#CyberMonday This Week in Cybersecurity โ May 26
Big week for cyber news! Hereโs what caught my eye โ and what I think matters most ๐
1๏ธโฃ Windows Server 2025 dMSA Vulnerability
โ A new flaw lets attackers gain privilege and compromise any user in Active Directory.
โ If you run AD, review your delegated Managed Service Accounts. Patch as soon as updates drop!
2๏ธโฃ TikTok Malware via ClickFix
โ Hackers use TikTok videos to spread Vidar and StealC malware.
โ The โClickFixโ trick gets people to download malware fast.
โ Training users to spot these tricks is key. Social media is now a top threat vector.
3๏ธโฃ GitLab Duo AI Prompt Injection
โ Attackers can hijack AI responses and steal source code using hidden prompts.
โ AI-powered tools save time, but always check for new risks โ especially indirect prompt injection.
4๏ธโฃ Europol Strikes Ransomware Networks
โ 300 servers and โฌ3.5M seized, 650 domains neutralized, 20 arrest warrants issued.
โ Law enforcement is stepping up. Global teamwork works!
5๏ธโฃ SafeLine WAF โ Open Source Web App Firewall
โ New open-source WAF with zero-day detection and bot protection.
โ If you run web apps, try SafeLine for better defense.
๐ซข Recent Critical & High Severity CVEs
โ CVE-2025-4632 (Samsung MagicINFO 9 Server)
โ CVE-2025-27920 (Output Messenger)
โ CVE-2025-4428/4427 (Ivanti Endpoint Manager)
โ CVE-2023-38950 (ZKTeco BioTime)
See full CVE lists for the last 7 and 30 days if you want more detail โ https://www.cvedetails.com/
My take:
Cybersecurity is not slowing down. Every week brings new threats, new tools, and new wins for defenders.
Staying informed is part of defense.
Keeping teams trained and systems patched is how we win.
Want more?
Check the links for CVE details and threat feeds.
Letโs keep our networks safe โ together.๐
Whatโs the most important cyber risk you saw last week? ๐
#CyberSecurity #InfoSec #CloudSecurity #ThreatIntel
@securediary
Big week for cyber news! Hereโs what caught my eye โ and what I think matters most ๐
1๏ธโฃ Windows Server 2025 dMSA Vulnerability
โ A new flaw lets attackers gain privilege and compromise any user in Active Directory.
โ If you run AD, review your delegated Managed Service Accounts. Patch as soon as updates drop!
2๏ธโฃ TikTok Malware via ClickFix
โ Hackers use TikTok videos to spread Vidar and StealC malware.
โ The โClickFixโ trick gets people to download malware fast.
โ Training users to spot these tricks is key. Social media is now a top threat vector.
3๏ธโฃ GitLab Duo AI Prompt Injection
โ Attackers can hijack AI responses and steal source code using hidden prompts.
โ AI-powered tools save time, but always check for new risks โ especially indirect prompt injection.
4๏ธโฃ Europol Strikes Ransomware Networks
โ 300 servers and โฌ3.5M seized, 650 domains neutralized, 20 arrest warrants issued.
โ Law enforcement is stepping up. Global teamwork works!
5๏ธโฃ SafeLine WAF โ Open Source Web App Firewall
โ New open-source WAF with zero-day detection and bot protection.
โ If you run web apps, try SafeLine for better defense.
โ CVE-2025-4632 (Samsung MagicINFO 9 Server)
โ CVE-2025-27920 (Output Messenger)
โ CVE-2025-4428/4427 (Ivanti Endpoint Manager)
โ CVE-2023-38950 (ZKTeco BioTime)
See full CVE lists for the last 7 and 30 days if you want more detail โ https://www.cvedetails.com/
My take:
Cybersecurity is not slowing down. Every week brings new threats, new tools, and new wins for defenders.
Staying informed is part of defense.
Keeping teams trained and systems patched is how we win.
Want more?
Check the links for CVE details and threat feeds.
Letโs keep our networks safe โ together.
Whatโs the most important cyber risk you saw last week? ๐
#CyberSecurity #InfoSec #CloudSecurity #ThreatIntel
@securediary
Please open Telegram to view this post
VIEW IN TELEGRAM
๐10๐คฏ2
An insightful question about AI and LLM security ๐ค
๐ค: So, how could organizations defend themselves against AI injections? Or is it more about the developers of LLMs, not the users?
