Blue Lava Community

Information security is a team effort.
Count us in.

Your safe haven environment to gather, share, support and mentor

Grow your skills and career as a member of the Blue Lava Community - Built by, with and for security leaders.

Our Community Members

Alex
Kreilein

Microsoft

Tammy
Moskites

CyAlliance

Mark
Weatherford

AlertEnterprise

Rock Lambros

RockCyber

Roger Hale

Agora

Russell Eubanks

Security Ever After

Jasper Ossentjuk

NielsenIQ

William Pugh

AWS

Frank Kim

SANS

Megan McCann

McCann Partners

Brian Johnson

Armorblox

Brian Contos

Phosphorus Security

Laz

Blue Lava

Deborah Blyth

Crowdstrike

Elizabeth Volini

JLL

Hamish Archer

IBM

Julie Cullivan

FireEye

Eward Driehuius

3Eyes Security

Membership Benefits

Private collaboration portal allowing members to gather, share, support, and mentor 365-days a year

Access to a support system of battle-tested business and security executives

Expert guidance on security program management

Relevant content and resources created with, by, and for members

Private meetups and best practice working groups led by member facilitators

Strategic mentor matchmaking

Join the community

Criteria to Join

CISOs (or equivalent responsibility)

Cybersecurity stakeholders including CIO, CRO, CTO, CPO

High potential cybersecurity leaders and aspiring CISOs

vCISOs, Consulting CISO, Business owners, Security Experts and Industry Influencers

Blue Lava customers

No sales or marketing executives

Join the community

Latest Discussions

Crucial Conversations w/ Rock Lambros - Securing IT and OT

Rock Lambros, CEO and founder of RockCyber, discusses how CISOs are taking the lead...

Crucial Conversations w/ Jasper Ossentjuk - What Every CISO Needs to Know About Crisis Management

Jasper Ossentjuk, SVP and CFO for Nielsen IQ, discusses what every CISO needs to know about crisis management planning and how it differs...

Crucial Conversations w/ Alex Kreilein - Product Security Best Practices

Alex Kreilein discusses what it takes for CISOs and InfoSec teams to become security advocates for customers by ensuring the safety...

View all

Events

Wednesday

10

August

BlackHat - CyAlliance MGM Grand Mansion Event (In-Person Meetup)

Aug 10, 06:00 PM - 09:00 PM (PT)

Las Vegas, NV, United States
Thursday

15

September

CyAlliance In Person Networking Dinner Event - Houston (In-Person Meetup)

Sep 15, 05:30 PM - 08:45 PM (CT)

How Internships In Cybersecurity Can Help You Bridge The Talent Acquisition Gap

By: Alexis Culp, 5 days ago

Blog Entry

We have been facing a cybersecurity talent shortage in this industry since the industry was born. As time elapsed, we started integrating more and more of our businesses and lives around the internet, ...
What Every CISO Needs to Know About Crisis Management Planning

By: Jasper Ossentjuk, 14 days ago

Blog Entry

Abstract: As world events have demonstrated these past couple of years, crisis management is a requisite for doing business in today’s world. CISOs have choices to make in the face of the next crisis ...
The Convergence of OT Security with IT Security

By: Rock Lambros, 26 days ago

Blog Entry

Abstract: Operational Technology (OT) and Information Technology (IT) have historically been managed by separate teams. But with cyberattacks targeting IoT devices and OT systems in recent years and ...

News

Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

8/9/2022 3:25:36 AM

Over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data by simultaneously...
Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore

8/9/2022 3:07:03 AM

A sophisticated scam-as-a-service operation dubbed Classiscam has now infiltrated into Singapore, more than 1.5 years after expanding to Europe. "Scammers posing as legitimate buyers approach sellers...
New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

8/8/2022 9:55:44 AM

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure....
The Benefits of Building a Mature and Diverse Blue Team

8/8/2022 9:43:02 AM

A few days ago, a friend and I were having a rather engaging conversation that sparked my excitement. We were discussing my prospects of becoming a red teamer as a natural career progression. The reason...
Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

8/8/2022 9:03:07 AM

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first...
Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

8/8/2022 2:11:53 AM

Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted...
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

8/7/2022 12:29:52 AM

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source...
Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government

8/7/2022 12:16:30 AM

A threat actor working to further Iranian goals is said to have been behind a set of damaging cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the...
Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

8/7/2022 12:15:19 AM

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in...
Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

8/6/2022 4:44:06 AM

Slack said it took the step of resetting passwords for about 0.5% of its users after a flaw exposed salted password hashes when creating or revoking shared invitation links for workspaces. "When a user...

