Jeff Jancula

Identity and Access Management (IAM) is a key guardrail for secure access. This guide explains core IAM components, how they protect resources, and why they are foundational to Zero Trust security strategies. Read the breakdown: http://oal.lu/I9q5t #IAM #ZeroTrust #Security

3

"The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day security flaws in various web applications to deploy cryptocurrency miners. "Although Mimo's primary motivation remains financial, through cryptocurrency mining and bandwidth monetization, the sophistication of their recent operations suggests potential preparation for more lucrative criminal activities," Datadog Security Labs said in a report published this week. Mimo's exploitation of CVE-2025-32432, a critical security flaw in Craft CMS, for cryptojacking and proxyjacking was documented by Sekoia in May 2025." https://lnkd.in/d-j33inX

1

Lock down your Tiger Data services, without the overhead of a VPC. Here’s a quick walkthrough of using IP Allow Lists to control access to just trusted networks.

14

Most organizations treat incident response (IR) as a checklist. But attackers don’t follow checklists. That’s where threat modeling comes in—giving IR teams the ability to: 🔍 Spot attack paths before adversaries use them 📊 Simulate attacker behavior across the kill chain ⚡ Prioritize high-impact risks 🛡️ Build defenses that adapt as threats evolve 👉 Read more from OWASP’s Threat Modeling resources: https://lnkd.in/gFBEcsy9 📌 If you like our posts, follow Certified Threat Modeling Professional (CTMP). We regularly create & share tips/resources & content on DevSecOps, Container Security, Threat Modeling, Cloud Native, & more. #ThreatModeling #IncidentResponse #CyberSecurityStrategy #ProactiveDefense #TripwireInsights

14

1 Comment

Using rapid threat models in tabletop exercises can help you better understand how to adapt your defenses to the dynamic threat environment. Here's why you should use them - and how to get started.

1

Lots of text in the AWS post-mortem: https://lnkd.in/e-xRFw6b (edited for brevity) * already disabled the DynamoDB DNS Planner and the DNS Enactor automation worldwide * we will fix the race condition scenario and add additional protections to prevent the application of incorrect DNS plans. * For NLB, we are adding a velocity control mechanism to limit the capacity a single NLB can remove when health check failures cause AZ failover. * For EC2, we are building an additional test suite * We will improve the throttling mechanism in our EC2 data propagation systems to rate limit * we will look for additional ways to avoid impact from a similar event in the future, and how to further reduce time to recovery.

1

SIEM Without Compromise ☝ A Practical Guide for Security Leaders Done Making Tradeoffs ☝ What You’ll Learn in This Ebook: ➡️ The 3 biggest friction points legacy SIEMs create—and how to eliminate them ➡️ Why flexible ingest and real-time correlation are becoming table stakes ➡️ How to modernize detection without drowning in false positives ➡️ The role of explainable AI in accelerating investigations (without the guesswork) ➡️ What a truly scalable, hybrid-friendly SIEM platform should look like Whether you’re planning your next migration or reassessing your current toolset, this guide gives you a clear roadmap to SIEM that works with you not against you. Download our new report here: https://lnkd.in/dM-u3Mz4 #security #SIEM #logmanagement #cybersecurity #graylog

17