Recent searches

No recent searches

Search options

Not available on lingo.lol.
lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Administered by:

Server stats:

54
active users

lingo.lol: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.3

#ciso

1 post1 participant0 posts today
Marco Ciappelli🎙️✨:verified: :donor:

🎶 “You don’t have to go home, but you cannot stay here.”

— Closing Time, Semisonic

🎯 How to Lose a CISO in 10 Words (or Less) | Straight Talk, Not Spin: Black Hat’s Hard Truths | On Location Coverage with Sean Martin, CISSP and Marco Ciappelli

#BlackHat USA 2025 has officially wrapped.

The lights are dimmed. The expo floor is empty.

But Sean and I are still here — standing in front of the iconic Black Hat sign, recording one last session while the hum of the week fades behind us.

This isn’t just a recap. It’s a reflection.

After countless conversations with #CISOs, vendors, and industry leaders, one message stood out:

👉 They’re done with buzzwords.

👉 They’re craving clarity.

👉 They want real solutions — not spin.

In this final podcast (which is also the first we publish so stay tune for all of them next week,) we break down what we heard, what we felt, and what it all means for vendors, marketers, and the #cybersecurity industry at large. We also look ahead to what’s next — including our new Transatlantic Broadcast series ( Rob Black ) and future stops around the world.

The booths are gone. The buzz has quieted. But the stories?

We’re just getting started.

📺 Watch the recap: lnkd.in/edk8bnV4

🎧 Listen to the podcast: lnkd.in/eVnHjbA6

Follow all of our #BHUSA25 coverage: lnkd.in/eBFkvZqB

🙏 Our FULL COVERAGE Sponsors

ThreatLocker → itspm.ag/threatlocker-r974

BLACKCLOAK → itspm.ag/itspbcweb

Akamai Technologies → itspm.ag/akamailbwc

Dropzone AI → itspm.ag/dropzoneai-641

Stellar Cyber → itspm.ag/stellar-9dj3

🔗 More Resources

ITSPmagazine Studio → itspmagazine.studio/

ITSPmagazine Europe → itspmagazine.com/europe

All Event Coverage → itspmagazine.com/technology-an

🔥 BH2025 Trends Webinar → crowdcast.io/c/whats-heating-u

📣 Brand Story Briefings → itspm.ag/evtcovbrf

🎤 Book Us for Your Event → itspmagazine.com/contact-us

#BlackHatUSA2025 #Cybersecurity #CISO #EventCoverage #infosec #infosecurity #tech #technology #cybersecuritymarketing #ITSPmagazine #blackhat ITSPmagazine

lnkd.inLinkedInThis link will take you to a page that’s not on LinkedIn
Marco Ciappelli🎙️✨:verified: :donor:

🎉 Official Welcome: BLACKCLOAK Joins ITSPmagazine’s BlackHat USA 2025 Coverage

We are pleased to welcome BlackCloak as a Full Sponsor of our On Location Coverage at #BlackHat USA 2025 in Las Vegas.

Hey Chris Pierson, let's see if we can get creative and top this shot!🤘✨
Looking forward to see you and have another great chat!

#BlackCloak is a pioneer in Digital Executive Protection, delivering #cybersecurity and privacy solutions tailored for high-net-worth individuals, corporate executives, and their families. As #cybercriminals increasingly target the personal lives of business leaders to gain access to enterprise networks, BlackCloak provides a critical layer of defense — extending security beyond the office and into the home.

With a blend of cutting-edge technology and white-glove service, BlackCloak protects against threats like personal data leaks, home network intrusions, device compromise, and digital surveillance.

Check out #BlackCloack's Website here: itspm.ag/itspbcweb

📌 Visit BlackCloak’s page on ITSPmagazine to learn more about their mission and presence in our Black Hat coverage:
👉 itspmagazine.com/directory/bla

📰 Explore our full Black Hat USA 2025 coverage here:
👉 itspmagazine.com/bhusa25

Since 2015, Black Hat has been a cornerstone event for ITSPmagazine, and we’re proud to continue spotlighting the companies and people shaping the future of cybersecurity. Our 2025 program includes exclusive on-site interviews, sponsored briefings, and editorial features designed to share timely insights with our global audience.

📣 There is still time to join this year’s coverage:
✔️ 2 Full Sponsorship Opportunities Remaining
✔️ A VERY Limited Number of On Location Briefings Available

🔗 Learn more and reserve your spot:
• Sponsorships: itspmagazine.com/event-coverag
• Briefings: itspmagazine.com/event-coverag

We thank the team at BlackCloak for supporting our 2025 Black Hat USA coverage — we look forward to sharing their story from the floor in Las Vegas.

Marco Ciappelli & Sean Martin, CISSP

#BlackHatUSA2025#ExecutiveProtection#Privacy
LMG Security

No Click. No Warning. Just a Data Leak.

