A look at the common frameworks and standards that shape Information Security programs. — Five years ago I was a junior, going on senior, in college, and had just landed my first job in the tech field. …

SecOps, Incident Response, Vulnerability Management, Risk Analysis…where do I start? — The information security industry is very large and there are many different career paths to be considered. Googling “jobs in information security” likely results in something like this:

Reflecting on the CISSP exam and the excitement two years later when I officially became certified. — I took the CISSP exam back in November of 2019, so you can say it’s been quite a long journey. …

An analysis of the gender gap in cybersecurity and tech careers alike. — The fact that there are so few women in the cybersecurity industry isn’t news to anyone. This has been an issue for years and years but has become more of a popular topic in parallel with the rise in popularity of the profession. One would think that as cybersecurity becomes…

Dark Roast Intelligence | November 28, 2022 — Welcome to this week’s edition of Dark Roast Intelligence. In this article, you’ll find overviews of a recent cyberattack on a sports betting organization, how threat actors are using a Windows zero-day vulnerability to deliver Qbot malware, and the latest vulnerability in Google Chrome. DraftKings Falls Victim to Credential Stuffing Attack On November 19th, many DraftKings customers…

Dark Roast Intelligence | November 21, 2022 — Welcome to this week’s edition of Dark Roast Intelligence. In this article, you’ll find summaries of recent cyber events, overviews of trending malware variants and vulnerabilities, and key takeaways for those who wish to action on this information within their organizations. Amazon Relational Database: Sensitive Data Exposure On November 16, 2022, security researchers at Mitiga, a…

The newest section of Dark Roast Security. — Dark Roast Security readers, Before I get into the purpose of this article, I want to thank you for your support over the last two years. If you would have told me back then that this blog would have upwards of 25,000 minutes read on average over three months time…

What It Is and How to Avoid It. — This article was originally published on Built In. Multifactor authentication, or MFA, is a mechanism used to secure user accounts. Unsurprisingly, however, malicious actors have found ways to bypass it, making the technology merely a small obstacle for many attackers. Although many methods can bypass MFA, a technique called MFA…

An overview of the latest Phishing-as-a-Service platform and how it differs from others. — Earlier in the month, security professionals across the globe began seeing references to Caffeine, and, although we would’ve liked to see it be nothing but a new Starbucks order trend, that wasn’t the case. …