Class Action Targets Experian Over Account Security

8/5/2022 9:54:35 PM

A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal...
Scammers Sent Uber to Take Elderly Lady to the Bank

8/4/2022 11:41:09 AM

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the...
No SOCKS, No Shoes, No Malware Proxy Services!

8/2/2022 3:31:35 PM

With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly...
911 Proxy Service Implodes After Disclosing Breach

7/29/2022 3:34:45 PM

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that...
Breach Exposes Users of Microleaves Proxy Service

7/28/2022 2:52:28 PM

Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, exposed their entire user database and the location of tens of millions...
A Retrospective on the 2015 Ashley Madison Breach

7/26/2022 9:04:51 PM

It's been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison...
Massive Losses Define Epidemic of ‘Pig Butchering’

7/21/2022 12:35:28 PM

U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering...
A Deep Dive Into the Residential Proxy Service ‘911’

7/18/2022 12:11:12 PM

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route malicious traffic through PCs in virtually...
Why 8kun Went Offline During the January 6 Hearings

7/15/2022 3:43:05 PM

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former...
Microsoft Patch Tuesday, July 2022 Edition

7/12/2022 9:02:49 PM

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft...

10 Malicious Code Packages Slither into PyPI Registry

8/8/2022 3:00:00 PM

The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.
Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

8/8/2022 11:28:59 AM

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.
HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

8/8/2022 10:27:43 AM

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.
We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

8/8/2022 10:20:00 AM

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.
What Adjustable Dumbbells Can Teach Us About Risk Management

8/8/2022 10:07:37 AM

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.
Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives

8/8/2022 10:00:00 AM

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
What Worries Security Teams About the Cloud?

8/5/2022 2:25:25 PM

What issues are cybersecurity professionals concerned about in 2022? You tell us!
Genesis IAB Market Brings Polish to the Dark Web

8/5/2022 1:12:31 PM

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy...
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

8/5/2022 12:38:36 PM

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.
Stolen Data Gives Attackers Advantage Against Text-Based 2FA

8/5/2022 12:25:40 PM

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

7 best reasons to be a CISO

8/9/2022 5:00:00 AM

The job of the CISO can be tough with its share of challenges, difficulties and complications. A CISO’s trials and tribulations include responsibility for protecting a business’s most valuable asset...
How OKRs keep security programs on track

8/9/2022 5:00:00 AM

When Michael Gregg joined the State of North Dakota as a security leader, he brought with him a concept he liked to use for keeping his security program on track: identifying objectives and key results...
Ransomware, email compromise are top security threats, but deepfakes increase

8/8/2022 1:05:00 PM

While ransomware and business email compromise (BEC) are leading causes of security incidents...
BrandPost: Transforming Digital Healthcare Through Video Vital Sign Analysis

8/8/2022 9:22:00 AM

Global events over the past few years have disrupted how healthcare professionals approach the measurement and monitoring of a patient’s vital signs. New regulations around sanitation and the use...
SBOM formats SPDX and CycloneDX compared

8/8/2022 5:00:00 AM

Software bills of materials (SBOMs) are becoming a critical component of vulnerability management...
AWS, Google Cloud, and Azure: How their security features compare

8/8/2022 5:00:00 AM

CISOs trying to determine which of the three major cloud service providers (CSPs) offers the best security need to break that question down into two parts: Which one does the best job securing its...
Top cybersecurity M&A deals for 2022

8/5/2022 5:00:00 AM

The number of cybersecurity mergers and acquisitions deals in 2021 set a record pace. The first three quarters of the year saw 151 transactions in the industry, according to 451 Research. That’s...
Palo Alto debuts Unit 42 team for managed detection and response

8/4/2022 5:35:00 PM

Palo Alto Networks this week announced the immediate availability of Unit 42 Managed Detection and Response (MDR
Microsoft boosts threat intelligence with new Defender programs

8/4/2022 11:39:00 AM

Drawing from last year's acquisition of RiskIQ, Microsoft is adding two new threat-intelligence applications to its Defender product family, and separately offering new detection and response capabilities...
The Secret Service’s missing text messages: Lessons for IT security

8/4/2022 10:43:00 AM

The U.S. Secret Service (USSS) has been under intense political fire since mid-July when the Department of Homeland Security (DHS) Inspector General's office told Congress that the text messages...

