Author: Lou Covey

Scam Bucket: You can escape Meta Hell

Not all scams take money from you. One of the biggest security scams is the belief that once you have joined a Meta platform, it is impossible to leave. The news the Meta is working with a government contractor to make facial recognition tech for ICE agents has accelerated interest in how to escape Meta Hell. The question is, how?

Migration from Meta platforms is no longer a niche trend. Through 2025 and 2026 there is a sustained structural shift in the social media. Just consider the explosive growth of Bluesky, which closed 2025 with over 41.4 million registered users, a 60% year-over-year increase, with daily active users climbing past 4.5 million. That represents real growth from status into mainstream viability.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Collaboration fueling configuration drift

Collaboration tools have fueled configuration drift facilitating phishing attacks since they became widespread during the COVID pandemic. The core of the problem is, as usual, human failure, or more accurately, human procrastination.

Configuration drift happens when vendors and customers join corporate networks with supposedly temporary credentials. When those credentials are not revoked quickly after the collaboration, system settings gradually, almost imperceptibly, diverge from a secure baseline state.

Collaboration tools, beginning with email in the 1970s, were largely clunky, on premises and limited to technically sophisticated organizations. Through the 20 years following the turn of the century they became more sophisticated and allowed inclusion of users outside the networks, like vendors, consultants, and customers. Approximately 400 to 600 million people in professional contexts today use Microsoft Teams, Slack, Google Workspace, Zoom, and dozens of others collaboration tools. Gartner said 90% of Fortune 500 companies standardize on Teams. Moreover, every team that uses collaboration tools configures every collaboration tool differently with no central enforcement.

“Configuration drift is one of the most under-recognized risks in modern cybersecurity,” said Garrett Hamilton, CEO and founder of Reach Security. “Security tools are constantly changing due to updates, new features, and operational adjustments. Over time, those changes create drift that quietly weakens defenses. Organizations need a continuous way to validate that the controls they depend on are still working as intended.”

Premium Membership Required

You must be a Premium member to access this content.

Join Now

Already a member? Log in here
Read more...

We read Czarny’s book so you wouldn’t have to

Cybersecurity Upside Down is a self-published book about the benefits of content disarm and reconstruction (CDR) security services and tools. Written by Benny Czarny, the CEO of OPSWAT, a respected provider of CDR, it is an attractive coffee table book to place in office reception rooms. It provides a good argument for adoption of CDR in large enterprises and government networks.

It is also about 150 pages too long, repeats the same argument several times, and has copious sections written by AI. There are also a lot of graphics (about 50 pages worth) that are also AI generated and not always illustrating the text. All of that tends to obfuscate the good argument Czarny makes.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Data removal services face uphill battle in healthcare

The data broker market is worth half a trillion dollars and growing at a rate of 7.3 percent annually through 2033. That means they don’t care that you want your privacy. They are making too much money selling your personal information to care. That lack of concern doesn’t just affect an individual’s privacy. It threatens their security and that of nation states. The personal data removal and online privacy niche is fixing the problem. That industry, however is worth a 10th of the data broker market so it doesn’t have the political clout of data brokers. And nowhere is it bigger than the healthcare industry, according to Rob Shavell, CEO of Deleteme.

Read more...

Agency admits most marketing is misinformation

A public relations firm in the United Kingdom said the quiet part out loud about cybersecurity marketing: that much of it is fiction if not outright fraudulent.

Whiteoaks International surveyed 152 senior marketing, PR and communications professionals in the country, working in cybersecurity. The results found 30% said they helped produce content that was excessive, misleading, or unsubstantiated. More than half (51%) said they had seen this type of messaging in the sector.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Scam Bucket: Legal but “scammy”

Many shady practices on the internet are scams, but some seem "scammy." Cyber Protection Magazine came across one such operation.

While ordering food on Grubhub recently, a pop-up appeared telling us we “earned a reward!” Clicking on the link it offered a $20 rebate on my next purchase. Sounds good, doesn’t it? Not really.

Note: All the companies involved in this transaction will be named in this article. All were contacted for comment. Only Grubhub responded with a request for additional information and then went silent.

Even though the transaction was occurring within the Grubhub mobile app, the pop-up was from an organization called Cashback-Now. The company name is relatively common for several companies, all apparently running the same type of business. In this case the URL is cashback-now.com.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Reporter’s Notebook: What happened to ‘Q-Day’?

Time to dig into the RSAC Conference notes. It was only three years ago that vendors were warning of Q-day, the day quantum computers could break current encryption, filled the pages of technology publications and even general news outlets. Those warnings are much more muted this year. What happened?

