…

Patching Systems with AutoMox

0*SOZQ2QrqLhFvAAwD
I’ve heard almost every excuse there is for not patching a system. While at Tenable Network Security, I got to focus on helping organizations identify their biggest cyber risks which usually meant patching vulnerabilities.
Read More…