Home - Blue Lava Community

Message Image

Skip main navigation (Press Enter).

Information security is a team effort.
Count us in.

Your safe haven environment to gather, share, support and mentor

Grow your skills and career as a member of the Blue Lava Community - Built with, by and for security leaders.

Our Community Members

Alex
Kreilein

Qualys

Tammy
Moskites

CyAlliance

Mark
Weatherford

AlertEnterprise

Rock Lambros

RockCyber

Roger Hale

Agora

Russell Eubanks

Security Ever After

Jasper Ossentjuk

NielsenIQ

William Pugh

AWS

Frank Kim

SANS

Megan McCann

McCann Partners

Brian Johnson

Armorblox

Brian Contos

Sevco

Laz

Blue Lava

Deborah Blyth

Crowdstrike

Elizabeth Volini

JLL

Hamish Archer

IBM

Julie Cullivan

FireEye

Eward Driehuis

3Eyes Security

Member Exclusive Resources

Built with, by, and for the Community

Community Project - 30/60/90 Plan For Success

Take full advantage of the detailed information in this guide built with, by and for members of the Blue Lava Community. You will appreciate the guidance, language and experiences shared from our project champions.

Community Project - CISO Board Presentation Template

This customizable slide deck was built with, by and for members of the Blue Lava Community who are looking to enhance their board presentations. Guided by a team of 6 experienced CISOs as well as dozens of other community champions.

On-Demand Recording: Cognitive Warfare - The Weaponization of the Mind

The human mind becomes the battlefield in cognitive warfare on the ground in the virtual world. The goal is to change not only what an audience thinks, but also how they think and act.

Membership Benefits

Private collaboration portal allowing members to gather, share, support, and mentor 365-days a year

01

Access to a support system of battle-tested business and security executives

02

Expert guidance on security program management

03

Relevant content and resources created with, by, and for members

04

Private meetups and best practice working groups led by member facilitators

05

Strategic mentor matchmaking

06

Join the community

Criteria to Join

The Blue Lava Community is built with, by and for CISOs and also welcomes those who aspire to lead security teams in the future.

There is no sales, marketing or business development representation in the community.

CISOs (or equivalent responsibility)

01

Cybersecurity stakeholders including CIO, CRO, CTO, CPO

02

High potential cybersecurity leaders and aspiring CISOs

03

vCISOs, Consulting CISO, Business owners, Security Experts and Industry Influencers

04

Blue Lava customers

05

No sales, marketing, or business development executives are eligible

06

Join the community

Latest Discussions

More

Leaderboard

Events

Thursday

12

October

San Diego Tech Leadership Summit (Co-Hosted by Members Todd Friedman and Billy Norwood)

Oct 12, 11:00 AM - 07:00 PM (PT)
Wednesday

6

December

Planet Cyber Sec San Diego (Featuring members Ira Winkler, Richard Greenberg, Alex Wood)

Dec 6, 09:00 AM - 05:00 PM (PT)

More

Blogs

The Power of Mentorship - Sharing Experiences and Fostering Growth

By: Fletus Poston, 07-20-2023 09:50 AM

Blog Entry

In our professional journeys, we often find ourselves grappling with challenges, seeking guidance, and striving for continuous growth. It is during these moments that the value of mentorship becomes truly ...
Any good Cyber books?

By: Elizabeth Volini, 05-18-2023 05:02 AM

Blog Entry

Hi All, I just read (Listened to) the book America the Vulnerable by Joel Brenner. It was a little out of date, but I found it to be insightful and entertaining. Has anyone else read this one? ...
How CISOs Can Recruit and Retain IT Security Teams While Also Fulfilling Their Own Careers

By: Megan McCann, 11-28-2022 10:08 AM

Blog Entry

The large ratio gap in the availability of IT security professionals to open positions existed long before COVID-19. And that gap has grown even bigger thanks to the great resignation that has continued ...

News

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

9/30/2023 12:14:00 AM

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws...
Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

9/29/2023 12:43:00 PM

Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware...
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm

9/29/2023 8:10:00 AM

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing...
Post-Quantum Cryptography: Finally Real in Consumer Apps?

