Companies target sextortion victims, Google Play malware is hawked on dark marketplaces and zero-click spyware infects iPhones. Here are the latest threats and advisories for the week of April 14, 2023. By John Weiler Threat Advisories and Alerts Predatory Companies…
Tag: (ISC)² Blog
(ISC)² Security Congress in Nashville – See Y’all There!
We are less than 200 days away from the 2023 (ISC)² Security Congress conference. Our team is hard at work reviewing the presentations many of you submitted for breakout sessions this year. This year’s event will feature more than 100…
CYBERSECURITY INDUSTRY NEWS REVIEW – APRIL 11, 2023
Apple plugs security holes for Easter as cops bring Genesis to an end. The UK fines TikTok over underage data use. DDoS attacks surge and cybersecurity professionals keep quiet over breaches. By Joe Fay Apple Rolls Out Fixes for Zero…
#IdentityManagementDay – Best Practices to Help Keep Your Organization Secure
By Chinatu Uzuegbu, CISSP, CEO/Managing Cyber Security Consultant at RoseTech CyberCrime Solutions Ltd. We kicked off the Identity and Access Management Processes from the Top-Level Management approach. The Identity and Access Management Security Steering Committee is a group of C-Suites…
IDENTITY MANAGEMENT DAY 2023: Advice from Cyber Pros
Tomorrow, April 11 is Identity Management Day. This day serves as an annual reminder to increase awareness and education for leaders, IT decision-makers and the general public on the importance of identity management. The dangers of improper management of digital…
Push Notification Is More Secure Than SMS 2FA, So Why the Reluctance to Enable It?
Forget SMS 2FA authentication – Twitter and others are making it less attractive by either charging for it or phasing it out altogether. But there’s a better alternative if only tech companies were willing to invest. By John E. Dunn…
LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023
The U.S. government takes down another dark web forum, Western Digital suffers a cyberattack and the fastest acting ransomware to date. Here are the latest threats and advisories for the week of April 7, 2023. By John Weiler Threat Advisories…
(ISC)² Supports Cyber Newcomers
With more than 14,000 new Certified in Cybersecurity members joining (ISC)² last year and an additional 180,000+ Candidates gearing up to earn their first certification, (ISC)² will be supporting these cyber newcomers every step of the way. Recently, the Center…
CYBERSECURITY INDUSTRY NEWS REVIEW – APRIL 4, 2023
UK government potentially skimps on senior cyber role salary as the NCSC calls for more investment in people, Microsoft talks up the potential for ChatGPT and the US moves to ban spyware. By Joe Fay U.K. Treasury Tries to Drive…
New adaptive platform customizes online certification training for a personalized experience
We all learn differently. And we all have different schedules and needs when it comes to certification training. In the past, finding the time to train has been limiting for some. Enter adaptive online training, a new and innovative way…
CISA Moving Further Towards Pre-Emptive Stance with Ransomware Attack Alert System
In the latest of several recent announcements, the U.S. body responsible for cybersecurity is making a clear shift towards pre-emptive over reactionary reporting, alerting and advice for organizations. By John E. Dunn A defining characteristic of ransomware attacks is the…
Latest Cyberthreats and Advisories – March 31, 2023
By John Weiler Microsoft patches the “aCropalypse” vulnerability, ChatGPT leaks users’ billing information and the Latitude Financial breach expands to 14 million records. Here are the latest threats and advisories for the week of March 31, 2023. Threat Advisories and…
New CISSP Exam Registration Process for 2023
Looking to earn your (ISC)² CISSP certification? Make sure you follow these updated steps to register for your exam. Here is how you can register for the CISSP exam: Log in to your account at www.isc2.org and visit the Register…
Analysis: Hackers Exploit Zero-Day to Siphon $1.5 Million From Bitcoin ATMs
Anxiety about the security of hot wallets grows as General Bytes customers are hit by a zero-day flaw in the company’s Bitcoin ATMs. By John E. Dunn It’s fair to say that crypto has an image problem. What it didn’t…
Member Feedback on (ISC)² 2023 Bylaws Requested by April 7
Today, all members should’ve received an email with a link to a survey inviting feedback on the (ISC)² 2023 Bylaws which closes on April 7, 2023. The URL starts with https://schlesinger.focusvision.com/. We encourage all members to read the bylaws located…
Cybersecurity Industry News Review – March 28, 2023
By Joe Fay The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns…
Cybersecurity Industry News Review – March 21, 2023
By Joe Fay The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns…
Women in Cybersecurity – History to Today
This March, Women’s History Month, we shared the legacy of Grace Hopper and her trailblazing innovations in software development and computing, highlighted the must-watch webinars by in cybersecurity and met with cyber newcomer and (ISC)² Candidate Nidhi Kannoujia on the…
Analysis: Will ChatGPT’s Perfect English Change the Game For Phishing Attacks?
