May was another busy month in the cybersecurity world. Phishing continues to be a major PITA as bad actors are leaning into DocuSign scams. We saw some good news from the FBI and DOJ takedown of BreachForums and Baphomet. Unfortunately, like most cyber victories for the good guys, it seems it will only be a matter of time before the next site pops up. Still, at least Microsoft is finally going to follow some basic cybersecurity hygiene rules.
In this edition, we focus on:
Moar CSF 2.0
Boardwalk Bytes
Pride Month in Pennsylvania
κρυπτός
As always, thank you for your support, your feedback, and your camaraderie!
In this series, we hope to provide insight into the complexities of the many cybersecurity frameworks out there. If you're looking for a straight-forward take on the updated NIST CSF and other frameworks, look no further.
The latest installment explores the Protect sub-function (linked above). Don't forget to check out the deep dives on Identify and Govern! Remember, we're releasing a new post in the series every two weeks. So more to come!
Announcements
Stephen Bondurich is taking the stage to reveal some of his social engineering playbook in Atlantic City on July 12. Boardwalk Bytes is focused on creating an educational experience for the community so, naturally, we want to support the con however we can. In addition to sponsoring the conference, we're also providing an exclusive SEVN-X door prize!
Whether you’re a code warrior or a cyber sleuth, you won’t want to miss this chance to level up your skills and network with the best in the biz. See you by the sand!
The month of June is nationally recognized as Lesbian, Gay, Bisexual, Transgender, and Queer (LGBTQIA+) Pride Month. Throughout the month, events will be held across the Commonwealth to honor and create awareness of the LGBTQIA+ community, including parades, drag stories, sporting events, pageants, and other community activities. These events vary in size and expected attendance but have the potential to draw large crowds of participants and protesters. According to the Pennsylvania Criminal Intelligence Center, there are currently no known direct threats against Pride Month events planned throughout Pennsylvania.
Still, we wanted to share this toolbox by the Joint Counterterrorism Assessment Team (JCAT). The toolbox offers examples of violent extremist attacks, plotting, and messaging threats toward the LGBTQIA+ community and highlights opportunities for enhancing public engagement with stakeholders as a tool for mitigating violence directed at the LGBTQIA+ community.
A new video about the Kryptos art installation got the attention of the office. We wanted to share because, if you're like us, you may lose some sleep over the fourth section. Fun fact: the installation was named ‘Kryptos’ for the ancient Greek word ‘κρυπτός’ meaning ‘hidden’ or ‘secret.'
“An art installation known as Kryptos was inaugurated at CIA headquarters in late 1990. The main attraction was a curved copper screen inscribed with a secret message. Three-quarters of the code has since been broken, but the final segment has resisted all attempts at decipherment. This video chronicles the cracking of the first three segments and examines the many clues that may one day lead someone to decipher the fourth.”
