We're back after three weeks off! Seems the world didn't right itself while we were away. SUNUVA...! (or BUGGER for Chris) 2020's gone. YAY ! 2021's here. YAY! ...maybe? The calendar flipped, but the script didn't. 2020 was a f*cked up year for sure. Like seriously f*cked up! There was no shortage of breaches, sh*tty security stuff, panic, fear, loathing, division, etc., etc., etc. The new year brings hope, right? Hope for a fresh start. When the calendar flipped to 2021, there was a collective sigh of relief. Yes, 2020 is behind us! There's hope! We can see light at the end of the tunnel! Hope is GOOD! Then reality hits (again). The sh*t from 2020 didn't go away. It's like 2020s sh*t is still in the toilet bowl and the f*cking toilet is clogged. Will 2021 be a year we find the plunger or a year we eat a sh*tload of bad Mexican food while we ignore the clog? We don't want 2021s sh*t to pile on top of 2020s sh*t, do we?! We've stumbled out of th
Another day, another breach in the news, what's new? well..., this time the victim is one of the worlds leading information/cybersecurity providers. The company has come forward to say that their offensive red team tools have been stolen, and most likely by a foreign nation. What do we do when the very companies we trust to help protect our nation, become the target of military grade warfare? According to the company, this was not a run of the mill cyber attack, this was a highly sophisticated and targeted attack by a nation state. This is not the first time a security company has been the target of a goverment sponsered attack, nor will it be the last. As an industry if the tools we produce to protect, can also harm what are the obligations to protect them? and how liable are we if they get stolen and used for naferious purposes? Knowing that our industry will continue to be a target of highly shopoistcated goverment attacks, what obligation if any, does the goverment have to h