We keep calling them leaders…
But a lot of them are just managing.
A manager tells you what to do.
A leader helps you grow.
New article: Not Every Manager Is a Leader (And That’s the Problem)
J
jimguckin@infosec.exchange
@jimguckin@infosec.exchange
Posts
-
We keep calling them leaders… -
From the security team’s perspective:“The system is isolated” is more of a suggestion than a fact.From the security team’s perspective:
“The system is isolated” is more of a suggestion than a fact. -
Information Security things that sound fake but aren’t:“Evil Twin.”Information Security things that sound fake but aren’t:
“Evil Twin.”Not a soap opera plot.
Just a rogue WiFi access point impersonating a legitimate network. -
Information Security terms that sound fake but aren’t:“Pass-the-Hash.”Information Security terms that sound fake but aren’t:
“Pass-the-Hash.”No, it’s not a weird crypto game.
It’s a way attackers move laterally without knowing your password.#CyberSecurity #IdentitySecurity #ThreatIntel #SecurityTermsThatSoundFake
-
Every organization has a “Mike.”Every organization has a “Mike.”
The one who knows how everything works.
That’s not a strength. That’s a risk.
New article: When Security Architecture Depends on Tribal Knowledge
#CyberSecurity #SecurityArchitecture #InfoSec #SecurityLeadership
-
#Pennsylvania got new license plates, and I’ve seen 3 NCC plates, and thought I was surrounded by #trekkies representing their favorite ships…only to google a few and realize it’s just NCCs turn in rotation.#Pennsylvania got new license plates, and I’ve seen 3 NCC plates, and thought I was surrounded by #trekkies representing their favorite ships…only to google a few and realize it’s just NCCs turn in rotation.
-
Information Security terms that sound fake but aren’t:“Golden Ticket attack.”Information Security terms that sound fake but aren’t:
“Golden Ticket attack.”Unfortunately it does not grant access to a chocolate factory.
It does grant access to your entire Active Directory.#CyberSecurity #ActiveDirectory #ThreatIntel #SecurityTermsThatSoundFake
-
Finished #StarfleetAcademy and a tiny canon thing irrationally annoyed me.Finished #StarfleetAcademy and a tiny canon thing irrationally annoyed me. They call Reno “Commander” while she’s in command of the ship, Caleb says “Captain,” she corrects him. But #DS9 established whoever commands the ship is called Captain. Just me?
-
CISA added Ivanti, SolarWinds, and Workspace ONE vulnerabilities to the KEV list after confirmed exploitation in the wild.CISA added Ivanti, SolarWinds, and Workspace ONE vulnerabilities to the KEV list after confirmed exploitation in the wild.
When a vuln hits KEV, attackers are already using it.
Time to patch immediately!
CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies until Thursday to patch CVE-2025-26399 — a critical vulnerability impacting the popular SolarWinds Web Help Desk.
(therecord.media)
-
Things I’ve heard that made me uncomfortable:“That server has been running so long no one knows what it does.”#LegacySystems #ITLife #ThingsIHeardThings I’ve heard that made me uncomfortable:
“That server has been running so long no one knows what it does.”
#LegacySystems #ITLife #ThingsIHeard -
APT28 (Fancy Bear) is exploiting a Windows zero-day (CVE-2026-21513) using malicious LNK files.APT28 (Fancy Bear) is exploiting a Windows zero-day (CVE-2026-21513) using malicious LNK files.
Zero-day + phishing = still one of the most reliable attack paths.
All it takes is one wrong click to ruin your day!