By John E. Dunn Nobody predicted how rapidly AI chatbots would change perceptions of what is possible. Some worry how it might improve phishing attacks. More likely, experts think, will be its effect on targeting. Much has been said about…
LATEST CYBERTHREATS AND ADVISORIES – MARCH 24, 2023
By John Weiler FBI arrests Breached hacking forum leader, smartphones hijacked without any user involvement and 330,000 customers compromised in Australia by a data breach. Here are the latest threats and advisories for the week of March 24, 2023. Threat…
Ferrari Warns Customers Their Personal Data Might Have Been Hijacked
Red Team 2, Ferrari 0? Italian luxury sports car maker Ferrari has warned its small but extremely wealthy list of customers that their personal information may have been exposed in a “cyber incident.” The apparent data grab was disclosed five…
Real Talk with CCSPs: An Interview with Panagiotis Soulos
“Cloud is the present, and the future. It affects everything, every day, both in business and our personal lives.” With these words Panagiotis Soulos summarizes his philosophy of why the CCSP credential is important to any cybersecurity professional. Panagiotis holds…
Cybersecurity Industry News Review – March 21, 2023
KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts. By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in…
(ISC)² Listens: Women Working in Cybersecurity
This month, we asked women in the (ISC)² Blog Volunteers group to weigh in on a few questions from their perspective as a female working in cybersecurity. While their experiences in the industry have varied, this group unanimously responded that…
Update – New Process for (ISC)² Exam Registration
Are you ready to take your (ISC)² exam? If so, there is a slight change to the process! When you’re ready to schedule your exam, please log in to your account at isc2.org.* Whether you’re pursuing your first (ISC)² certification,…
SVB Collapse: A Stark Warning for Technology and Cybersecurity Startups!
By Dave Cartwright, CISSP A week is a long time in most business sectors. In the intertwined world of banking and startups, it feels like an eternity as both sides deal with the fallout from the collapse of Silicon Valley…
Latest Cyberthreats and Advisories – March 17, 2023
Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023. By John Weiler Threat Advisories and Alerts…
Analysis: Where Next As Europol Hails Rare DoppelPaymer Ransomware Success
By John E. Dunn Two arrests for alleged ransomware crimes and some useful intel. But will the latest Europol action make any difference? Following an international operation encompassing law enforcement agencies in Germany, Ukraine, the Netherlands and the U.S., Europol…
Meet the 2023 (ISC)² Bylaws Committee
You spoke, and we listened – you want more opportunities to be involved and contribute to the decision-making process at (ISC)². Let’s get started. The (ISC)² Board of Directors Bylaws Committee will host the first in a series of webinars…
Cybersecurity Industry News Review – March 14, 2023
The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents. By Joe…
Latest Cyberthreats and Advisories – March 10, 2023
By John Weiler Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023. Threat Advisories and Alerts FBI Issues…
LATEST CYBERTHREATS AND ADVISORIES – MARCH 10, 2023
By John Weiler Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023. Threat Advisories and Alerts FBI Issues…
What We Learned from The Royal Mail Ransomware Chat
By Dave Cartwright, CISSP In February 2023, something very unusual happened. Following a ransomware attack on Royal Mail International, a division of the U.K.’s (formerly state-owned) mail and parcel delivery service, the negotiation between the firm’s representatives and the LockBit…
Voices of Women in Cyber – (ISC)² Candidate Nidhi Kannoujia
By Nidhi Kannoujia, (ISC)² Candidate The cybersecurity industry is a dynamic and promising field that welcomes diverse perspectives. It requires individuals who understand the intricacies of other industries since security is a collective responsibility. While the security industry is embracing…
International Women’s Day: Must-Watch Webinars by Women in Cybersecurity
What have all these webinars got in common? They feature women at the top their cybersecurity game. March 8, 2023, is International Women’s Day, a focal point for recognizing the achievements and contributions that women have made to every element…
Grace Hopper: The Women Who Changed How We Code and Test
On International Women’s Day, we look back at the legacy of Rear Admiral Grace Hopper, an innovator and trailblazer in software development and standards for testing computer systems and components. It would be wrong, as we reach International Women’s Day…
Can a Barista Become Your Next SOC Analyst?
