Tag

Zero Trust Architecture

Zero trust architecture posts dive into the technical frameworks and infrastructure designs that support zero trust implementations. Topics include identity-aware proxies, software-defined perimeters, network access control, policy engines, and integration with cloud and hybrid environments.

posts

Cloud Security Best Practices

Cloud Security Best Practices That Actually Stop Breaches

A Single Misconfigured S3 Bucket Exposed 3 Billion Records In 2021, a researcher discovered that a misconfigured cloud storage bucket belonging to data analytics firm Cognyte had exposed more than five billion records. Capital One's infamous 2019 breach — a misconfigured web application firewall in AWS — cost them over

Carl B. Johnson Apr 22, 2025 7 min read
Cloud Storage Security Risks

Cloud Storage Security Risks: What's Actually Exposing You

The Misconfigured Bucket That Exposed 540 Million Records In 2019, researchers at UpGuard discovered that Facebook user data — over 540 million records — sat exposed on misconfigured Amazon S3 buckets maintained by third-party app developers. Nobody hacked anything. Nobody exploited a zero-day. The data was simply left open to the public

Carl B. Johnson Apr 22, 2025 8 min read
BYOD Security Risks

BYOD Security Risks: What's Really on Your Network

The Personal Phone That Took Down a Hospital Network In 2023, a nurse at a regional hospital plugged her personal phone into a workstation USB port to charge it. That phone carried malware picked up from a third-party app store. Within 72 hours, ransomware had encrypted patient records across three

Carl B. Johnson Apr 22, 2025 7 min read
Security for System

Security for System Hardening: A Practical Guide

In February 2024, a misconfigured system at Change Healthcare led to one of the most devastating ransomware attacks in U.S. healthcare history. The ALPHV/BlackCat group exploited a Citrix remote access portal that lacked multi-factor authentication — a basic security for system control that should have been in place years

Carl B. Johnson Jul 10, 2024 7 min read
Cloud Computing Security

Cloud Computing Security: 7 Mistakes That Cause Breaches

In January 2024, Microsoft disclosed that a Russian threat actor group known as Midnight Blizzard had breached its corporate email systems — not through some exotic zero-day exploit, but through a password spray attack on a legacy test account that lacked multi-factor authentication. If Microsoft, a company that literally sells cloud

Carl B. Johnson May 13, 2024 7 min read
Zero Trust

What Is Zero Trust? A Practical Guide for 2024

In January 2023, T-Mobile disclosed that a threat actor had been siphoning data from 37 million customer accounts since November 2022 — through a single exploited API. The attacker moved laterally for weeks without triggering alarms. If you've ever wondered what is zero trust and why the entire industry

Carl B. Johnson Dec 09, 2023 7 min read
Zero Trust Network Access

Zero Trust Network Access: A Practical Guide for 2024

The VPN Is Dead. The Breach That Proved It. In May 2023, a threat actor used stolen VPN credentials to breach a major U.S. government contractor, moving laterally across the network for weeks before detection. The attacker didn't exploit some exotic zero-day. They logged in with a

Carl B. Johnson Dec 09, 2023 7 min read
Zero Trust Implementation

Zero Trust Implementation: A Practical Guide for 2024

The Breach That Proved Perimeter Security Is Dead In January 2023, T-Mobile disclosed that a threat actor had been siphoning data from 37 million customer accounts since late November 2022 — by exploiting a single API. The attacker was already inside the network, moving laterally, harvesting names, emails, phone numbers, and

Carl B. Johnson Dec 07, 2023 8 min read
Cloud Security Best Practices

Cloud Security Best Practices That Actually Stop Breaches

A Single Misconfigured S3 Bucket Exposed 3 Billion Records In early 2023, independent security researchers discovered yet another wave of publicly exposed Amazon S3 buckets leaking sensitive customer data — healthcare records, financial documents, personally identifiable information. None of these organizations were hacked in the traditional sense. They simply got their

Carl B. Johnson Nov 03, 2023 7 min read