Viva Las Vegas!

Welcome to August! Hacker Summer Camp is now in full swing in Vegas, with BSides Las Vegas , BlackHat and Defcon all happening this week! Over the week circa 30,000 security researchers, ethical hackers and cyber security community members will descend on Vegas for Hacker Summer Camp - I am so excited to be one of them thanks to the amazing th4ts3cur1ty.company . One of the (many) great things about working here is the encouragement and support to attend community conferences (which helps as I get involved in quite a few!)

If you are in Sin City over the next few days and want to meet for an iced coffee or a cold beverage, drop me a message!

July saw much cyber disruption, and although not your traditional cyber incident, on the 19th of July Crowdstrike Falcon brought about an availability issue (part of the CIA triad ) that brought worldwide disruption with Windows system crashes and the Blue Screens of Death (BSOD.) This was unfortunately timed with the busiest holiday weekend of the year, as it coincided with many school summer breakups, leaving airports rapidly implementing their disaster recovery processes. This is now a great time to consider your third-party supplier assurance - any business that supplies services to you, or that you supply services to is part of your ecosystem of trust.

July also saw some big names hit with ransomware including Ticketmaster (with Taylor Swift barcodes being offered on the dark web, as well as the threat of more releases), AT&T had nearly all of 6 months' call logs stolen, and Formula 1 was subject to a phishing attack.

July also saw a British 17-year-old arrested for his alleged role in the MGM Resorts casinos hack last year. We are seeing more and more teenagers being lured into Cybercrime, something that as a member of the Virtue Council for the Hacking Games I am keen to help to try and fix. If you want to find out more about the mission, drop me a message!

So what else have the dragons been up to?

Our team has grown quite a bit this month, with new members for our SOC team, our Cyber Security Engineering and Pen Test team, and a new Head of Marketing. You may have seen our shiny new website , which shows all of the cyber security and PocketSIEM services we offer.

We have been engaged in several Cyber Incidents as part of our DFIR service, as well as working on proactive security with our Cyber MOTs. We have recently been engaged by an investment firm to help provide an initial Cyber assessment of each of their investments and provide a high-level, fast security review with tangible recommendations for where to prioritise investment for quick wins in increased security maturity.

Dracoeye has also gone into full availability due to continued feedback and success. If you haven't used the security analysis tool yet - it's a completely free service to check the security of a website URL, an email address, or a file to ensure before you click on that link that it is safe. Please share it with your teams especially accounting, to help protect yourself from phishing attacks.

What's coming up?

As always if you need some help with a security project, or are starting to plan out pen testing or SOC procurement, do drop me a message to book a chat.

Have a great month!