Spoiler alert: the obvious answer is not always the correct one! Migrating services, apps and data to the cloud is both promising and challenging. The advantages of scalability, flexibility, reduced operational costs and supporting a hybrid workforce can be eliminated…
Cybersecurity Industry News Review: March 7, 2023
Cybercrime may have less of a gender issue than cybersecurity, LastPass gives attack update, CISA warns on Royal ransomware gang while WHSmith and DISH Network count the cost after both suffer cyber attacks. Study: Gender No Barrier To Participating In…
Earn CPE Credits For Reading (ISC)² News and Insights With Our Quiz
We are continuing the popular bi-monthly CPE credit quiz as we transition from InfoSecurity Professional to our new web-based content platform. The first (ISC)² News and Insights CPE Credit Quiz of 2023 is now live. Every two months, we publish…
LATEST CYBERTHREATS AND ADVISORIES – MARCH 3, 2023
Major U.S. government and corporate breaches, the White House enforces TikTok ban and the NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023. Threat Advisories and Alerts NCSC Publishes Guidance…
White House Cybersecurity Strategy Will Make Big Tech Step Up in Ongoing Cyber Struggle
By Joe Fay China is ‘most active, and most persistent threat’ as government pinpoints need for a bigger and more diverse cybersecurity workforce to meet the long-term challenge. The Biden administration has unveiled its long-awaited cybersecurity strategy, effectively putting the…
The Top Five Most Fun Cybersecurity Mistakes in TV and Movies
By Dave Cartwright, CISSP The mysterious world of cybersecurity can sometimes be wildly misrepresented on-screen, causing challenges for professionals charged with educating colleagues and other users. Movie and TV screenwriters have been known to play fast and loose with the…
U.S. DoD Puts CPD At Heart of Its New Cyber Workforce Strategy
By Joe Fay Workers told to make more use of cyber ranges, conferences and webinars as skills gap just gets bigger. The US Department of Defense (DoD) is overhauling the recruitment and training of its cyberspace workforce, providing a template…
What’s Driving the Demand for GRC Professionals in Critical Infrastructure?
As geopolitical tensions continue, cyberwarfare has taken its toll on the world. Last July, the FBI, CISA and the Department of the Treasury issued a joint advisory about North Korean hackers targeting U.S. healthcare systems. Another warning was issued about…
(ISC)² Members Reveal Deep Skepticism About Artificial Intelligence and Machine Learning
By John E. Dunn It’s little surprise that many people are skeptical about the rapid encroachment of artificial intelligence (AI) and machine learning (ML) into daily life. However, should cybersecurity professionals be more positive about the benefits for the field?…
Crypto Scammers Game YouTube for Amplification While Keeping Under Radar, Researchers Find
By Joe Fay Not even a pyramid scheme – they just convince people to give away their money. A network of crypto scammers has been able to game YouTube’s algorithms to publicize and amplify fraudulent investment apps without triggering the…
Cybersecurity Industry News Review: February 28, 2023
By Joe Fay Australia to scrap cybersecurity rules as part of a new regime, ransoms bankroll further ransomware attacks, Dole and PyPi attacked, while the European Commission calls time on TikTok. Australia to Overhaul Cybersecurity Rules The Australian government is…
Advance Your Cybersecurity Career with Toolkits from (ISC)² and BUiLT
As part of its expanded diversity, equity and inclusion (DEI) initiative, (ISC)² and its partner, BUiLT (Blacks United in Leading Technology, Inc.), are releasing four new toolkits aimed at increasing the number of Black and underrepresented professionals entering, staying and…
Latest Cyberthreats and Advisories – February 24, 2023
An FBI cyber incident, GoDaddy’s third breach in three years and an NHS data leak highlight a week of major cybersecurity events. Here are the latest threats and advisories for the week of February 24, 2023. Threat Advisories and Alerts…
The Top 5 New Social Engineering Attacks in 2023
By John E. Dunn Forget vanilla phishing attacks – cybercriminals today have much more interesting tricks up their sleeves. MFA Fatigue Attacks When push notification via smartphone first appeared, it looked as if the industry had finally found a type…
The Significance of Key Risk Indicators in Organisations
By Vivek Soni, CCSP Key Risk Indicators (KRIs) are critical predictors/indicators of undesirable events that can adversely impact the organisation. These are the kind of metrics which are forward looking and contribute to the early warning sign that facilitates enterprise…
