Kathryn Renaud
@krenaud1.bsky.social
Cybersecurity analyst with a curiosity for AI and philosophy.
Building safer systems by day, exploring human systems by night.
💻 Security | 🌱 AI Hobbyist | 🧠 UPE Tech Chair | 👾 Gamer | 💬 Chronic Overthinker
Building safer systems by day, exploring human systems by night.
💻 Security | 🌱 AI Hobbyist | 🧠 UPE Tech Chair | 👾 Gamer | 💬 Chronic Overthinker
An important reminder that MFA only works if you use it as intended! Never share your codes from your Authenticator with anyone!! #ITMemes #meme #cybersecurity #MFA
November 22, 2025 at 11:36 PM
An important reminder that MFA only works if you use it as intended! Never share your codes from your Authenticator with anyone!! #ITMemes #meme #cybersecurity #MFA
The Salesforce Gainsight breach shows how attackers don’t need to hack the main system when a smaller app has the keys. Third-party risk is the real threat now.
#cybersecurity #infosec #salesforce #gainsight #saas #cloudsecurity #databreach #supplychain #risk #securitynews
#cybersecurity #infosec #salesforce #gainsight #saas #cloudsecurity #databreach #supplychain #risk #securitynews
Your Trusted Apps Just Became Your Biggest Security Risk: Inside the Salesforce-Gainsight Breach
Picture this: You've locked your front door, installed security cameras, and hired a guard. But the cleaning service you trust has made copies of their keys and is selling them to anyone willing to pa...
www.linkedin.com
November 22, 2025 at 3:57 PM
The Salesforce Gainsight breach shows how attackers don’t need to hack the main system when a smaller app has the keys. Third-party risk is the real threat now.
#cybersecurity #infosec #salesforce #gainsight #saas #cloudsecurity #databreach #supplychain #risk #securitynews
#cybersecurity #infosec #salesforce #gainsight #saas #cloudsecurity #databreach #supplychain #risk #securitynews
WhatsApp’s “leak” is just phone numbers and basic account info. It might make phishing more targeted but not more believable. The risks are negligible at best, so I’m not writing an article about something that won’t actually matter. #cybersecurity #infosec #whatsapp #refusetoengage
November 20, 2025 at 4:02 PM
WhatsApp’s “leak” is just phone numbers and basic account info. It might make phishing more targeted but not more believable. The risks are negligible at best, so I’m not writing an article about something that won’t actually matter. #cybersecurity #infosec #whatsapp #refusetoengage
Mass phishing hit #KSU yesterday and… y’all should be embarrassed. No real department is sending you to a #GoogleForm, and no student email is deactivating your account. Please use #commonsense and stay sharp out there.
November 20, 2025 at 3:07 PM
Mass phishing hit #KSU yesterday and… y’all should be embarrassed. No real department is sending you to a #GoogleForm, and no student email is deactivating your account. Please use #commonsense and stay sharp out there.
A single oversized config file broke half the internet yesterday. I’m only 26 but it feels clear we handed too much critical infrastructure to companies not built for public stability. Wrote a quick call out on it explaining my theories. #Tech #Cybersecurity #CloudOutage #Infra #BigTech
Reclaiming the Internet: Why Core Infrastructure Must Return to Public Hands
Yesterday morning, millions of people couldn't check Twitter, use ChatGPT, or even order McDonald's through the app. The culprit? Cloudflare, a company most people have never heard of, had a configura...
www.linkedin.com
November 19, 2025 at 7:19 PM
A single oversized config file broke half the internet yesterday. I’m only 26 but it feels clear we handed too much critical infrastructure to companies not built for public stability. Wrote a quick call out on it explaining my theories. #Tech #Cybersecurity #CloudOutage #Infra #BigTech
Hear ye hear ye my ears are cursed. The inner-ear relics torment my spirit and the great over-ear helms now crush mine ear like a peasant under a horse. I seek a noise-banishing artifact that brings no pain. Speak thy wisdom. #ADHD #AudioQuest #Headphones #TechHelp #Autism
November 19, 2025 at 5:19 PM
Hear ye hear ye my ears are cursed. The inner-ear relics torment my spirit and the great over-ear helms now crush mine ear like a peasant under a horse. I seek a noise-banishing artifact that brings no pain. Speak thy wisdom. #ADHD #AudioQuest #Headphones #TechHelp #Autism
The Cloudflare outage shows how fragile the internet really is 🌐⚠️. When one major provider stumbles, everything built on top of it goes down too. We need more diversity in cloud/CDN options or these failures will keep hitting everyone
#Cloudflare #AWS #Outage #Cybersecurity #DevOps #CloudSecurity
#Cloudflare #AWS #Outage #Cybersecurity #DevOps #CloudSecurity
When Infrastructure Giants Stumble: Cloudflare's Latest Disruption Reveals Internet Fragility
Introduction Picture this: you're sipping morning coffee, ready to check X, maybe prompt ChatGPT for some creative inspiration, when suddenly nothing loads. Welcome to November 18, 2025, where Cloudfl...
