Zero trust architecture posts dive into the technical frameworks and infrastructure designs that support zero trust implementations. Topics include identity-aware proxies, software-defined perimeters, network access control, policy engines, and integration with cloud and hybrid environments.
posts
The Industry That Loses More Per Breach Than Any Other In 2021, a single ransomware attack against CNA Financial reportedly led to a $40 million ransom payment — one of the largest ever disclosed. That incident wasn't an anomaly. It was a signal. Cybersecurity for financial services isn'
A Single Checkbox Left Unchecked Cost Capital One $80 Million In 2019, a former AWS employee exploited a misconfigured web application firewall to access over 100 million Capital One customer records. The breach led to an FTC investigation, an $80 million fine from the OCC, and a $190 million class-action
Capital One Lost 100 Million Records Because of One Misconfigured Firewall In 2019, a former cloud services employee exploited a misconfigured web application firewall to steal the personal data of over 100 million Capital One customers and applicants. The breach cost Capital One over $80 million in fines from the
In July 2020, Twitter disclosed that attackers had compromised 130 high-profile accounts — including Barack Obama, Elon Musk, and Apple — by socially engineering their way past internal employees. The attackers didn't breach a firewall. They didn't exploit a zero-day vulnerability. They simply convinced insiders to hand over
The SolarWinds Hack Just Proved Your Perimeter Is an Illusion As I write this in December 2020, we're watching the SolarWinds supply chain attack unfold in real time. Threat actors — likely nation-state sponsored — compromised a trusted software update to infiltrate the U.S. Treasury, the Department of Commerce,
When Twitter disclosed in July 2020 that attackers had hijacked 130 high-profile accounts — including Barack Obama, Elon Musk, and Apple — the root cause wasn't some exotic zero-day exploit. It was social engineering. Attackers manipulated employees, gained access to internal tools, and moved laterally through systems that trusted them
In January 2024, CISA issued Emergency Directive 24-01 after a nation-state threat actor compromised Microsoft's corporate email environment. Federal agencies scrambled to audit their own Microsoft tenants. The directive wasn't theoretical — it was an emergency response to a real breach affecting the backbone of government communications.
In 2023, a single compromised file transfer tool — MOVEit — cascaded into breaches affecting over 2,600 organizations and roughly 90 million individuals. The threat actor, the Cl0p ransomware group, didn't need to hack each victim directly. They exploited one vendor, and the dominoes fell. That's third
The Breach That Proved Perimeters Don't Work In 2020, the SolarWinds breach gave roughly 18,000 organizations a brutal lesson: once a threat actor gets past your perimeter, they can move laterally for months without detection. Government agencies, Fortune 500 companies, and critical infrastructure providers all had firewalls.
The Breach That Proved Perimeter Security Was Dead In early 2024, a threat actor gained access to Microsoft's corporate email system — including accounts belonging to senior leadership and cybersecurity staff. The attacker didn't exploit some exotic zero-day. They used a password spray attack against a legacy