Think your AI assistant is secure? Think again. The new EchoLeak exploit shows how Microsoft 365 Copilot, and tools like it, can silently expose your sensitive data without a single user interaction. No clicks. No downloads. Just a well-crafted email.

In this eye-opening blog, we break down how EchoLeak works, why prompt injection is a growing AI threat, and the 5 actions you need to take right now to protect your organization.

Read now: lmgsecurity.com/no-click-night

LMG SecurityNo-Click Nightmare: How EchoLeak Redefines AI Data Security Threats | LMG SecurityIs your AI assistant leaking data? New EchoLeak attack exploits Copilot with zero clicks. We share the details and tips to boost your AI data security.
#AIDataSecurity#Cyberaware#Cyber
LMG Security

Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.

748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.

Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your network

Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.

Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.

Need help testing your network for exploitable print devices? Contact us and our pentest team can help!

Read the Dark Reading article for more details on the Brother Printers vulnerability: darkreading.com/endpoint-secur

#CyberSecurity#PenetrationTesting#Pentest
LMG Security

Non-Human Identities: The Hidden Risk in Your Stack

Non-human identities (NHIs)—like API keys, service accounts, and OAuth tokens—now outnumber human accounts in many enterprises. But are you managing them securely? With 46% of organizations reporting compromises of NHI credentials just this year, it’s clear: these powerful, often-overlooked accounts are the next cybersecurity frontier.

Read The Hacker News article for more details: thehackernews.com/2025/06/the-

#IdentitySecurity#CyberRisk#APIsecurity
LMG Security

The FBI has issued an alert about cybercriminals hijacking outdated routers to power massive proxy-for-hire networks—masking malware, fraud, and credential theft right under your nose.

Watch the full Cyberside Chats episode to hear @sherridavidoff and @MDurrin 's insights on:

🔹 The FBI’s May 2025 alert
🔹 TheMoon malware and the Faceless proxy service
🔹 What these botnets mean for your enterprise
🔹 What you need to do now to stay protected

🎥 Watch the video: youtu.be/x_40BlvWsHk
🎧 Listen to the podcast: chatcyberside.com/e/outdated-r

#Cybersecurity#RouterSecurity#ThreatIntel
Marco Ciappelli🎙️✨:verified: :donor:

🎙️ When AI writes code, builds models, and simulates threats… who checks the checker?

In this last On Location Conversation from #RSAC2025, Alex Kreilein and John Sapp Jr. join Sean Martin, CISSP to explore what trust actually means in the age of AI-generated security tooling — and how modern #AppSec teams must rethink validation, #resiliency, and #risk.

This episode cuts deep into:

Why “trust the output” is not enough in AI-driven workflows
How #AI security debt is becoming the new tech debt
Why we need #zerotrust thinking applied to models and agents
The real shift: from patching CVEs to building resilient architecture
The role of traceability, governance, and context-driven decision-making

If you’re serious about secure AI, application security, and shifting AppSec left (the right way), this conversation will challenge what you think you know — and help reframe what secure development actually looks like.

🎥 Watch the full video:
👉 youtu.be/kJdQz9LmT6s

🎧 Listen to the audio podcast:
👉 eventcoveragepodcast.com/episo

✨ Thank you to our Full Coverage Sponsors:
ThreatLocker 👉 itspm.ag/threatlocker-r974
Akamai Technologies 👉 itspm.ag/akamailbwc
BLACKCLOAK 👉 itspm.ag/itspbcweb
SandboxAQ 👉 itspm.ag/sandboxaq-j2en
Archer Integrated Risk Management 👉 itspm.ag/rsaarchweb
ISACA 👉 itspm.ag/isaca-96808
Object First 👉 itspm.ag/object-first-2gjl
Edera 👉 itspm.ag/edera-434868

🎙️ Explore more RSAC 2025 coverage:
👉 itspmagazine.com/rsa-conferenc

🎧 Catch all of our event conversations:
👉 itspmagazine.com/technology-an

🎤 Want to tell your Brand Story Briefing as part of our coverage?
👉 itspm.ag/evtcovbrf

📆 Want Sean Martin, CISSP and Marco Ciappelli to cover your event or moderate your panel?
👉 itspmagazine.com/contact-us

YouTubeWhy We Can’t Completely Trust the Intern (Even If It’s AI) | RSAC | Alex Kreilein & John Sapp Jr.By ITSPmagazine
#cybersecurity#AIsecurity#infosec
Marco Ciappelli🎙️✨:verified: :donor:

Two editorials from #RSAC today + then 2 written recaps, one by Sean Martin, CISSP and one by Marco Ciappelli and we will call the #RSAC adventure off!
Or will we ... 😬?!

🎙️ How do cybersecurity leaders balance innovation, real business needs, and practical risk management in today’s evolving landscape?

