cybersecurityshawn.com

Shawn Maschino serves as the main contributor and editor at CybersecurityShawn.com. With over two decades of experience and a strong dedication to reshaping perceptions of cybersecurity in the business realm, the content presented on this website aims to bolster and stimulate businesses in enhancing their cybersecurity strategies and fostering meaningful discussions on the subject.

Artificial Intelligence – AI Powered Cybersecurity Challenges and How To Address Them

Cybersecurity Architecture, Cybersecurity News / 4 minutes of reading

Introduction As the field of Artificial Intelligence (AI) continues to advance, so does the ever-growing threat of cybercrime. Cybercriminals are quickly adapting to new technologies and exploiting vulnerabilities to conduct their operations. According to Verizon’s “Data Breach Investigations Report,” the average cost of a data breach has risen to $4.24 million, with ransomware accounting for […]

Artificial Intelligence – AI Powered Cybersecurity Challenges and How To Address Them Read More »

UEFI Security: Lessons learned and strategies for businesses

Cybersecurity News / 4 minutes of reading

Introduction: The Cybersecurity and Infrastructure Security Agency (CISA) has raised concerns about the security of Unified Extensible Firmware Interface (UEFI) update mechanisms. In an exclusive interview, CISA emphasizes the need for a secure-by-design approach to enhance the overall security posture of UEFI. This article aims to summarize the content, highlight the lessons learned, and provide […]

UEFI Security: Lessons learned and strategies for businesses Read More »

Nmap: Once the Go-To Tool for Network Scanning. Does It Still Hold Up?

Tools / 3 minutes of reading

Nmap, which stands for Network Mapper, is a powerful and widely used cybersecurity tool. It primarily functions as a network exploration and vulnerability scanning tool. Developed by Gordon Lyon (also known as Fyodor Vaskovich), Nmap has been extensively utilized by cybersecurity professionals to assess network security, map networks, discover hosts, and identify potential vulnerabilities. The […]

Nmap: Once the Go-To Tool for Network Scanning. Does It Still Hold Up? Read More »

Lessons Learned from the Russian ‘Midnight Blizzard’ Hackers Targeting Microsoft Teams: A Cybersecurity Architecture Perspective

Cybersecurity News / 4 minutes of reading

Introduction: The cyber threat landscape continues to evolve, with state-sponsored hackers perpetually finding new ways to exploit vulnerabilities and launch targeted attacks on organizations. The recent resurgence of the Russian state-sponsored group known as Midnight Blizzard, or Nobelium, has raised concerns within the cybersecurity community. This article aims to summarize the content related to their […]

Lessons Learned from the Russian ‘Midnight Blizzard’ Hackers Targeting Microsoft Teams: A Cybersecurity Architecture Perspective Read More »

Is Your Teammate is a Machine? – Assessing Business Use of AI Impacts On Cybersecurity

Cybersecurity Architecture / 4 minutes of reading

Introduction: Artificial intelligence (AI) is revolutionizing various aspects of our lives, including cybersecurity. CISOs (Chief Information Security Officers) are now faced with the reality of AI becoming both a friend and a force multiplier for adversaries. As AI is increasingly seen as a teammate, there are critical questions that CISOs must ask to effectively embrace […]

Is Your Teammate is a Machine? – Assessing Business Use of AI Impacts On Cybersecurity Read More »

Analysis: Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

Cybersecurity News / 4 minutes of reading

Introduction: In this article, we will explore the recent activities of the hacking group known as Patchwork, also referred to as Operation Hangover and Zinc Emerson. These threat actors have been targeting universities and research organizations in China by employing a backdoor named EyeShell. Patchwork is believed to operate on behalf of India, focusing primarily […]

Analysis: Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor Read More »

Analysis: AVrecon & Malware Proxy Service SocksEscort – Lessons Learned and Business Considerations

Cybersecurity News / 4 minutes of reading

Introduction: In recent research, cybersecurity experts have discovered a Linux-based remote access trojan called AVrecon that enslaves Internet routers to create a botnet. This botnet, known as AVrecon, is responsible for operating the 12-year-old service known as SocksEscort. By renting compromised residential and small business devices, SocksEscort allows cybercriminals to conceal their true online locations. […]

Analysis: AVrecon & Malware Proxy Service SocksEscort – Lessons Learned and Business Considerations Read More »

New SEC Rules and the Impact on Enhanced Cybersecurity Disclosure

Cybersecurity News / 4 minutes of reading

Introduction: The U.S. Securities and Exchange Commission (SEC) has recently approved new rules that require publicly traded companies to disclose details of cybersecurity attacks within four days of identifying their “material” impact on their finances. This development marks a significant change in the way organizations disclose computer breaches, aiming to provide consistency and comparability in […]

New SEC Rules and the Impact on Enhanced Cybersecurity Disclosure Read More »

Analysis: APT31 Attacks on Air-Gapped Systems – Lessons for Businesses

Cybersecurity News / 4 minutes of reading

Introduction: In a series of attacks on industrial organizations in Eastern Europe, a nation-state actor suspected to have links to China, known as APT31, targeted air-gapped systems to extract valuable data. Cybersecurity company Kaspersky recently revealed the details of these intrusions, attributing them to APT31 with medium to high confidence. This article will summarize the […]

Analysis: APT31 Attacks on Air-Gapped Systems – Lessons for Businesses Read More »

Industrial Control Systems (ICS) Vulnerabilities Trend Upward – Key Lessons for Businesses to Strengthen Cybersecurity

Cybersecurity News / 4 minutes of reading

Introduction: The rising number of security vulnerabilities impacting Industrial Control Systems (ICSs) is a cause for concern, as evident from the staggering increase in unpatched flaws in 2023. Recent data compiled by SynSaber reveals that approximately 34% of reported ICS vulnerabilities lacked a patch or remediation, indicating a significant rise from the 13% recorded in […]

Industrial Control Systems (ICS) Vulnerabilities Trend Upward – Key Lessons for Businesses to Strengthen Cybersecurity Read More »

Scroll to Top