A member recap of Dr. Thomas Scanlon’s session at (ISC)² Security Congress 2022 by Angus Chen, CISSP, CCSP, MBA, PMP. Dr. Scanlon started his talk by showing images of women and posing a question to the audience: Can you spot the fake person? See the image to left. To my surprise, none of them are a real person! These images are generated by an AI algorithm, generative adversarial network (GAN),  source: https://thispersondoesnotexist.com. In my opinion, it is a little creepy. Several websites today use data-driven unconditional generative image modeling to create deepfake images such as https://thisxdoesnotexist.com.  According to CISA, a deepfake is considered as misinformation, disinformation and malinformation (MDM). Misinformation is false, but not created or shared with the intention of

Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on Dangerous BatLoader Malware Dropper A dangerous new malware loader with features for determining whether it's running on business or home computers has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black claim the threat, dubbed BatLoader, is being used to distribute a variety of malware tools including a banking Trojan, an information stealer, and the Cobalt Strike post-exploit toolkit on victim systems. Source: https://www.darkreading.com/attacks-breaches/researchers-alarm-batloader-malware-dropper Windows Kerberos Authentication Impacted by November Patches Microsoft is investigating

By Dr. Fulvio Arreghini, CSSLP, Head of International Sales at INFODAS GmbH. Fulvio is a CDR of the Italian Navy (reserve). He has an Master Degree in communication engineering and a PhD in Information engineering. During his active service in the Navy he’s been working mainly in the areas of Secure Tactical Communication and Command and Control systems, acting often also as security officer and risk manager. Since 2020 in the private sector, he joined Infodas at first as solution architect to later become head of international sales. Cyberattacks to operational technology (OT) are on the rise and the providers of critical services have to cope on one side with the requirement for high availability, preventing them from having long downtimes

(ISC)² recently announced an expansion of its diversity, equity and inclusion (DEI) initiative through partnerships with several organizations around the world.   “It’s no secret that the cybersecurity industry isn’t nearly as diverse as it should be,” said Dwan Jones, director of Diversity, Equity and Inclusion at (ISC)². “Our mission at (ISC)² is to not only enable individuals from all backgrounds to enter the cybersecurity industry but also to empower and equip them to excel in their positions and continuously grow in their careers.”  BUiLT (Blacks United in Leading Technology) is one of the DEI partners, and along with (ISC)² will be bringing together diverse cybersecurity professionals for an exciting networking event in Washington, DC. If you live or work in

What do you get when you cross a teacher with an entrepreneur who also has a passion for cybersecurity? You get Matt Lee. Matt is the Senior Director of Security and Compliance at Pax8, where he is a force multiplier in the mission to empower Managed Service Providers (MSP) to continue to grow in their security knowledge and operability. We recently had a chance to speak with Matt about his experiences, and to offer some solid advice to those who are looking to enhance their cloud security. Q: Could you tell us a little about your background, and how you became involved as an educator for Pax8? A:  I built an MSP with a bunch of my friends over the