๐: Great question โ and itโs both, really ๐
โก๏ธ LLM providers (Devs) need to harden their models against prompt injection by improving context handling, sandboxing actions, and applying prompt input filters.
โก๏ธ But orgs using LLMs also have responsibilities:
โ Avoid blindly integrating AI into sensitive workflows (Do the security check first!)
โ Sanitize and validate user inputs before sending them to the model.
โ Log and audit AI activity โ treat it like any critical system.
I see both misconfigurations and poor input handling open the door to attackers. Donโt let your guard down.
#CyberSecurity #LLM #AI #DataProtection
@securediary
๐ค: So, how could organizations defend themselves against AI injections? Or is it more about the developers of LLMs, not the users?
๐: Great question โ and itโs both, really ๐
โก๏ธ LLM providers (Devs) need to harden their models against prompt injection by improving context handling, sandboxing actions, and applying prompt input filters.
โก๏ธ But orgs using LLMs also have responsibilities:
โ Avoid blindly integrating AI into sensitive workflows (Do the security check first!)
โ Sanitize and validate user inputs before sending them to the model.
โ Log and audit AI activity โ treat it like any critical system.
I see both misconfigurations and poor input handling open the door to attackers. Donโt let your guard down.
#CyberSecurity #LLM #AI #DataProtection
@securediary
๐7
My Path Into Cybersecurity Started With a Choice That Changed Everything.
I was top of my Computer Science class at Military Institute of Telecommunications and Information Technologies (MITIT) with multiple career paths ahead of me.
Then, I heard about a brand-new cybersecurity unit being formed in 2015.
Most classmates chose traditional tech roles. Military Intelligence looked prestigious. Telecommunications seemed stable.
But something about defending critical infrastructure from invisible enemies sparked something in me I didn't know existed.
๐๐๐ ๐๐ค๐ข๐๐ฃ๐ฉ ๐๐ซ๐๐ง๐ฎ๐ฉ๐๐๐ฃ๐ ๐พ๐ก๐๐๐ ๐๐
Picture this: 2015, Ukraine. Cyber warfare wasn't theoretical โ it was happening in real-time.
I walked into that newly formed cybersecurity unit as a fresh graduate with book knowledge.
I walked out every day knowing I was part of something bigger than code and algorithms.
We weren't just IT professionals. We were digital defenders.๐ก
๐ช๐ต๐ฎ๐ ๐ก๐ผ๐ฏ๐ผ๐ฑ๐ ๐ง๐ฒ๐น๐น๐ ๐ฌ๐ผ๐ ๐๐ฏ๐ผ๐๐ ๐ ๐ถ๐น๐ถ๐๐ฎ๐ฟ๐ ๐๐๐ฏ๐ฒ๐ฟ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐
Working in AFU's cybersecurity division taught me lessons no classroom ever could:
โ Stakes are real - When defending critical infrastructure, there's no "test environment."
โ Teamwork saves lives - Cyber defense isn't solo when national security is on the line.
โ Adaptability is survival - Threat actors don't follow textbooks.
โ Purpose fuels performance - Protecting your country changes how you approach problems.
๐ง๐ต๐ฒ ๐ง๐ฒ๐ฎ๐ฐ๐ต๐ฒ๐ฟ๐ ๐ช๐ต๐ผ ๐๐ต๐ฎ๐ป๐ด๐ฒ๐ฑ ๐ ๐ ๐ง๐ฟ๐ฎ๐ท๐ฒ๐ฐ๐๐ผ๐ฟ๐
My MITIT teacher who saw potential in cybersecurity before it was mainstream.
My AFU manager, who believed in developing talent, not just using it.
These people showed me what it means to serve something bigger than yourself.
๐๐ฟ๐ผ๐บ ๐ฆ๐ข๐ ๐๐ป๐ฎ๐น๐๐๐ ๐๐ผ ๐๐ถ๐๐ถ๐๐ถ๐ผ๐ป ๐๐ต๐ถ๐ฒ๐ณ
Starting in that unit in 2015, I never imagined I'd grow into SOC Division Chief.
