July 2024 Newsletter

The dog days of summer are here and the cybersecurity world is feeling the heat. July kicked off with the AT&T data breach of phone call and text message metadata for nearly all of AT&T's cellular network customers. Let the lawsuits begin. But CrowdStrike stole the thunder when it borked an update, yielding the BSOD for all its customers, Azure included. The SEC lost some of its bite after a New York federal judge dismissed many of the claims against SolarWinds and its CISO. Also, in case you forgot, Kaspersky began shuttering all U.S.-based operations on the 20th. 

 

In this edition:

 

As always, thank you for your support, your feedback, and your camaraderie!

Cybersecurity Framework Series

In this series, we hope to provide insight into the complexities of the many cybersecurity frameworks out there. If you're looking for a straight-forward take on the updated NIST CSF and other frameworks, look no further.

 

The latest installment explores the Protect sub-function (linked above). Don't forget to check out the deep dives on the other sub-functions and, next up, prioritizing different elements and interpreting the results.

For those who have seen our table at the last few conferences, you no longer need to pick a lock to get one of our tees!

 

For those who haven't, check out our updated shop with some new tees!

Bypassing EDR, blogging about it, and getting into hot water!

Hoang Bui specializes in reverse engineering while dabbling in penetration testing and red teaming. Zac and Hoang discuss levels of abstraction and different approaches to writing and breaking programs.