{email_subject}

Dear Reader,

The RSA Conference is fast approaching and our chief editor Lou Covey filled his meeting agenda by the first week of March. His waiting list is longer than the list of confirmed meetings, which stands at 20. Last year he took 50 meetings over three days and said it almost killed him.

That doesn’t mean that the wait-listed companies and their news won’t be covered but it does slow things down when PR firms and clients don’t even read the magazine. And we know who that is by the list of subscribers, who comments and shares our content and connections to the Linkedin page. So if you feel left out, maybe it’s because you ignored the invitation to the party. If you are reading this, no problem. But if your clients or executives haven’t, you might want to fix that.

Oh, and speaking about RSA: keep your eyes open, we will have an announcement coming up - quite literally (yes, I'm talking to you, cyber-marketeers and PR folks).

Enjoy reading our newsletter!

Patrick Boch & Lou Covey
Editors

Dark Web Special Issue

But as we approach the conference there are some things we are looking into. We are preparing a special issue for late summer on the Dark Web, including it’s history, what’s in it, how you can use it against attacks and whatever else we find.

Thwarting Ransomware

Another story we think is hot is how successful ransomware attacks are on the decline, even though attempts are rising. That has given rise to a dramatic increase in phishing attacks and variants of phishing.

New to the defense is the availability of free decryption tools to thwart ransomware. We’ve found a couple but we want to find them all.

Raising the Stakes – the Evolving Threat of Ransomware

Given the evolving nature of the risks presented by ransomware gangs, there is clearly a need for better protection and remediation strategies.

Bank collapse drives Phishing attacks

“We are seeing some phishing attempts offering loans, or pretending to be founders to financial teams,” said Grant Warnick, CEO of cybersecurity company Fletch. “We are expecting more fraud attempts…

Generative AI

ChatGPT and generative AI are dominating news cycles but what we do at CPM is sift through the dross to find what new technology really means. We interviewed researchers about how quickly ChatGPT was used to create malware. We also reported on positive uses of the tools

But the problems are not always obvious. For example, we’ve discovered it can also be used to find out what secrets about companies are already out on the web that weren’t leaked or stolen. They were put out there by someone in your company without malice, just ignorance.

A Trip to the Dark Side of ChatGPT

Artificial Intelligence might become a weapon in the hands of cyber criminals. We spoke with Sergey Shykevich from CheckPoint to see how concerned the cybersecurity worlds needs to be.

Generative AI tools are a blessing and a curse, but cybersecurity may lead to reason

Generative AI is generating press describing it as a blessing or a curse, perhaps both. Cooler heads, however, are finding balance and benefit, especially in the cybersecurity field.

Zero Trust is more than a technology

The problem with Zero Trust is that it has become more of a marketing term than a definable technology. We will continue to look into this, but we are working on a piece describing ZT as a way of life.

You may have seen an ad for a product on social media that seems interesting. You click on it to see what it is and may be convinced that it was worth trying. That would be your first mistake. We will be taking a look at the tools of social engineering that have nothing to do with technology and everything to do with playing on fears, desires and trust.

Zero Trust in Practice – Adopting and Sustaining it in Your Real-World Environment

Zero trust is a heavily used buzzword. It inspires confidence when it’s used by cyber security and technology experts to imply a completely secure technology environment that protects people, devices…

The Role of a Zero Trust Network in Your Organisation’s Digital Transformation

Traditionally, security architectures focused on protecting the network. In a connected world, this approach is no longer effective. A zero trust security architecture is essential for every organisation.

Passkey vulnerability

Finally, passkeys are supposed to replace passwords because they are more secure. Are they? Let’s find out. For example: backward-compatible tokens and push commands can force digital services to authenticate them. Attackers prefer target data-rich environments, such as financial services and healthcare, to commit fraud Once a system is penetrated, stored biometric data at major companies can be exfiltrated. It’s within the realm of possibility.

Naked self promotion

Cyber Protection Magazine has the mandate to cover more than 5,000 companies in the cyber space with little financial support. We field about 100 requests for briefings per month and more when major conferences like RSAC approach. To simplify the process we publish this newsletter mostly monthly letting you know what we will be working on. We also post most articles to Linkedin and soon to Mastodon (where our chief editor is already a Verified Journalist). If your company and partners aren’t following us, they are not only missing out on independent coverage of the industry, they are often missing out on opportunities to be covered.

More importantly, we do give preference on coverage of certain subjects to companies and agencies that help support our work. That can be done through sponsorship or donation. If you value independent journalism, maybe it’s time you put your money where your pitches go.

And that’s it for this issue of the Cyber Protection Magazine newsletter. If you have a comment, question or pitch on any of the above subjects, drop us a line on the website, or a one-minute audio comment on the Crucial Tech podcast. We will get back to you.

Cyber Protection Magazine
https://cyberprotection-magazine.com

Modify your subscription | View online