Primarily, the work of NIST solved the issue in setting new standards for encryption. All the post-quantum computing companies, like PQShield and SandboxAQ, are offering encryption products that are more alike than they are different and all are doing good business providing tools and services. We seem to be more than ready for the dreaded Q-Day.

Then, again, the progress on creating an encryption-breaking quantum computer is maddeningly slow. The industry still insists 2029 is the Q day ETA, and it will break military-grade encryption in one week… on a single document. Assuming a nation state that has such a computer has stolen 20,000 encrypted documents, it would take 38 years to decrypt them all. But the number of stolen encrypted documents, although inestimable, is probably orders of magnitude higher. So reality mutes the projections of potential disaster.

Premium Membership Required

You must be a Premium member to access this content.

Join Now

Already a member? Log in here
Read more...

Is Mythos a sheep in wolf’s clothing?

Anthropic’s announcement of Mythos threw a lot of FUD into the cybersecurity market without significant third-party validation of its abilities. Is that FUD justified, another legal form of extortion designed to get security budget dollars, or just another weird marketing ploy? Maybe more to the point, is it a sheep in wolf’s clothing?

Mythos does not address encryption, identity or social engineering, representing most of the issues of cybersecurity, It just deals with vulnerabilities in code development. That might negatively impact the cloud-native application protection platform (CNAPP) sector but, at the same time, the tool is only being offered to Fortune 100 companies. Meanwhile, there are hundreds of thousands of large, medium and small enterprises that won’t get it, at least anytime soon unless they steal it.

Read more...

Security for less than $500 a month

Cybersecurity companies tend to target large enterprises because, that’s where all the money is. supposedly. They may be missing a lucrative bet and a solution to AI-generated attacks.

In 2025, Comcast issued a report that said 95% of all cyber breaches began with someone in an organization clicking on a malicious link. It wasn’t a brilliant hacker breaking through military grade encryption, or a rogue LLM from a major AI platform discovering backdoors. It was someone not paying attention to the warning signs.

Security training is supposed to reduce that by making users more aware of those signs. That is being tested by AI-generated phishing programs massively increasing the number of attempts. A Hoxhunt survey estimated Ai has caused a 14X increase in phishing attempts in the past year.

Stopping the inevitable

The question is, with cybersecurity hitting a $328 billion market size, why is it getting worse?

Benny Czarny, CEO of OPSWAT, answers that question in a new book, “Upside Down Cybersecurity” that just came out. “The reality is that the market is not adopting this technology or it’s underlying concept fast enough.”

To be accurate, Czarny is talking about OPSWAT’s content disarm and reconstruction (CDR) technology, but based on talks with dozens of CEOs and CISOs at the RSAC Conference in April, the same complaint is made by every company in cybersecurity.

Essentially, the customers that haven’t bought into a cybersecurity service or tool is stupid. They don’t say that for publication, but they do say it. They may be missing another reason. Cybersecurity companies don’t know how to sell their products and services to the people that most need them. Conversations with customers at RSAC back that up.

Untapped SMB market

A 2022 McKinsey survey showed small to medium businesses (SMBs) represent a total market of $1.5 trillion to $2.0 trillion. That market is generally ignored in favor of Fortune 1000 companies. Moreover, the survey noted that current commercial solutions do not meet needs of SMBs and mid-market companies.

(It should be noted that McKinsey’s numbers are based on an erroneous 1998 report on the cost of the cybercrime that was overstated by a factor of between 5 and 10 times the actual number. Official total of cybercrime total less than $1 trillion, making the total available market need at less than that.)

That’s a meaningful response to Czarney’s complaint. OPSWAT’s focus is on big infrastructure. Their pricing is not transparent because, as the saying goes, “if you have to ask, you can’t afford it.” That limits OPSWAT’s market to less than 150 customers and, as he said, they are making a good living off of it. OPSWAT and the majority of the industry are still, however, leaving billions of dollars on the table.

There is evidence that better training makes a difference. Security behavior-change programs, as opposed to traditional awareness model, employees recognized and reported social engineering attacks with a 6x improvement in 6 months, and reduced the number of malicious clicks by 87%, according to a recent report by Hoxhunt. The key, however, may be providing services that block malicious links or alert users to potential danger and with little to no cost to an organization. Encouragingly enough, there are services that do exactly that.

Security at $500/month

DNSFilter processes about 170 billion DNS queries daily, blocking 200 million categorized threats. That’s millions of phishing campaigns failing to reach targets That's significant volume. They also claim to block threats an average of 10 days faster than traditional threat feeds. Significantly, their pricing model starts at $240 a year, for up to 20 users up to a minimum of $1080 per year for a large enterprise. This easily fits into the Cyber Protection Magazine Security Under $500 a Month classification.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...