In this On Location Conversation from #RSAC2025, Phillip Miller, MA, CISSP, joins Sean Martin, CISSP to offer a candid and grounded perspective on what’s working — and what’s missing — inside today’s enterprise security strategies.

Miller shares lessons from stepping away from a traditional #CISO seat to work hands-on with startups, and why closing the door on emerging technology vendors might cost organizations more than they realize.

He dives into:
Shifting buying conversations to empower security teams
Looking beyond legacy providers to marketplace ecosystems
Leading with business risks before chasing technology solutions
Building better teams and third-party risk management programs

Catch the full conversation to hear why peer discussions at events like RSAC aren’t just valuable — they’re critical to keeping security leadership connected to real innovation.

🎥 Watch the full video:
👉 youtu.be/8Y6gNHHpvyI

🎧 Listen to the audio podcast:
👉 eventcoveragepodcast.com/episo

✨ Thank you to our Full Coverage Sponsors:
ThreatLocker 👉 itspm.ag/threatlocker-r974
Akamai Technologies 👉 itspm.ag/akamailbwc
BLACKCLOAK 👉 itspm.ag/itspbcweb
SandboxAQ 👉 itspm.ag/sandboxaq-j2en
Archer Integrated Risk Management 👉 itspm.ag/rsaarchweb
ISACA 👉 itspm.ag/isaca-96808
Object First 👉 itspm.ag/object-first-2gjl
Edera 👉 itspm.ag/edera-434868

🛰️ Resources:
Learn more and catch more stories from RSA Conference 2025:
👉 itspmagazine.com/rsa-conferenc

Catch all of our event coverage:
👉 itspmagazine.com/technology-an

Want to tell your Brand Story Briefing as part of our event coverage?
👉 itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference?
👉 itspmagazine.com/contact-us

YouTubeThe Hidden Cost of Closing the Door on Innovation | An RSAC 2025 Conversation with Phillip MillerBy ITSPmagazine
#seanmartin#phillipmiller#cybersecurity
Marco Ciappelli🎙️✨:verified: :donor:

It was amazing to reconnect with our dear friend Tim Brown, and catch up before RSA Conference. Of course we are ABSOLUTELY looking forward to see him in person on the floor at #RSAC2025! 🙂

Enjoy this great conversation and stay tuned for more!

The CISO role isn’t broken—it’s misunderstood. Tim Brown, CISO at #SolarWinds, joins Sean Martin, CISSP and Marco Ciappelli for a new Chats on the Road to #RSAC podcast episode to explain why the job still matters, and what future #leaders need to know.

From closed-door forums to open conversations on mental health and #incidentresponse, Tim shares what it really takes to lead today—and why we shouldn’t let fear drive talent away from the #CISO role.

Watch or listen to this important discussion ahead of RSA Conference 2025 to hear how Tim is shifting the conversation from blame to preparation, from stress to structure, and from crisis to clarity.

Watch the Teaser Videos:

youtu.be/7LvDFaprfV0

youtu.be/7yl4PRQOfsU

Watch the Full Episode: youtu.be/NRA8u7n2rOA

Listen to the Podcast:

eventcoveragepodcast.com/episo

Catch more stories from RSAC Conference 2025: itspmagazine.com/rsac25

A big thank you to ITSPmagazine's RSAC Conference Full Coverage Sponsors

ThreatLocker: itspm.ag/threatlocker-r974

Akamai Technologies: itspm.ag/akamailbwc

BLACKCLOAK: itspm.ag/itspbcweb

SandboxAQ: itspm.ag/sandboxaq-j2en

Archer Integrated Risk Management: itspm.ag/rsaarchweb

Dropzone AI: itspm.ag/dropzoneai-641

ISACA: itspm.ag/isaca-96808

Object First: itspm.ag/object-first-2gjl

Edera: itspm.ag/edera-434868

Everyone’s talking about stress, liability, and burnout—but who’s actually doing something about it?

YouTubeTeaser: Why the CSO Role is a Great OpportunityBy ITSPmagazine
#cybersecurity#cisoleadership#mentalhealth
*
sͧb̴ͫƸ̴gͬᵉ

I think #Microsoft have given themselves enough rope with #Recall. For Reasons, running anything like it would be flat out, no discussion, illegal in my org. As #CISO I’m sensitive to such things… :)

Sure we run a MSFT shop, and sure they theoretically have access to all that data anyhow - can’t [viably yet] process ciphertext, they see all the cleartext at some point.

The rope part is that argument. If MSFT argues that they see all data *anyway* so why not Recall, they burst our collective hallucination that various #GDPR agreements are actually worth a damn [Narrator: They’re not].

And then, my #infosec friends, I get to eject Microsoft - and coincidentally all other #US #cloud services as well as collateral damage - and finally build a full scale Linux/FOSS environment.

It’ll be more fun than I can #recall!

TrendingLive feeds
About