9/29/2023 7:48:00 AM

Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it's keeping them...
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites

9/29/2023 5:13:00 AM

Malicious ads served inside Microsoft Bing's artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed...
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

9/29/2023 2:15:00 AM

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked...
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

9/28/2023 11:02:00 PM

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems...
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

9/28/2023 1:22:00 PM

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious...
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

9/28/2023 9:47:00 AM

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to...
The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

9/28/2023 7:13:00 AM

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware...

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

9/27/2023 7:48:37 AM

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity...
LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

9/22/2023 7:41:09 PM

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security...
Who’s Behind the 8Base Ransomware Website?

9/18/2023 10:12:53 PM

The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the crime...
FBI Hacker Dropped Stolen Airbus Data on 9/11

9/13/2023 8:22:05 PM

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information...
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

9/12/2023 6:36:01 PM

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited...
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

9/5/2023 8:21:07 PM

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then...
Why is .US Being Used to Phish So Many of Us?

9/1/2023 11:38:11 AM

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government...
U.S. Hacks QakBot, Quietly Removes Botnet Infections

8/29/2023 2:35:25 PM

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international...
Kroll Employee SIM-Swapped for Crypto Investor Data

8/25/2023 2:05:10 PM

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll...
Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

8/22/2023 1:45:28 PM

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic...

Securing AI: What You Should Know

9/29/2023 5:00:00 PM

Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework provides a model for what to do next.
How Can Your Security Team Help Developers Shift Left?

9/29/2023 3:40:00 PM

Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.
Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain

9/29/2023 2:43:00 PM

The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.
DHS: Physical Security a Concern in Johnson Controls Cyberattack

9/29/2023 2:41:00 PM

An internal memo cites DHS floor plans that could have been accessed in the breach.
Cybersecurity Gaps Plague US State Department, GAO Report Warns

9/29/2023 1:03:04 PM

The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.
Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software

9/29/2023 12:34:09 PM

In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS...
People Still Matter in Cybersecurity Management

9/29/2023 10:00:00 AM

Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.
Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files

9/29/2023 9:55:00 AM

Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.
QR Code 101: What the Threats Look Like

9/28/2023 9:00:00 PM

Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain

9/28/2023 6:30:00 PM

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

No Data Found

Student Loan Breach Exposes 2.5M Records

8/31/2022 8:57:48 AM

2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger

8/30/2022 12:00:43 PM

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

8/29/2022 10:56:19 AM

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise

8/26/2022 12:44:27 PM

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras

8/25/2022 2:47:15 PM

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version

8/24/2022 10:17:04 AM

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning

8/23/2022 9:19:58 AM

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers

8/22/2022 9:59:06 AM

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days

8/19/2022 11:25:56 AM

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year

8/18/2022 10:31:38 AM

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Downloading cracked software.

9/30/2023 1:00:00 AM

David Liebenberg from Cisco Talos joins to discussing Talos' discovery of cracked Microsoft Windows software being downloaded by enterprise users across the globe. Downloading and running this compromised...
Joint advisory warns of Beijing's "BlackTech" threat activity. New players in the C2C market. Unattributed APTs.

9/30/2023 12:15:00 AM

Joint advisory warns of Beijing's "BlackTech" threat activity. New players in the C2C market. Unattributed APTs. Threat actors appear to target war crimes investigations. More MOVEit-related data breaches...
Ron Reiter from Sentra is talking about internal and external factors that pose a threat for connected car drivers.

9/29/2023 5:15:00 PM

This interview from September 22nd, 2023 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down to talk with Ron Reiter from Sentra...
Malicious ads in a chatbot. A vulnerability gets some clarification. Cl0p switches from Tor to torrents. Influence operations as an adjunct ...

9/29/2023 4:15:00 PM

Malicious ads in a chatbot. Google provides clarification on a recent vulnerability. Cl0p switches from Tor to torrents. Influence operations as an adjunct to weapons of mass destruction. Our guest Jeffrey...
Chatbot serves malvertising. Open source library issue. Cl0p switches to torrents. Influence ops and WMD.