Here's what I learned:
1. Technical skills get you in the door
2. Leadership skills keep critical systems protected
3. People skills turn individual defenders into unified teams
4. Strategic thinking transforms reactive responses into proactive defense
๐ง๐ต๐ฒ ๐ฅ๐ฒ๐ฎ๐น ๐ฆ๐ฒ๐ฐ๐ฟ๐ฒ๐ ๐๐ผ ๐๐๐ฏ๐ฒ๐ฟ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐ฆ๐๐ฐ๐ฐ๐ฒ๐๐
It's not about being the smartest person in the room. It's about caring deeply enough to never stop learning, defending, and improving.
๐ฌ๐ผ๐๐ฟ ๐ง๐๐ฟ๐ป
What moment made cybersecurity "click" for you?
Was it:
A personal experience?
A mentor who opened your eyes?
A realization about how much depends on digital security?
A desire to serve and protect?
Share your story below. Every journey is unique, but they all share one thing: the drive to protect what matters.
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#CyberSecurity #InfoSec #CyberWarfare
I was top of my Computer Science class at Military Institute of Telecommunications and Information Technologies (MITIT) with multiple career paths ahead of me.
Then, I heard about a brand-new cybersecurity unit being formed in 2015.
Most classmates chose traditional tech roles. Military Intelligence looked prestigious. Telecommunications seemed stable.
But something about defending critical infrastructure from invisible enemies sparked something in me I didn't know existed.
๐๐๐ ๐๐ค๐ข๐๐ฃ๐ฉ ๐๐ซ๐๐ง๐ฎ๐ฉ๐๐๐ฃ๐ ๐พ๐ก๐๐๐ ๐๐
Picture this: 2015, Ukraine. Cyber warfare wasn't theoretical โ it was happening in real-time.
I walked into that newly formed cybersecurity unit as a fresh graduate with book knowledge.
I walked out every day knowing I was part of something bigger than code and algorithms.
We weren't just IT professionals. We were digital defenders.๐ก
๐ช๐ต๐ฎ๐ ๐ก๐ผ๐ฏ๐ผ๐ฑ๐ ๐ง๐ฒ๐น๐น๐ ๐ฌ๐ผ๐ ๐๐ฏ๐ผ๐๐ ๐ ๐ถ๐น๐ถ๐๐ฎ๐ฟ๐ ๐๐๐ฏ๐ฒ๐ฟ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐
Working in AFU's cybersecurity division taught me lessons no classroom ever could:
โ Stakes are real - When defending critical infrastructure, there's no "test environment."
โ Teamwork saves lives - Cyber defense isn't solo when national security is on the line.
โ Adaptability is survival - Threat actors don't follow textbooks.
โ Purpose fuels performance - Protecting your country changes how you approach problems.
๐ง๐ต๐ฒ ๐ง๐ฒ๐ฎ๐ฐ๐ต๐ฒ๐ฟ๐ ๐ช๐ต๐ผ ๐๐ต๐ฎ๐ป๐ด๐ฒ๐ฑ ๐ ๐ ๐ง๐ฟ๐ฎ๐ท๐ฒ๐ฐ๐๐ผ๐ฟ๐
My MITIT teacher who saw potential in cybersecurity before it was mainstream.
My AFU manager, who believed in developing talent, not just using it.
These people showed me what it means to serve something bigger than yourself.
๐๐ฟ๐ผ๐บ ๐ฆ๐ข๐ ๐๐ป๐ฎ๐น๐๐๐ ๐๐ผ ๐๐ถ๐๐ถ๐๐ถ๐ผ๐ป ๐๐ต๐ถ๐ฒ๐ณ
Starting in that unit in 2015, I never imagined I'd grow into SOC Division Chief.
Here's what I learned:
1. Technical skills get you in the door
2. Leadership skills keep critical systems protected
3. People skills turn individual defenders into unified teams
4. Strategic thinking transforms reactive responses into proactive defense
๐ง๐ต๐ฒ ๐ฅ๐ฒ๐ฎ๐น ๐ฆ๐ฒ๐ฐ๐ฟ๐ฒ๐ ๐๐ผ ๐๐๐ฏ๐ฒ๐ฟ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐ฆ๐๐ฐ๐ฐ๐ฒ๐๐
It's not about being the smartest person in the room. It's about caring deeply enough to never stop learning, defending, and improving.