(ISC)² Security Congress 2023 Begins Call for Presentations
Practitioners from across the cybersecurity industry and the (ISC)² member community are invited to submit their session proposals as the cyber world begins its journey to Nashville. (ISC)² today launched its call for presentations for its annual (ISC)² Security Congress…
Provide Your Feedback on the CISSP-ISSEP Exam Outline
At (ISC)², we pride ourselves in our steadfast dedication to maintaining the relevance and quality of all the certifications in our portfolio. (ISC)² certifications are constantly being reviewed and updated to make sure they are serving the needs of professionals…
Succession Wealth Fails to Keep Cyber Attackers at Bay
By Joe Fay Aviva subsidiary assessing impact on data and customers. Wider group unaffected. Financial services giant Aviva’s recently acquired subsidiary Succession Wealth has been hit by a cyberattack, leaving it trying to assess the impact on a customer base…
Cybersecurity Industry News Review: February 21, 2023
By Joe Fay Think tank warns as economic, political, and cybersecurity risks collide. Accenture heads to Brazil, quantum security firm Sandbox fills up on cash and Biden loses cyber director. Washington Think Tank Warns on Economic Risk and Cybersecurity Increased…
The Center for Cyber Safety and Education Evolves Its Mission Statement
The Center for Cyber Safety and Education, the charitable foundation of (ISC)² founded in 2011, aims to grow the cybersecurity profession and its positive impact on the world by raising awareness, building a diverse pipeline of cybersecurity professionals and activating…
Latest Cyberthreats and Advisories – February 17, 2023
Romance scams, high-profile attacks on major U.S. companies and an inside look at Royal Mail/Lockbit negotiations. Here are the latest threats and advisories for the week of February 17, 2023. Threat Advisories and Alerts U.S. And South Korean Governments Publish…
Cybersecurity Industry News Review: February 15, 2023
By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After…
Analysis: White House Cybersecurity Policy Maker – Secure Open Source Software Even If It Benefits ‘Adversaries’ We Should Do It Anyway
By Joe Fay Resiliency is the endgame of the U.S. approach to internet and software security. The U.S. has a vested interest in creating a secure and resilient internet and software ecosystem, even if it means its “adversaries” also benefit,…
(ISC)² Certified in Cybersecurity Exam Now Available in More Languages
The (ISC)² Certified in Cybersecurity exam, designed for entry- and junior-level practitioners or career changers looking to start a new cybersecurity career, is now available in six languages, including Chinese, Japanese, Korean, German, Spanish and English. Making this exam available…
Recession, what recession? (ISC)² Study Shows Cybersecurity Expected to Weather Tech Sector Jobs Downturn
Cybersecurity will defy the tech recession hurting other job roles in 2023, c-suite survey suggests. Every department loses good people in a recession or economic downturn, unless you work in cybersecurity in 2023 it seems. According to a new (ISC)²…
CAP Is Now Certified in Governance, Risk and Compliance (CGRC)
Effective today, the (ISC)² Certified Authorization Professional (CAP) certification is known as the Certified in Governance, Risk and Compliance (CGRC)TM. This name better represents the knowledge, skills and abilities required to earn and maintain this certification. Those who earn and…
Cybersecurity Industry News Review: February 15, 2023
By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After…
Analysis: Cybersecurity Managers Fear ‘Catastrophic’ Cyber Event Now Likely Within Two Years
By John E. Dunn In a fully digital world, organizations are no longer isolated islands. It seems the profession is finally coming to terms with the dark possibilities. What’s the worst thing a bad cyberattack could do to an organization?…
(ISC)² Certified in Cybersecurity Exam Now Available in More Languages
The (ISC)² Certified in Cybersecurity exam, designed for entry- and junior-level practitioners or career changers looking to start a new cybersecurity career, is now available in six languages, including Chinese, Japanese, Korean, German, Spanish and English. Making this exam available…
The Center for Cyber Safety and Education Looking for Volunteer Leaders
The Center for Cyber Safety and Education is seeking the guidance and leadership of volunteers willing to serve on its Board of Trustees beginning July 1, 2023 to help achieve its mission. The Center, the charitable foundation of (ISC)², serves…
Analysis: Could NIST’s Cybersecurity Framework 2.0 be the beginning of international best practice?