9/29/2023 11:41:59 AM

Malicious ads in a chatbot. A vulnerability gets some clarification. Cl0p switches from Tor to torrents. Influence operations as an adjunct to nuclear, biological, and chemical preparation and deterrence...
Malicious ads in a chatbot.

9/29/2023 11:08:59 AM

A chatbot is found to be serving malicious advertising.
Critical bug, actively exploited, gets some clarification.

9/29/2023 10:55:09 AM

Not a Chromium bug, but a library problem.
Ukraine at D+582: Reintegrating mercenaries.

9/29/2023 10:35:42 AM

Russia and Ukraine exchange drone strikes. Russia seeks to reintegrate once-and-future mercenaries into the line. Disinformation and weapons of mass destruction.
Buckworm APT’s specialized tools. Cyberattack against Johnson Controls. Oversight panel reports on Section 702. Cyber in election security, ...

9/28/2023 4:15:00 PM

The Budworm APT's bespoke tools. Johnson Controls sustains a cyberattack. The US Privacy and Civil Liberties Oversight Board reports on Section 702. The looming government shutdown and cyber risk. Cybersecurity...
Policy changes for cyber war. Regulatory developments in the US and UK. Election security and influence ops. Abuse of domestic infrastructur...

9/28/2023 4:00:00 PM

FCC chair announces plans to restore net neutrality. The UK adopts a hunt-forward approach to cyber war. The effect of the SEC’s new rules on CISOs. The UK and US reach a deal on data transfers. FTC official...

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

9/30/2023 12:14:00 AM

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws...
Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

9/29/2023 12:43:00 PM

Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware...
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm

9/29/2023 8:10:00 AM

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing...
Post-Quantum Cryptography: Finally Real in Consumer Apps?

9/29/2023 7:48:00 AM

Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it's keeping them...
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites

9/29/2023 5:13:00 AM

Malicious ads served inside Microsoft Bing's artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed...
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

9/29/2023 2:15:00 AM

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked...
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

9/28/2023 11:02:00 PM

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems...
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

9/28/2023 1:22:00 PM

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious...
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

9/28/2023 9:47:00 AM

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to...
The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

9/28/2023 7:13:00 AM

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware...

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

9/27/2023 7:48:37 AM

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity...
LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

9/22/2023 7:41:09 PM

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security...
Who’s Behind the 8Base Ransomware Website?

9/18/2023 10:12:53 PM

The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the crime...
FBI Hacker Dropped Stolen Airbus Data on 9/11

9/13/2023 8:22:05 PM

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information...
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

9/12/2023 6:36:01 PM

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited...
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

9/5/2023 8:21:07 PM

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then...
Why is .US Being Used to Phish So Many of Us?

9/1/2023 11:38:11 AM

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government...
U.S. Hacks QakBot, Quietly Removes Botnet Infections

8/29/2023 2:35:25 PM

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international...
Kroll Employee SIM-Swapped for Crypto Investor Data

8/25/2023 2:05:10 PM

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll...
Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

8/22/2023 1:45:28 PM

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic...

Securing AI: What You Should Know

9/29/2023 5:00:00 PM

Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework provides a model for what to do next.
How Can Your Security Team Help Developers Shift Left?

9/29/2023 3:40:00 PM

Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.
Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain

9/29/2023 2:43:00 PM

The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.
DHS: Physical Security a Concern in Johnson Controls Cyberattack

9/29/2023 2:41:00 PM

An internal memo cites DHS floor plans that could have been accessed in the breach.
Cybersecurity Gaps Plague US State Department, GAO Report Warns

9/29/2023 1:03:04 PM

The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.
Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software

9/29/2023 12:34:09 PM

In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS...
People Still Matter in Cybersecurity Management

9/29/2023 10:00:00 AM

Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.
Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files

9/29/2023 9:55:00 AM

Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.
QR Code 101: What the Threats Look Like

9/28/2023 9:00:00 PM

Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain

9/28/2023 6:30:00 PM

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Powered by Higher Logic