๐ฌ๐ผ๐๐ฟ ๐ง๐๐ฟ๐ป
What moment made cybersecurity "click" for you?
Was it:
A personal experience?
A mentor who opened your eyes?
A realization about how much depends on digital security?
A desire to serve and protect?
Share your story below. Every journey is unique, but they all share one thing: the drive to protect what matters.
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#CyberSecurity #InfoSec #CyberWarfare
๐14๐คฏ2
#CyberMonday 5 CVEs jumped 50%+ in exploitability in 7 days. Are you chasing the wrong threats?
Another week, another reminder that cybersecurity never sleeps. Hereโs what caught my eye.
๐ฅ Top News:
1๏ธโฃ Linux flaws in Ubuntu, RHEL, Fedora โ password hash theft via core dumps. Not flashy, but deadly if missed.
2๏ธโฃ U.S. DoJ took down 4 โcrypting serviceโ domains. Attackers keep innovating, law enforcement is catching up.
3๏ธโฃ EDDIESTEALER malware broke Chromeโs latest encryption. Even browser security is a moving target.
4๏ธโฃ China-linked APTs went after SQL Server, expanding attack vectors across Asia and Brazil.
5๏ธโฃ Microsoft OneDrive File Picker bug โ possible exposure of whole cloud storage, not just the file you pick.
ESSP score check: CVE-2024-9916 went from low risk to 80.49% exploitability โ up 79.40 points. Thatโs a warning to look at.
More at cvedetails.com
Hereโs what Iโve learned:
โ The โboringโ stuff โ core dump handlers, file pickers, config basics โ gets ignored until attackers show us why it matters.
โ 80% of cloud breaches start with simple misconfigurations, not zero-days. Remember Capital Oneโs $1.8M lesson?
โ Attackers target what we trust most: โinvisibleโ things that hold our systems together.
My take: Security leaders who audit the basics win the long game. Fancy tools matter, but discipline around the fundamentals saves millions.
Are you focusing on the right risks? Or is your team missing whatโs hiding in plain sight?
Stay secure out there.๐
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Cybersecurity #InfoSec #ThreatIntel
Another week, another reminder that cybersecurity never sleeps. Hereโs what caught my eye.
1๏ธโฃ Linux flaws in Ubuntu, RHEL, Fedora โ password hash theft via core dumps. Not flashy, but deadly if missed.
2๏ธโฃ U.S. DoJ took down 4 โcrypting serviceโ domains. Attackers keep innovating, law enforcement is catching up.
3๏ธโฃ EDDIESTEALER malware broke Chromeโs latest encryption. Even browser security is a moving target.
4๏ธโฃ China-linked APTs went after SQL Server, expanding attack vectors across Asia and Brazil.
5๏ธโฃ Microsoft OneDrive File Picker bug โ possible exposure of whole cloud storage, not just the file you pick.
ESSP score check: CVE-2024-9916 went from low risk to 80.49% exploitability โ up 79.40 points. Thatโs a warning to look at.
More at cvedetails.com
Hereโs what Iโve learned:
โ The โboringโ stuff โ core dump handlers, file pickers, config basics โ gets ignored until attackers show us why it matters.
โ 80% of cloud breaches start with simple misconfigurations, not zero-days. Remember Capital Oneโs $1.8M lesson?
โ Attackers target what we trust most: โinvisibleโ things that hold our systems together.
My take: Security leaders who audit the basics win the long game. Fancy tools matter, but discipline around the fundamentals saves millions.
Are you focusing on the right risks? Or is your team missing whatโs hiding in plain sight?
Stay secure out there.
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
๐10
After 2 weeks of #CyberMonday threat intel and CVE updates, I want to hear from YOU.
Every Monday, I share the latest threats, key CVEs, and Cybersecurity news to help you stay ahead.
My goal? Make your week safer and save you hours of research. But I know every team has different needs.
Hereโs what I want to know:
โ Are these weekly updates helping you spot risks faster?
โ Do you use them to brief your team, patch systems, or guide your strategy?
โ What would make these updates even more useful for you?
