Faisal Yahya

The Human Factor: Cybersecurity’s Weakest Link Technology evolves, but social engineering remains one of the biggest threats. According to Verizon’s 2024 report, 68% of breaches involve human interaction—often unintentional. With deepfakes and AI-driven attacks becoming more convincing, traditional defenses aren’t enough. Security awareness must evolve alongside technology. Training, vigilance, and a strong security culture are key to minimizing human risk. How is your organization addressing this challenge? #CyberSecurity #SocialEngineering #HumanRisk

Cybersecurity metrics are essential for CISOs, guiding informed decisions and evaluating our security posture. They offer a comprehensive view of our landscape, helping us gauge incident response efficiency, compliance, and threat detection effectiveness. faisalyahya.com/cybersecurity-…

Check out my latest article: Scattered Spider: A Formidable Cyber Threat linkedin.com/pulse/scattere… via @LinkedIn

The CREST Registered Penetration Tester (CRT) exam, a global benchmark recognized by governments and regulators, launches its latest version on November 14, 2023. Mandated by the UK's National Cyber Security Centre (NCSC) as the minimum standard, this exam sets a new precedent for CHECK Pen Testers.

🌐 From 31 to 48 nations, the Biden-led cybersecurity summit addresses the $US8.7T ransomware drain on the global economy. Key strategy? An AI-powered "blacklist" for digital wallets, aimed to safeguard crucial services from cyber disruptions. Stand united against ransomware!

🚨 Citrix Bleed Update 🚨: Critical flaw in NetScaler under mass attack. Over 5K servers at risk! Patched on Oct 10, but session tokens still vulnerable. Ransomware gangs on the prowl, multiple sectors affected globally. #CitrixBleed

⏳ LockBit threatens Boeing with a Nov. 2 data leak deadline. Boeing: "We are assessing." 🧐 Dyer predicts challenges; Dikbiyik notes LockBit's new target trend. Callow questions LockBit's history; Alvieri suggests big ransom. No leaks yet. 🔐

By 2025, nearly half of cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors, according to Gartner, Inc.

@SecurityTrybe No iCopy-XS? This is my collection btw.

10 Smallest Hacker Gadgets + Their Use ⬇️

@mikemillercyber CISO all the way! 🚀 Because while the others are masters at specific domains, a CISO offers a 360° view of cyber landscape. It’s like learning chess from a grandmaster. They see the entire board, the strategies, the pitfalls, and the endgame! 🌐🔒

Dear Cyber Security Wannabe, if you could spend a whole week being mentored, who would it be with? 1. PenTester 2. SOC Analyst 3. GRC Specialist 4. Security Engineer 5. CISO 6. Other Tell me why. #cybersecurity #infosec #informationsecurity #leadershipbyexample

@JonMorleyITSM Certainly, diversifying the cybersecurity workforce is vital. Diverse teams excel in innovation. Women bring unique perspectives to security. We must broaden perceptions and roles within cybersecurity and promote inclusive efforts. 👍👍

@faisaly I think we need to attract more diversity - especially women in cyber security. The women in IT movement has gotten a lot of traction in the last decade or so, but security is still stereotypically a geek bloke’s world. There’s more than just ethical hacking involved.

Cybersecurity roles aren't just for tech elites. With 700k open positions, we must redefine who fits in cybersecurity. Awareness needs to go beyond basic cyber hygiene. By 2025, talent shortage could cause major breaches. Solutions?

Hacking group LockBit claims to have stolen sensitive data from aerospace leader Boeing Co. and threatens to release it by Nov. 2 unless contacted. Boeing is currently assessing the claim. The company's vast portfolio includes defense contracts with the U.S. government.

Chile's Grupo GTD faced a cyberattack on Oct 23, disrupting their IaaS and multiple services, including VoIP and internet access. GTD stresses the importance of clear communication during such incidents and confirms partial service impact.

English-speaking "Comm" members teamed up with the Eastern European group, ALPHV, linked to the MGM casinos hack. This new alliance combines advanced social engineering with professional ransomware services, posing a heightened cyber threat. #CyberSecurity #MGMHack 🌍🔒🎰

🚨 Chile's Grupo GTD faced a cyberattack disrupting its IaaS services. It's now confirmed to be a Rorschach ransomware assault, a variant identified earlier in a US corporation breach. While GTD works to resolve this, CSIRT offers guidelines to prevent further compromises.

Emerging AI technology is not just driving innovation, but also raising potential cybersecurity concerns. Tools such as WormGPT are being utilized by cybercriminals to generate highly convincing phishing and business email compromise (BEC) attacks. Maintain your vigilance, keep your systems updated, and always scrutinize the source of your emails. Protecting your data privacy in this rapidly changing digital age is paramount.

The Call to Counter Cybercrime: The year 2023 is witnessing an unprecedented surge in crypto-based crimes, with ransomware taking the lead. ... threads.net/t/CumggHLBcNq/…

The emerging ransomware 'Big Head' is masquerading as Microsoft Windows updates and Word installers in a deceptive campaign. It manipulates files for a cryptocurrency payoff and uses counterfeit software for distribution. Security professionals warn of this malware's multifaceted nature and potential for significant harm. Users are urged to be vigilant about their system updates. #CyberSecurity #MalwareAlert

In cybersecurity, understanding human behavior is crucial. Amid evolving workplace dynamics, we should view people as part of the solution, not the problem. Embrace the complexities of merging people and technology to mitigate risks. People are at the heart of cybersecurity. #CyberSecurity #HumanBehavior