By John E. Dunn It’s been nearly seven years since the 1.1 revision of NIST’s Cybersecurity Framework. What might be coming in version 2.0? Since its release in 2014, NIST’s Cybersecurity Framework (CSF) has grown into the one of the…
LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 10, 2023
Cyberattacks wreak havoc on the U.K., LockBit brings big business to its knees and a massive VMware ransomware campaign. Here are the latest threats and advisories for the week of February 10, 2023. Threat Advisories and Alerts Massive Ransomware Campaign…
(ISC)² Puts Members at the Center of Our Cybersecurity Content in 2023
(ISC)² has adopted a new approach to creating and publishing editorial content such as our news, features, opinions and other educational journalism. Helping our members navigate the cybersecurity landscape is an essential part of what we do. Creating topical, engaging…
Analysis: CircleCI attackers stole session cookie to bypass MFA
By John E. Dunn The industry is taking a fresh look at the security around multi-factor authentication (MFA) in the face of recent bypass attacks. Multi-factor authentication (MFA) is coming under sustained pressure from attackers, with a striking example being…
Calling All CISSP-ISSMP and CISSP Certification Holders
With the ever-changing landscape of the cybersecurity industry, it is important to keep certifications current, accurate and relevant – and we need help from you, the cybersecurity professionals, who hold certifications in the field. (ISC)² is exploring a new security…
Analysis: Could NIST’s Cybersecurity Framework 2.0 be the beginning of international best practice?
By John E. Dunn It’s been nearly seven years since the 1.1 revision of NIST’s Cybersecurity Framework. What might be coming in version 2.0? Since its release in 2014, NIST’s Cybersecurity Framework (CSF) has grown into the one of the…
Cybersecurity Industry News Review: February 7, 2023
By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm…
Juggling the Demands of a Multicloud Environment
Digitization has evolved to include cloud computing in the delivery of computing services, reduction of costs, improvement of agility, and cloud security. The emergence of various cloud solutions has led organizations towards migrating assets from on-prem to the cloud with…
Essential Team Building for Strong Cloud Security
Dependence on the cloud in the modern era is no secret. The growth in cloud applications for both professional and personal use has proved unrelenting as critical applications and services are made solely available through cloud access. In a press…
LATEST CYBERTHREATS AND ADVISORIES – FEBRUARY 3, 2023
Cybercriminals for hire, Hive ransomware is busted and the JD Sports breach impacts millions of sportswear buyers. Here are the latest threats and advisories for the week of February 3, 2023. Threat Advisories and Alerts U.S. Security Agencies Warn of…
Cybersecurity Industry News Review – 31 January 2023
By: Joe Fay U.S. looks for half a million cybersecurity professionals, ransomware victims less likely to pay up, analyst warns on Chinese smart device spy threat…but RSA encryption safe from Quantum cracking for now. U.S. struggles with shortage of cybersecurity…
Essential Team Building for Strong Cloud Security
Dependence on the cloud in the modern era is no secret. The growth in cloud applications for both professional and personal use has proved unrelenting as critical applications and services are made solely available through cloud access. In a press…
Cybersecurity Industry News Review – 31 January 2023
By: Joe Fay U.S. looks for half a million cybersecurity professionals, ransomware victims less likely to pay up, analyst warns on Chinese smart device spy threat…but RSA encryption safe from Quantum cracking for now. U.S. struggles with shortage of cybersecurity…
Royal Mail “cyber incident” is an ongoing cyberattack CEO admits to MPs
By: Joe Fay Simon Thompson, CEO of the U.K.’s Royal Mail, has confirmed in a session with MPs that the crippling of its ability to send parcels and letters abroad was down to a “cyberattack” and that it was “ongoing”.…
How are you marking data privacy day?