Phishers Swim Around 2FA in Coinbase Account Heists

8/8/2022 11:26:17 AM

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they can steal their credentials and eventually their funds.
Open Redirect Flaw Snags Amex, Snapchat User Data

8/5/2022 9:17:09 AM

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
VMWare Urges Users to Patch Critical Authentication Bypass Bug

8/3/2022 11:23:16 AM

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
Universities Put Email Users at Cyber Risk

8/2/2022 7:02:12 PM

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
Securing Your Move to the Hybrid Cloud

8/1/2022 9:29:56 AM

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.
Malicious Npm Packages Tapped Again to Target Discord Users

7/29/2022 11:07:58 AM

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

7/28/2022 1:24:17 PM

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.
Messaging Apps Tapped as Platform for Cybercriminal Activity

7/27/2022 12:57:23 PM

Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.
Novel Malware Hijacks Facebook Business Accounts

7/26/2022 2:15:41 PM

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

7/26/2022 9:05:16 AM

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

“CIA Officers Turned Authors” – with David McCloskey & James Stejskal

8/9/2022 7:00:00 AM

David McCloskey and James Stejskal join Andrew to discuss writing about espionage. They are both former intelligence officers.
Addressing the Critical Cybersecurity Talent Shortage

8/9/2022 3:05:00 AM

M. K. Palmore, Director, Office of the CISO, for Google Cloud, and diversity & inclusion advocate, joins Ann on this week's episode of Afternoon Cyber Tea to discuss the cyber talent shortage, including...
Anti-cheat software (noun)

8/9/2022 1:50:00 AM

Software designed to prevent cheating in video games.
Cybersecurity is a team sport.

8/9/2022 1:00:00 AM

In order to run a successful SOC, security leaders rely on tools with different strengths to create layers of defense. This has led to a highly siloed industry with over 2,000 vendors, each with their...
Cyber Mindfulness

8/9/2022 12:00:00 AM

You've probably been hearing the term 'mindfulness' a lot these days. And for good reason. We humans seem to be busier and more stressed out than ever before, and mindfulness practices seem to offer positive...
Automated neighborhood watch. Twitter exploit may have compromised personal data associated with more than 5 million accounts. Proposed scr...

8/8/2022 4:30:06 PM

Automated neighborhood watch. Twitter exploit may have compromised personal data associated with more than 5 million accounts. Proposed scrutiny of an acquisition on grounds of privacy.
Wipers, tak; grid takedown, nyet. Twitter 0-day exploited before patching. NHS 111 recovering from cyberattack. Notes on the C2C underworld.

8/8/2022 4:15:00 PM

Shifting cyber threats during Russia's war against Ukraine. A Twitter exploit may have compromised more than 5 million accounts. A Cyberattack disrupts NHS 111. Developments in the C2C market. An alleged...
Two senior Greek officials resign over Predator spyware scandal. Rip-and-replace may be easier said than done. Update on cyber provisions of...

8/8/2022 3:45:00 PM

Two senior Greek officials resign over Predator spyware scandal. Rip-and-replace may be easier said than done. Update on cyber provisions of the US NDAA
Automated neighborhood watch. Twitter exploit may have compromised personal data associated with more than 5 million accounts. Proposed scr...

8/8/2022 3:30:00 PM

Automated neighborhood watch. Twitter exploit may have compromised personal data associated with more than 5 million accounts. Proposed scrutiny of an acquisition on grounds of privacy.
Twitter account data stolen. NHS 111 hit by cyberattack. Notes on the C2C market. Update on the hybrid war against Ukraine.

8/8/2022 12:22:47 PM

Twitter exploit may have compromised more than 5 million accounts. Cyberattack disrupts NHS 111. Developments in the C2C market. Alleged Russian cryptocurrency exchange operator extradited to the US....

Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

8/9/2022 3:25:36 AM

Over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data by simultaneously...
Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore

8/9/2022 3:07:03 AM

A sophisticated scam-as-a-service operation dubbed Classiscam has now infiltrated into Singapore, more than 1.5 years after expanding to Europe. "Scammers posing as legitimate buyers approach sellers...
New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

8/8/2022 9:55:44 AM

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure....
The Benefits of Building a Mature and Diverse Blue Team

8/8/2022 9:43:02 AM

A few days ago, a friend and I were having a rather engaging conversation that sparked my excitement. We were discussing my prospects of becoming a red teamer as a natural career progression. The reason...
Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

8/8/2022 9:03:07 AM

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first...
Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

8/8/2022 2:11:53 AM

Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted...
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

8/7/2022 12:29:52 AM

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source...
Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government

8/7/2022 12:16:30 AM

A threat actor working to further Iranian goals is said to have been behind a set of damaging cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the...
Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

8/7/2022 12:15:19 AM

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in...
Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

8/6/2022 4:44:06 AM

Slack said it took the step of resetting passwords for about 0.5% of its users after a flaw exposed salted password hashes when creating or revoking shared invitation links for workspaces. "When a user...

