On each Friday for the month of February, RSM’s Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. Please note that the views expressed in this article are opinionated and reflect the author’s perspective, and readers are encouraged to consider multiple ... READ MORE
Uncategorized
The Weakest Link: Bridging the Gap Between Tech and People
On each Friday for the month of February, RSM’s Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. In the continuous struggle to keep our digital world safe and secure, it’s important to understand that behind every cyber event, there are roles that human’s ... READ MORE
From Borders to Bytes: Cyber as the New Global Commons
On each Friday for the month of February, RSM’s Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. For many years, there has been an ongoing debate among policymakers, scholars, and international organizations on whether cyberspace should be considered a ... READ MORE
Emerging Threats on the Horizon: Current Threat Intelligence Trends, Threats, and Mitigation Strategies
On each Friday for the month of February, RSM's Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. Cyber-attacks have become a persistent threat in today’s digital age. With the increasing dependence on technology in our personal and professional lives, the ... READ MORE
Active Directory Certificate Services: Common Misconfigurations and Escalation Attacks
Active Directory Certificate Services (AD CS) is a Microsoft product that performs public key infrastructure (PKI) functionality that provides for encrypting file systems and user authentication. AD CS integrates with Active Directory (AD) and enables the issuing of certificates, which can be use for authentication purposes. The information that is included in a certificate ... READ MORE
How to Enter Penetration Testing as a Career
If you found your way to this blog post, you are interested in penetration testing and want to know how to begin your career in the field. Whether you are a college student, already in the IT space, or work in an entirely different field, the first and best piece of advice is to just hit the ground running. There is a lot to learn but there are also so many great resources to ... READ MORE
CheapSk8ing: How to Shop Like A Hacker
Introduction There is an area in most websites where protections like the ones found on most login pages aren't present; the box where you type the promo/coupon code. An organization with a strong security posture for login pages will usually have several layers of defense-in-depth in place, such as the following: CAPTCHA challenges Rate limiting IP deny-listing ... READ MORE
Navigating the Digital Frontier: Common Threats in the Blockchain Industry
The Double-Edged Sword of Blockchain Innovation In an era characterized by unprecedented digital innovation, one frontier stands out as both a beacon of potential and a minefield of risk: the blockchain industry. Renowned for its capabilities of instigating transformative changes across sectors, blockchain technology is now ubiquitous, powering cryptocurrencies and ... READ MORE
All quiet on the western front (for now)
Over 100 years ago, the Great War was being waged in what is now central and eastern Europe, along with Russia. During the “war to end all wars,” the world saw significant technology changes that brought new, and often terrifying, ways to inflict damage on people and countries. Fast forward to early 2022 and the Russia-Ukraine war, where we are seeing another wave of ... READ MORE
CISA Issues Rare Directive Regarding VMware Exploits
In a directive posted on May 18, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) declared that all Federal Civilian Executive Branch agencies were required to perform actions on several VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation vRealize Suite ... READ MORE