By: Joe Fay Data Privacy Day (known as Data Protection Day in Europe) falls this Saturday (January 28) and if you haven’t worked out how to mark the day yet, tech vendors and organizations are more than willing to help.…
Latest Cyberthreats and Advisories – January 27, 2023
Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The…
LATEST CYBERTHREATS AND ADVISORIES – JANUARY 27, 2023
Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The…
No experience, No Problem – (ISC)² Recruits 140,000 Individuals Interested in a Cybersecurity Career
(ISC)² launched a new initiative for individuals pursuing or considering a career in cybersecurity. The goal? To create new pathways to cybersecurity career success and decrease the global workforce gap. Within three months of launching this initiative, we had more…
How to Earn Your (ISC)² Certification
We are excited to have more than 130,000 individuals become (ISC)² Candidates since launching in September 2022. Many of them will go on to earn their Certified in Cybersecurity (CC) as part of our One Million Certified in Cybersecurity pledge.…
LATEST CYBERTHREATS AND ADVISORIES – JANUARY 20, 2023
TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising…
Real Talk with CCSPs An interview with Vanessa Leite, CCSP, CISSP
We often hear that cybersecurity certifications have a global reach. When we spoke with Vanessa Leite we learned how true that actually is. Vanessa holds several certifications, including vendor-specific ones, along with the CISSP and CCSP credentials from (ISC)². She…
LATEST CYBERTHREATS AND ADVISORIES – JANUARY 13, 2023
Cybercriminals attack schools, the FCC looks to change data breach rules and artificial intelligence alters the cybersecurity landscape. Here are the latest threats and advisories for the week of January 13, 2023. Threat Advisories and Alerts How Businesses Can Securely…
Predictions 2023, Part 1: What will the new year bring for the InfoSec Community?
By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP In recent years, we have seen the threat landscape become increasingly complex as threat actors use sophisticated techniques to exploit vulnerabilities of weak passwords, missing patches and antiquated software, thus gaining access to…
Help Shape the CGRC Exam – Formerly Known As CAP
As practitioners know all too well, it is paramount to remain up to date with the changing landscape of cybersecurity. We regularly conduct Job Task Analysis (JTA) studies to review exam content and outlines to ensure the accuracy, relevance and…
Latest Cyberthreats and Advisories – January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search…
(ISC)² New Jersey Chapter Hosts International Event with 500 Attendees
The (ISC)² New Jersey Chapter held their first virtual international event, which hosted more than 20 thought leaders and 500 registered chapter member attendees. The International (ISC)² Chapter Conference, SECON International, took place virtually, on December 1, 2022, and delivered…
CISSP-ISSAPs – We Need Your Input
With more than 150,000 CISSPs around the world, some of you have asked – what’s the next step? For many of you, that next step is one of the CISSP concentrations focused on security architecture, engineering or management. The CISSP-ISSAP…
Policy Brief – U.S. Cyber Threat Intelligence, Part 2: Summary, Recommendations & Challenges
By Aaron Weathersby, CISSP. Aaron is the Chief Information Officer for Charles R. Drew University of Medicine and Science and holds a Doctor of Science in Cyber Security from Marymount University. He is an Information Technology professional with over 18…
Latest Cyberthreats and Advisories – December 23, 2022
Ransomware hits hard around the world – again, Cybercriminals steal food and Fortnite’s developer is fined millions. Here are the latest threats and advisories for the week of December 23, 2022. Threat Advisories and Alerts Criminal Actors Use BEC Attacks…
(ISC)² Top-Ranked Webinars of 2022 by Region
From fighting the ever-present ransomware threat to securing cloud infrastructures to honing identity management practices, the past year’s showcase of (ISC)² webinar topics was wide-ranging and thought-provoking. A cursory look at the topics we tackled throughout 2022 provides a reflection…
Seasons Greetings from (ISC)2
Dear (ISC)² Members, Associates and Candidates: I hope this message finds you well. As 2022 comes to an end, I am grateful for the opportunity to reflect on the past year and all we have achieved together. Launching an entry-level…
Policy Brief – U.S. Cyber Threat Intelligence, Part 1: Introduction & Background
By Aaron Weathersby, CISSP. Aaron is the Chief Information Officer for Charles R. Drew University of Medicine and Science and holds a Doctor of Science in Cyber Security from Marymount University. He is an Information Technology professional with over 18…
(ISC)2 CEO Discusses UK and Global Cyber Challenges at Chatham House
UK cybersecurity leaders recently gathered for a Chatham House members event panel in London to discuss the heightened need for a skilled workforce, the effects the COVID-19 pandemic had on the global cyber workforce and developing skills for the next…
SSCP Members – We Need Your Input
The SSCP certification is held by more than 7,000 professionals around the world. Known for its technical rigor, the members who hold this qualification are typically working in areas like IT administration, networks security, security operations or incident response. The…