Class Action Targets Experian Over Account Security

8/5/2022 9:54:35 PM

A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal...
Scammers Sent Uber to Take Elderly Lady to the Bank

8/4/2022 11:41:09 AM

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the...
No SOCKS, No Shoes, No Malware Proxy Services!

8/2/2022 3:31:35 PM

With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly...
911 Proxy Service Implodes After Disclosing Breach

7/29/2022 3:34:45 PM

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that...
Breach Exposes Users of Microleaves Proxy Service

7/28/2022 2:52:28 PM

Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, exposed their entire user database and the location of tens of millions...
A Retrospective on the 2015 Ashley Madison Breach

7/26/2022 9:04:51 PM

It's been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison...
Massive Losses Define Epidemic of ‘Pig Butchering’

7/21/2022 12:35:28 PM

U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering...
A Deep Dive Into the Residential Proxy Service ‘911’

7/18/2022 12:11:12 PM

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route malicious traffic through PCs in virtually...
Why 8kun Went Offline During the January 6 Hearings

7/15/2022 3:43:05 PM

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun[.]top and TheDonald[.]win in helping to organize and galvanize supporters who responded to former...
Microsoft Patch Tuesday, July 2022 Edition

7/12/2022 9:02:49 PM

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft...

10 Malicious Code Packages Slither into PyPI Registry

8/8/2022 3:00:00 PM

The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks.
Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War

8/8/2022 11:28:59 AM

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.
HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments

8/8/2022 10:27:43 AM

HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems.
We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

8/8/2022 10:20:00 AM

Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.
What Adjustable Dumbbells Can Teach Us About Risk Management

8/8/2022 10:07:37 AM

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.
Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives

8/8/2022 10:00:00 AM

A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
What Worries Security Teams About the Cloud?

8/5/2022 2:25:25 PM

What issues are cybersecurity professionals concerned about in 2022? You tell us!
Genesis IAB Market Brings Polish to the Dark Web

8/5/2022 1:12:31 PM

As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy...
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

8/5/2022 12:38:36 PM

For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.
Stolen Data Gives Attackers Advantage Against Text-Based 2FA

8/5/2022 12:25:40 PM

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

Home

Information security is a team effort. Count us in.

Alex Kreilein

Microsoft

Tammy Moskites

CyAlliance

Mark Weatherford

AlertEnterprise

Rock Lambros

RockCyber

Roger Hale

Agora

Russell Eubanks

Security Ever After

Jasper Ossentjuk

NielsenIQ

William Pugh

AWS

Frank Kim

SANS

Megan McCann

McCann Partners

Brian Johnson

Armorblox

Brian Contos

Phosphorus Security

Laz

Blue Lava

Deborah Blyth

Crowdstrike

Elizabeth Volini

JLL

Hamish Archer

IBM

Julie Cullivan

FireEye

Eward Driehuius

3Eyes Security

Membership Benefits

Private collaboration portal allowing members to gather, share, support, and mentor 365-days a year

Access to a support system of battle-tested business and security executives

Expert guidance on security program management

Relevant content and resources created with, by, and for members

Private meetups and best practice working groups led by member facilitators

Strategic mentor matchmaking

Criteria to Join

CISOs (or equivalent responsibility)

Cybersecurity stakeholders including CIO, CRO, CTO, CPO

High potential cybersecurity leaders and aspiring CISOs

vCISOs, Consulting CISO, Business owners, Security Experts and Industry Influencers

Blue Lava customers

***No sales or marketing executives***

Latest Discussions

Featured resources

Crucial Conversations w/ Rock Lambros - Securing IT and OT

Crucial Conversations w/ Jasper Ossentjuk - What Every CISO Needs to Know About Crisis Management

Crucial Conversations w/ Alex Kreilein - Product Security Best Practices

Events

Blogs

News

Information security is a team effort.
Count us in.

Alex
Kreilein

Tammy
Moskites

Mark
Weatherford

No sales or marketing executives