Topic: Cybersecurity & The Threat Landscape

From the Spring 2025 Issue

The More Things Stay the Same: The Resurgence of Classic Cyberattack Vectors

Author(s):

Chris Pogue, Director, Digital Forensics and Incident Response, CyberCX

Cyber Attack Vectors

In the ever-evolving landscape of cybersecurity, it’s easy to become fixated on emerging threats, often overlooking legacy vulnerabilities that persist within our systems.  Recent trends indicate a notable resurgence of classic attack vectors, such as SQL injections, buffer overflows, and web shells—techniques that many assumed had been relegated to the annals of cyber history. This … Read more

From the Spring 2024 Issue

Shielding Projects: Cybersecurity Strategies for PMOs

Author(s):

Rahul Yadav, Founder & CEO, Feasti

In this digital era, organizations face cyber threats with severe consequences. These threats are primarily due to remote working, the usage of unsecured devices or the use of outdated antivirus software. An effective cybersecurity strategy involves risk assessment for effective resource allocation. Moreover, security systems such as encryptions and firewall software stop unauthorized access. Project … Read more

From the Winter 2024 Issue

Exploring the Dark Web: Understanding its Role in Cybersecurity Threats

Author(s):

Justin Petitt, Director, Cybersecurity Center of Excellence, Edgewater Federal Solutions

Exploring the Dark Web

What in the Dark Web is happening here? “What in the Dark Web is happening here?” was the first thing said to me over a recent holiday trip, with a friend walking in and seeing me checking in on work and life with three separate laptops set up in front of me, my attention and … Read more

From the Summer 2023 Issue

Defense In Depth and DMZ WEB Server Deployment

Author(s):

Syed Taha Ahmed Jafri, Information Security Specialist,

Defense In Depth and DMZ

Introduction This article will discuss Defense in Depth (DID) in detail and minimum steps to securely deploy a Web server in DMZ for a FinTech 3-tier application. 3-TIER ARCHITECTURE In software engineering the methodology of 3-tier architecture is used to divide an application into logical boundaries. These boundaries are logical and their main benefit is … Read more

From the Spring 2023 Issue

The Double-Edged Sword of Cyber Threats in Latin America

Author(s):

Kate Esprit, Cyber Threat Intelligence Analyst, MITRE

Cyber Threats in Latin America

Ask any cyber intelligence analyst about today’s major threats, and they will likely launch into a discussion about hacking groups in China, Iran, North Korea, or Russia. Indeed, state-sponsored threat actors in these countries are highly sophisticated and have wreaked havoc on global network infrastructure. However, the cybersecurity industry continues to overlook other areas of … Read more

From the Winter 2023 Issue

The New Threat Surface: Employee-Targeted Digital Risks

Author(s):

Amir Tarighat, Co-Founder and CEO, Agency

The New Threat Surface

In the last decade, the enterprise cybersecurity ecosystem has rapidly grown to address new threats. Overall, it has become highly effective. Businesses have benefited from a veritable army of professionals and cutting-edge technology to secure their systems, forcing bad actors to evolve their strategies. As corporate devices and networks are increasingly well-hardened, cybercriminals have begun … Read more

From the Fall 2022 Issue

Cybersecurity Threats: How to Monitor For and Report Them

Author(s):

Shannon Walker, Founder and President, Whistleblower Security Inc.

Cybersecurity Threats

Businesses face the threat of potential cyber-attacks every day. Whether they are large or small, companies are exposed to risks from hackers wanting to steal sensitive data or disrupt operations. Consider the following cases. In 2015, Dr. David Kreir’s small business, Volunteer Voyages, incurred $14,000 in fraudulent charges after a thief stole their online debit … Read more

From the Summer 2022 Issue

Securing APIs Through External Attack Surface Management (EASM)

Author(s):

Phillip Wylie, Manager of Tech Evangelism & Enablement, CyCognito

Securing APIs-Phillip Wylie

As cybersecurity teams work tirelessly to secure their computing environments and stay ahead of risks, two areas that stand out are external attack surfaces and Application Programming Interfaces (APIs). These two areas are not new but have been overlooked or not adequately addressed. Attack surfaces, internal and external, have been around a long time. APIs … Read more

From the Spring 2022 Issue

Playing Offense and Defense with Drone Cybersecurity Threats

Author(s):

Kate Esprit, Cyber Threat Intelligence Analyst, MITRE

TBONE, Tesla, and Technological Threats In October 2016, U.S.-based vehicle manufacturer Tesla received some surprising news – two German security researchers had found a way to hack the company’s cars using a drone. The researchers, Ralf-Philipp Weinmann and Benedikt Schmotzle had hacked into Tesla’s systems by exploiting several zero-click vulnerabilities in the ConnMan software, an … Read more