BLOG

Modern Approaches to Network Access Security

    The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with US and international partners, released this Joint Report that urges organizations to move toward more robust security solutions, such as Secure Service Edge (SSE) and Secure Access Service Edge (SASE) that provide greater visibility of network activity. While this report does not cover … Continue reading Modern Approaches to Network Access Security
Tue, 18 Jun 2024 15:40:50 +0000

NJCICC: Faculty and Students Targeted in Free Instruments Phishing Campaign

Lure email purporting to be giving away a “free” piano. Image Source: Proofpoint  The NJCCIC recently received reports of a phishing campaign that was also identified by Proofpoint. The campaign involves malicious emails using piano or musical instrument-themed messages to lure people into advance fee fraud (AFF) scams. At least 125,000 messages associated with a … Continue reading NJCICC: Faculty and Students Targeted in Free Instruments Phishing Campaign
Mon, 17 Jun 2024 20:13:09 +0000

NJCCIC: Phishing for DarkGate

DarkGate has spread through several phishing campaigns, including fake browser updates, the messaging feature in Microsoft Teams, and PDFs containing Google DoubleClick Digital Marketing (DDM) open redirects. The NJCCIC recently reported on a DarkGate campaign exploiting a Windows SmartScreen vulnerability. The NJCCIC’s email security solution has recently observed multiple attempts to spread DarkGate malware through … Continue reading NJCCIC: Phishing for DarkGate
Mon, 17 Jun 2024 20:11:47 +0000

Free Training Certified in Cybersecurity (CC) certification bootcamp.

See yourself in cybersecurity. You don’t need experience — just the passion and drive to enter a demanding and rewarding field, one that opens limitless opportunities worldwide. As part of our commitment to help close the cybersecurity workforce gap and diversify those working in the field, ISC2 is offering FREE Certified in Cybersecurity (CC) Online Self-Paced … Continue reading Free Training Certified in Cybersecurity (CC) certification bootcamp.
Mon, 17 Jun 2024 20:05:41 +0000

HOPE XV will be the fifteenth Hackers on Planet Earth In Queens NY

HOPE XV will be the fifteenth Hackers On Planet Earth event. July 12-14, 2024 at St. John University Queens, NY This event promises to be memorable. It is open to all hackers, makers, tinkerers, experimenters, artists, educators and anyone else with an interest in exploring and improving the world we live in and sharing knowledge … Continue reading HOPE XV will be the fifteenth Hackers on Planet Earth In Queens NY
Sat, 15 Jun 2024 16:47:48 +0000

I was surprised and very happy at the Secon NJ

I was presented with a Lifetime Achievement Award at SECON NJ at Kean University. From Ken Fisken president of ISC2 New Jersey Chapter. To say I was shocked is an understatement, I am very honored to be the recipient of this honor. As I say, if all of us would give back to community 1 … Continue reading I was surprised and very happy at the Secon NJ
Sat, 15 Jun 2024 15:57:27 +0000

Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design | Draft NIST IR 8517 is Available for Comment

NIST Internal Report (IR) 8517, Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design, is now available for public comment. There is an incorrect and widespread assumption that hardware is inherently secure. However, this report documents numerous potential security failures that can occur in hardware. It also demonstrates the diverse ways in which hardware can … Continue reading Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design | Draft NIST IR 8517 is Available for Comment
Sat, 15 Jun 2024 13:32:53 +0000

A Data Protection Approach for Cloud-Native Applications: Draft NIST IR 8505 is Available for Comment

The initial public draft of NIST Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, is now available for public comment. Cloud-native applications, which are generally based on microservices-based application architecture, involve the governance of thousands of services with as many inter-service calls. In this environment, ensuring data security involves more than simply … Continue reading A Data Protection Approach for Cloud-Native Applications: Draft NIST IR 8505 is Available for Comment
Sat, 15 Jun 2024 13:32:12 +0000

NIST Requests Public Comments on SP 800-38B and SP 800-38C | CMAC and CCM Block Cipher Modes of Operation

NIST Requests Public Comments on SP 800-38B and SP 800-38C | CMAC and CCM Block Cipher Modes of Operation NIST maintains its cryptography standards and guidelines using a periodic review process.   Currently, we are reviewing the following publications: NIST requests feedback on all aspects of these publications. Additionally, NIST would appreciate feedback on the guidance … Continue reading NIST Requests Public Comments on SP 800-38B and SP 800-38C | CMAC and CCM Block Cipher Modes of Operation
Sat, 15 Jun 2024 13:31:35 +0000

Free Training Microsoft Copilot for Microsoft 365 training day

Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft 365 Virtual Training Day from Microsoft Learn. Join us at Prepare Your Organization for Microsoft Copilot for Microsoft 365 to learn how to implement AI to help ignite creativity, enhance productivity, and strengthen computing … Continue reading Free Training Microsoft Copilot for Microsoft 365 training day
Sat, 15 Jun 2024 13:30:26 +0000