Docker Malware, CISO-CFO Collaboration, and Job Hunting Like a Hacker

Hey there!

Every Sunday, I publish the Mandos Brief Newsletter, helping hundreds of cybersecurity leaders and professionals stay ahead of industry and make informed decisions.

For the full analysis on industry news, leadership insights, career tips, AI in security and cutting-edge tools, subscribe to Mandos Brief:

Now, let's dive into this week's key updates:

Malware Campaign Targets Docker APIs: A Wake-Up Call for Container Security

Docker users, it's time to double-check your security measures. Researchers have uncovered a new malware campaign that's specifically targeting exposed Docker API endpoints. The goal? To deliver cryptocurrency miners and other malicious payloads. This attack uses a clever remote access tool that can download and execute additional malware, and even spread via SSH. If you're using Docker in your organization, now's the time to ensure your API endpoints are properly secured.

U.S. to Ban Kaspersky Antivirus: National Security Concerns Take Center Stage

In a significant move, the Biden administration has announced plans to bar the sale of Kaspersky antivirus software in the U.S. The reason? Concerns over Russia's potential influence on the company. This decision highlights the growing intersection of cybersecurity and geopolitics. The worry is that Kaspersky's privileged access to computer systems could be exploited to steal sensitive information, install malware, or withhold critical updates. It's a reminder that our choice of security software can have far-reaching implications.

I also shared insights on a new social engineering technique tricking users into running malicious PowerShell scripts, and an alleged leak of Apple's internal tools source code. Learn more about these developing stories in the full Mandos Brief.

CISOs and CFOs: The Dynamic Duo for Optimizing Cybersecurity Budgets

Here's a statistic that might make you sit up: 66% of organizations have inadequate cybersecurity budgets. The solution? Better collaboration between CISOs and CFOs. If you're a CISO, it's time to learn how CFOs think and what they value. Regular dialogue and a focus on the business impact of cybersecurity investments can benefit both parties. By working together, CISOs and CFOs can make a stronger case for necessary cybersecurity investments and ensure resources are allocated effectively.

Communicating Vulnerabilities: The Art of Compelling Action

For security researchers and professionals, finding vulnerabilities is only half the battle. The real challenge? Communicating these findings in a way that compels action. Jeff Williams, an experienced security researcher, emphasizes the importance of empathy and trust-building. Avoid blame, appreciate developers' skills, and use collaborative language. When describing vulnerabilities, provide specific details, evaluate likelihood and impact, and offer thoughtful remediation recommendations. Remember, your goal is not just to report issues, but to inspire change.

Here's what else I covered in the Leadership Insights section: strategies for security teams to collaborate better with engineering, reducing friction and delivering value. Dive deeper into these leadership strategies in the full Mandos Brief.

Job Hunting Like a Hacker: OSINT Meets Career Strategy

Want to stand out in your job search? Try thinking like a hacker. Jason Blanchard from Black Hills Information Security suggests combining OSINT (Open Source Intelligence), marketing technology, and a hacker mindset to hunt for jobs proactively. This approach involves writing your resume during the job hunt and recognizing that you might already have your dream job. The goal is to land your ideal career or a stepping stone job within 5 years. It's time to stop being a passive job seeker and start being an active job hunter.

The Security+ Certification Debate: Is It Worth It?

The cybersecurity community is divided on the value of the Security+ certification. For those early in their careers, it can be a valuable foundation and door-opener. However, for more experienced professionals, hands-on skills often take precedence. The takeaway? The certification's worth depends on your career stage and goals. If you're considering Security+, think about where you are in your career journey and what you hope to achieve with the certification.

I also shared insights on common penetration testing interview questions and how to prepare for them. Get more career development tips in the full Mandos Brief.

Additional topics covered in the latest Mandos Brief include:

• OpenAI's strategic move to bolster cybersecurity expertise
• A new security toolkit for safer interactions with Large Language Models
• Insights from Anthropic on red teaming AI systems