www.linkedin.com
November 18, 2025 at 3:02 PM
The Cloudflare outage shows how fragile the internet really is 🌐⚠️. When one major provider stumbles, everything built on top of it goes down too. We need more diversity in cloud/CDN options or these failures will keep hitting everyone
#Cloudflare #AWS #Outage #Cybersecurity #DevOps #CloudSecurity
#Cloudflare #AWS #Outage #Cybersecurity #DevOps #CloudSecurity
Just wrapped my presentation on how AIoT is changing cybersecurity. When devices can think for themselves, attackers start targeting the logic behind their decisions. Real incidents show the risks are real and growing. 🔐🤖
#AIoT #CyberSecurity #AIsafety #TechThreats #IoT #AI
#AIoT #CyberSecurity #AIsafety #TechThreats #IoT #AI
When Smart Devices Outsmart Themselves: Cybersecurity Risks in AIoT
YouTube video by Kathryn Renaud
youtu.be
November 18, 2025 at 2:06 PM
Just wrapped my presentation on how AIoT is changing cybersecurity. When devices can think for themselves, attackers start targeting the logic behind their decisions. Real incidents show the risks are real and growing. 🔐🤖
#AIoT #CyberSecurity #AIsafety #TechThreats #IoT #AI
#AIoT #CyberSecurity #AIsafety #TechThreats #IoT #AI
Huge thank you to everyone who came out to the GitHub 101 Workshop today, in person and online! Loved seeing new faces dive into docs and repos. Big shoutout to Constant for co-hosting with me. More workshops coming soon! 🚀💻 #GitHub #UPE #Coding #DevTools #TechSkills #KSU #OpenSource
docs.google.com
November 18, 2025 at 1:51 PM
Huge thank you to everyone who came out to the GitHub 101 Workshop today, in person and online! Loved seeing new faces dive into docs and repos. Big shoutout to Constant for co-hosting with me. More workshops coming soon! 🚀💻 #GitHub #UPE #Coding #DevTools #TechSkills #KSU #OpenSource
⚠️ An AI just ran a full cyber attack on its own. No human hacker needed. This changes everything for businesses, MSPs, and anyone still defending at human speed. I explain what happened and what must change. Read the full piece below!
#CyberSecurity #AI #InfoSec #ThreatIntel #AIAttacks #ZeroTrust
#CyberSecurity #AI #InfoSec #ThreatIntel #AIAttacks #ZeroTrust
The First AI-Ran Cyber Attack: Your Next Breach Might Not Be Human
According to Anthropic's September 2025 disclosure, a state-sponsored campaign successfully automated 80-90% of an intrusion using their agentic AI tool, Claude Code. This isn't a story about AI helpi...
www.linkedin.com
November 16, 2025 at 2:49 PM
⚠️ An AI just ran a full cyber attack on its own. No human hacker needed. This changes everything for businesses, MSPs, and anyone still defending at human speed. I explain what happened and what must change. Read the full piece below!
#CyberSecurity #AI #InfoSec #ThreatIntel #AIAttacks #ZeroTrust
#CyberSecurity #AI #InfoSec #ThreatIntel #AIAttacks #ZeroTrust
Akira ransomware is evolving fast, and the latest FBI and CISA findings show how deeply it affects everyday people, not just tech teams. My new article breaks down what you need to know and why awareness matters. Article attached. #CyberSecurity #Ransomware #Akira
AKIRA RANSOMWARE: What Everyone Needs to Know
Picture this: It's 3 AM, and the IT director of your local hospital gets a frantic call. Every computer screen in the building displays the same message: "Your files have been encrypted.
www.linkedin.com
November 15, 2025 at 3:05 PM
Akira ransomware is evolving fast, and the latest FBI and CISA findings show how deeply it affects everyday people, not just tech teams. My new article breaks down what you need to know and why awareness matters. Article attached. #CyberSecurity #Ransomware #Akira
A new article is up: The Gentlemen: Inside the Ransomware Group Redefining Cybercrime. A closer look at how this crew blends branding, precision, and advanced evasion into a new model of ransomware.
