Latest wrap in security and privacy from me :)
Alexandre BLANC Cyber Security
Advisor - ISO/IEC 27001 and 27701 Lead Implementer - Named security expert to follow on LinkedIn in 2024 - MCNA - MITRE ATT&CK - LinkedIn Top Voice 2020 in Technology - All my content is sponsored
First of all, thanks a lot for sticking around, you are 50597 subscribers to this newsletter !
Had a nice collaboration with Sprinto about ?????? ?????????? ???? ?????????? ?????? ???????? ???????????? , along with bunch of other specialists in the Governance, Risk and Compliance field.
If you use Gmail or Outlook, my friends at Secure Exchanges have a poll for you which I reshared , happy if you can voice your preference :)
Dan Lohrmann shared a nice post about "Is your phone spying on you " , totally worth a read IMHO
This one really really annoyed me, and you should check it out, if you value privacy, probably you have an action to take if you use Office on your machine . The worst is that this is enabled by default even on local, not cloud related versions of office.
They really don't know what to add to feed their invasive AI crap that no one asked for
Lately, there is not a day without an infostealer being involved in an incident "The Rising Threat of Infostealer Malware " (direct link to the article)
If your neighbor is a sensitive target, you maybe at your turn targeted by state sponsored or advanced APTs because you are close to a target of interest.
Upperity shared about PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Finally, Orenda Security shared about this new BYOVD attack which bypass Antivirus protections
Wishing you all a good day, obviously, it's just a few things from the continuous cyber security information flow.
Side note, it seems we have reached a pike in cyber, and the space is now fairly saturated, both on products, solutions, people. That's my gut. We see a lot of great people being let go, and what was not long ago called the gold rush seems to be, slowing down to say the least, WHILE the actual security posture of organizations is not really enhancing.
I hope this means we reach some kind of maturity in the market, that the hype will go, and hopefully, we'll get more practical actions from organizations toward security and privacy by design and by default !
+1??9?? 0??0??0??[CYBER-SECURITY-Architect / Researcher] ??????- TOP-VOICE LinkedIn ???? ????????
8 小时前Dear Alexandre ……thanks ????????
Cybersecurity & IAM Consultant
11 小时前Very insightful. thank you Alexandre BLANC Cyber Security
Helping Operations, Strategists, C-level and Boards with Cyber Security | Innovation | International Business and Growth | ???? ???? ???? ???? ???? ???? ???? Reach out or invite me! ?? EMEA ?? US ?? NATO ?? ?? ??? ???
12 小时前Thanks Alexandre, for the newsletter. Regarding your optimistic take on “positive” cybersecurity saturation, I am firmly on the opposite side. I foresee a cascade of failures, driven by several critical factors: ? EOL and EOS systems that were declared obsolete 5 and more years ago but remain in deployment in critical environments, are ticking time bombs. ? Backdoors in hardware and software manufactured or assembled in China and elsewhere, planted by state actors. These vulnerabilities, having been there for years, are now at increasing risk of discovery, so they have to be used. ? Corporate greed and data misuse: Western companies collect and merge massive amounts of data, selling it for mere $ to anyone who pays—including our own governments that find it cheaper and easier than spying themselves. This open access also benefits countless other players, state, malicious and otherwise. And this ignores the USER factor. Let’s be honest: expecting users to fully understand the risks and tools, while navigating endless regulations, is an impossible ask. With the overconnection, pervasive data collection, and the hollow promises of big tech and social media, we are headed toward not just a clusterF, but a clusterF squared.