Brad Townsend
@bstownsend.bsky.social
Cybersecurity Engineer and Datacenter Operations. Blue Team.
Re-upped for another cycle. #microsoft #security
February 7, 2025 at 6:13 PM
Re-upped for another cycle. #microsoft #security
Reposted by Brad Townsend
DHS has terminated the memberships of everyone on its advisory committees.
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
January 21, 2025 at 8:43 PM
DHS has terminated the memberships of everyone on its advisory committees.
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.
That review is "dead," person familiar says.
www.documentcloud.org/documents/25...
Sat in on a second round of auditor assessment interviews today for evaluating our current practices against CSFv2 and it went really well.
Nice to see several years of work and incremental improvements/additions mesh into a more mature and capable cybersecurity footprint.
#CSF2.0 #NIST
Nice to see several years of work and incremental improvements/additions mesh into a more mature and capable cybersecurity footprint.
#CSF2.0 #NIST
January 18, 2025 at 1:44 AM
These scenarios can be difficult to navigate at the onset when trying to establish buy-in. Not having firm assurance that the reqs will persist can leave you behind the curve especially when they come with a heavy workload.
Biden drops a sweeping cybersecurity EO 📜⚙️
Gov contractors must now prove secure dev practices & disclose updates. Will the next admin keep it?
#CyberSecurity #DataPrivacy #DigitalTrust #Biden
www.cnbc.com/2025/01/16/b...
Gov contractors must now prove secure dev practices & disclose updates. Will the next admin keep it?
#CyberSecurity #DataPrivacy #DigitalTrust #Biden
www.cnbc.com/2025/01/16/b...
Biden administration launches cybersecurity executive order
With this executive order, the Biden White House is looking to boost digital security in the U.S. for the government and the private sector.
www.cnbc.com
January 17, 2025 at 3:43 AM
These scenarios can be difficult to navigate at the onset when trying to establish buy-in. Not having firm assurance that the reqs will persist can leave you behind the curve especially when they come with a heavy workload.
Reposted by Brad Townsend
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure, www.cisa.gov/resources-to...
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure | CISA
This Playbook assists grant-making agencies to incorporate cybersecurity into their grant programs, and to enable grant-recipients to build cyber resilience into their grant-funded infrastructure
www.cisa.gov
December 20, 2024 at 10:36 PM
Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure, www.cisa.gov/resources-to...
Reposted by Brad Townsend
Hackers breached BeyondTrust’s Remote Support SaaS instances, exploiting an API key to reset account passwords. Two critical vulnerabilities discovered; patches applied for cloud users. Investigations ongoing. 🔒💻
#CyberSecurity #DataBreach #BeyondTrust #PAM
www.bleepingcomputer.com/news/securit...
#CyberSecurity #DataBreach #BeyondTrust #PAM
www.bleepingcomputer.com/news/securit...
BeyondTrust says hackers breached Remote Support SaaS instances
Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances.
www.bleepingcomputer.com
December 19, 2024 at 5:29 PM
Hackers breached BeyondTrust’s Remote Support SaaS instances, exploiting an API key to reset account passwords. Two critical vulnerabilities discovered; patches applied for cloud users. Investigations ongoing. 🔒💻
#CyberSecurity #DataBreach #BeyondTrust #PAM
www.bleepingcomputer.com/news/securit...
#CyberSecurity #DataBreach #BeyondTrust #PAM
www.bleepingcomputer.com/news/securit...
Reposted by Brad Townsend
The Importance of Microsoft’s Secure Future Initiative rodtrent.substack.co...
#Security #MicrosoftSecurity #Cybersecurity #SFI #SecureFutureInitiative
#Security #MicrosoftSecurity #Cybersecurity #SFI #SecureFutureInitiative
December 6, 2024 at 2:16 PM
The Importance of Microsoft’s Secure Future Initiative rodtrent.substack.co...
#Security #MicrosoftSecurity #Cybersecurity #SFI #SecureFutureInitiative
#Security #MicrosoftSecurity #Cybersecurity #SFI #SecureFutureInitiative
Reposted by Brad Townsend
Six password takeaways from the updated NIST cybersecurity framework, www.bleepingcomputer.com/news/securit...
Six password takeaways from the updated NIST cybersecurity framework
Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create stro...
www.bleepingcomputer.com
December 4, 2024 at 5:00 PM
Six password takeaways from the updated NIST cybersecurity framework, www.bleepingcomputer.com/news/securit...
For users and providers of Veeam’s Service Provider Console,Veeam has released a critical update to patch two vulnerabilities with one of which a 9.9 severity for RCE. www.veeam.com/kb4679
December 3, 2024 at 7:56 PM
For users and providers of Veeam’s Service Provider Console,Veeam has released a critical update to patch two vulnerabilities with one of which a 9.9 severity for RCE. www.veeam.com/kb4679