#CyberSecurity #Ransomware #ThreatIntel #Infosec #CyberCrime #IR #DFIR #Malware #BlueTeam
#CyberSecurity #Ransomware #ThreatIntel #Infosec #CyberCrime #IR #DFIR #Malware #BlueTeam
The Gentlemen - Inside the Ransomware Group Redefining Cybercrime
The New Face of Digital Extortion In mid-2025, a ransomware group called The Gentlemen emerged with a level of sophistication that made cybersecurity professionals take notice. Unlike the chaotic "spr...
www.linkedin.com
November 13, 2025 at 2:40 PM
A new article is up: The Gentlemen: Inside the Ransomware Group Redefining Cybercrime. A closer look at how this crew blends branding, precision, and advanced evasion into a new model of ransomware.
#CyberSecurity #Ransomware #ThreatIntel #Infosec #CyberCrime #IR #DFIR #Malware #BlueTeam
#CyberSecurity #Ransomware #ThreatIntel #Infosec #CyberCrime #IR #DFIR #Malware #BlueTeam
Hearing early, unconfirmed reports of a possible ransomware incident affecting a major behavior health provider. No public statement has been made yet, but I am monitoring for confirmation. Will be writing on this attack as soon as I have details available. #Cybersecurity #Healthcare #Ransomware
November 10, 2025 at 4:49 PM
Hearing early, unconfirmed reports of a possible ransomware incident affecting a major behavior health provider. No public statement has been made yet, but I am monitoring for confirmation. Will be writing on this attack as soon as I have details available. #Cybersecurity #Healthcare #Ransomware
Tech Diplomacy starts with empathy. As security pros, we must meet clients where they are, not where we wish they were. SMBs are facing breaches at staggering rates—we must ask better questions and stay accessible to protect those who need it most. #Cybersecurity #SMB #InfoSec #Empathy #Security
November 8, 2025 at 5:05 PM
Tech Diplomacy starts with empathy. As security pros, we must meet clients where they are, not where we wish they were. SMBs are facing breaches at staggering rates—we must ask better questions and stay accessible to protect those who need it most. #Cybersecurity #SMB #InfoSec #Empathy #Security
My latest article just went live — When Third-Party Risk Hits Home: The Allianz Breach. A look at how one phone call exposed thousands of records and why trust in vendors isn’t enough.
Read it here 👇
#Cybersecurity #Infosec #Risk #SupplyChain
Read it here 👇
#Cybersecurity #Infosec #Risk #SupplyChain
When Third-Party Risk Hits Home: The Allianz Breach
On a quiet Tuesday morning in July 2025, Allianz Life Insurance Company of North America discovered that it had been breached. But this wasn't the kind of attack their security teams had spent years p...
www.linkedin.com
November 7, 2025 at 5:33 PM
My latest article just went live — When Third-Party Risk Hits Home: The Allianz Breach. A look at how one phone call exposed thousands of records and why trust in vendors isn’t enough.
Read it here 👇
#Cybersecurity #Infosec #Risk #SupplyChain
Read it here 👇
#Cybersecurity #Infosec #Risk #SupplyChain
How feasible is iris-based MFA using a phone’s camera + AI? Instead of “something you have,” it becomes “something you are.” Curious what security folks think. #cybersecurity #MFA #biometrics
November 5, 2025 at 5:08 PM
How feasible is iris-based MFA using a phone’s camera + AI? Instead of “something you have,” it becomes “something you are.” Curious what security folks think. #cybersecurity #MFA #biometrics
Gatekeeping is not knowledge management. New staff are not unskilled, they just lack the hidden context others keep in their heads. Instead of “you should know this,” give them tools and clear notes so they can succeed. We rise by sharing knowledge.
#TechLife #SupportEachOther #Documentation #IT
#TechLife #SupportEachOther #Documentation #IT
November 1, 2025 at 5:09 PM
Gatekeeping is not knowledge management. New staff are not unskilled, they just lack the hidden context others keep in their heads. Instead of “you should know this,” give them tools and clear notes so they can succeed. We rise by sharing knowledge.
#TechLife #SupportEachOther #Documentation #IT
#TechLife #SupportEachOther #Documentation #IT
In my anti-hero era for #Halloween and I can’t wait to start working on some new content/articles. I hope everyone has a good day and enjoys the rest of the spooky season! #keepitspooky #lovehalloween
October 31, 2025 at 8:02 PM
In my anti-hero era for #Halloween and I can’t wait to start working on some new content/articles. I hope everyone has a good day and enjoys the rest of the spooky season! #keepitspooky #lovehalloween
Happy Halloween to the cybersecurity and technology experts of the world! I hope the day for everyone has been spectacular! #happyhalloween #gocybersecurity #gotechnology
October 31, 2025 at 7:59 PM
Happy Halloween to the cybersecurity and technology experts of the world! I hope the day for everyone has been spectacular! #happyhalloween #gocybersecurity #gotechnology
This is my theory: Auth abuse (like the F5 + Salesloft cases) triggered rushed identity hardening across the industry. Entra’s recent issues may be the growing pains. Tho if the security fixes break everything like this, can we really trust them?
#CyberSecurity #IAM #OAuth #ZeroTrust #Microsoft
#CyberSecurity #IAM #OAuth #ZeroTrust #Microsoft
October 29, 2025 at 5:27 PM
This is my theory: Auth abuse (like the F5 + Salesloft cases) triggered rushed identity hardening across the industry. Entra’s recent issues may be the growing pains. Tho if the security fixes break everything like this, can we really trust them?
#CyberSecurity #IAM #OAuth #ZeroTrust #Microsoft
#CyberSecurity #IAM #OAuth #ZeroTrust #Microsoft
Vendor OAuth is the hidden backdoor most orgs ignore. Salesloft-Drift proves incident response without systemic change fails. Monitoring + token discipline must become standard.
#CyberSecurity #APIsecurity #OAuth #SupplyChainRisk #Infosec #CISO #ZeroTrust
#CyberSecurity #APIsecurity #OAuth #SupplyChainRisk #Infosec #CISO #ZeroTrust
Two Months After Salesloft-Drift: What We Know Now and What's Still Broken
Two months ago, attackers compromised one vendor and accessed 700+ Salesforce instances. By October 28, 2025, the crisis response is complete.
www.linkedin.com
October 29, 2025 at 5:20 PM
Vendor OAuth is the hidden backdoor most orgs ignore. Salesloft-Drift proves incident response without systemic change fails. Monitoring + token discipline must become standard.
#CyberSecurity #APIsecurity #OAuth #SupplyChainRisk #Infosec #CISO #ZeroTrust
#CyberSecurity #APIsecurity #OAuth #SupplyChainRisk #Infosec #CISO #ZeroTrust
Cybersecurity isn’t failing from lack of tech — it’s failing from lack of maturity. My latest piece explores how MSPs could evolve from service delivery to capability building and reshape resilience itself.
#Cybersecurity #MSP #RiskManagement #Innovation #Resilience #SecurityMaturity #InfoSec
#Cybersecurity #MSP #RiskManagement #Innovation #Resilience #SecurityMaturity #InfoSec
The Maturity Divide: How Forward-Thinking MSPs Could Evolve
Cybersecurity isn't failing because of technology. It's failing because of organizational immaturity and because many leaders still view protection as an IT expense rather than a business foundation.
www.linkedin.com
October 26, 2025 at 10:05 PM
Cybersecurity isn’t failing from lack of tech — it’s failing from lack of maturity. My latest piece explores how MSPs could evolve from service delivery to capability building and reshape resilience itself.
#Cybersecurity #MSP #RiskManagement #Innovation #Resilience #SecurityMaturity #InfoSec
#Cybersecurity #MSP #RiskManagement #Innovation #Resilience #SecurityMaturity #InfoSec
When the guard falls, the ripple spreads. My latest piece dives into the F5 breach—how it happened, what it means for global supply chains, and how IRF Theory could’ve changed the outcome.
Read here 👉 www.linkedin.com/pulse/when-g...
#CyberSecurity #F5 #IRFTheory #DataBreach #Resilience
Read here 👉 www.linkedin.com/pulse/when-g...
#CyberSecurity #F5 #IRFTheory #DataBreach #Resilience
When the Guard is Breached: The F5 Incident and Lessons for the Supply Chain
Executive Overview On October 15, 2025, F5 disclosed a cybersecurity breach that compromised portions of its internal systems, including source code and vulnerability data related to its flagship BIG-...
www.linkedin.com
October 21, 2025 at 4:06 PM
When the guard falls, the ripple spreads. My latest piece dives into the F5 breach—how it happened, what it means for global supply chains, and how IRF Theory could’ve changed the outcome.
Read here 👉 www.linkedin.com/pulse/when-g...
#CyberSecurity #F5 #IRFTheory #DataBreach #Resilience
Read here 👉 www.linkedin.com/pulse/when-g...
#CyberSecurity #F5 #IRFTheory #DataBreach #Resilience