Your feedback shapes what I share next. I want #CyberMonday to be your go-to for:
1๏ธโฃ Actionable Threat Intel
2๏ธโฃ Fast CVE Highlights
3๏ธโฃ Simple, clear takeaways you can use right away
Help me deliver the best #Cybersecurity content for YOU ๐
Every Monday, I share the latest threats, key CVEs, and Cybersecurity news to help you stay ahead.
My goal? Make your week safer and save you hours of research. But I know every team has different needs.
Hereโs what I want to know:
โ Are these weekly updates helping you spot risks faster?
โ Do you use them to brief your team, patch systems, or guide your strategy?
โ What would make these updates even more useful for you?
Your feedback shapes what I share next. I want #CyberMonday to be your go-to for:
1๏ธโฃ Actionable Threat Intel
2๏ธโฃ Fast CVE Highlights
3๏ธโฃ Simple, clear takeaways you can use right away
Help me deliver the best #Cybersecurity content for YOU ๐
๐9
How valuable my weekly #CyberMonday threat and CVE updates?
Anonymous Poll
40%
Essential โ saves me hours
56%
Good threat intel
0%
Somewhat useful
4%
Could be betterโ tell me how๐
๐ง 5 Blind Spots That Held Me Back as a Security Leader (Until My Mentor Called Me Out)
For years, I thought being a strong security leader meant fixing every problem. I jumped into tool implementation, led audits, and stayed deep in the technical weeds. I believed doing more was leading more.
Then, I asked for honest feedback from the manager I trust. What I heard was not easy, but it changed my path.
Here are the 5 blind spots that stalled my growth:
1๏ธโฃ Overinvolvement in Execution
I thought being hands-on was the way to lead. But by taking every task myself, I blocked my team from growing. I learned: leadership means empowering others, not doing it all.
2๏ธโฃ Under-communicating Wins & Lessons
I believed results would speak for themselves. They donโt. If you do not share your teamโs impact and what you learn (even from mistakes), your work stays hidden. Now, I make it a habit to share short updates about impact, not just activity.
3๏ธโฃ Perfect Messaging Over Timely Connection
I spent too long trying to say things perfectly. This made me miss moments to connect and build trust. Now, I focus on being real, not perfect. Authentic words build stronger teams.
4๏ธโฃ Defaulting to Technical Depth
I thought technical skill was my main tool. But leadership is not about solving every ticket; it is about shaping team culture, budgets, and the big picture. I ask myself: am I leading with my expertise, or with my vision?
5๏ธโฃ Waiting to Feel โReadyโ to Share
I waited too long to share my journey. I told myself, โIโll post after something big.โ But real growth happens in public, by sharing small wins, struggles, and lessons as they come.
Every leader has blind spots. These were mine. Facing them with real feedback helped me become not just a better engineer, but a better leader.
What is one leadership blind spot you have seen in yourself or others? How did you work through it?
Stay sharp, stay secure.
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Leadership #InfoSec #GrowthMindset
For years, I thought being a strong security leader meant fixing every problem. I jumped into tool implementation, led audits, and stayed deep in the technical weeds. I believed doing more was leading more.
Then, I asked for honest feedback from the manager I trust. What I heard was not easy, but it changed my path.
Here are the 5 blind spots that stalled my growth:
1๏ธโฃ Overinvolvement in Execution
I thought being hands-on was the way to lead. But by taking every task myself, I blocked my team from growing. I learned: leadership means empowering others, not doing it all.
2๏ธโฃ Under-communicating Wins & Lessons
I believed results would speak for themselves. They donโt. If you do not share your teamโs impact and what you learn (even from mistakes), your work stays hidden. Now, I make it a habit to share short updates about impact, not just activity.
3๏ธโฃ Perfect Messaging Over Timely Connection
I spent too long trying to say things perfectly. This made me miss moments to connect and build trust. Now, I focus on being real, not perfect. Authentic words build stronger teams.
4๏ธโฃ Defaulting to Technical Depth
I thought technical skill was my main tool. But leadership is not about solving every ticket; it is about shaping team culture, budgets, and the big picture. I ask myself: am I leading with my expertise, or with my vision?
5๏ธโฃ Waiting to Feel โReadyโ to Share
I waited too long to share my journey. I told myself, โIโll post after something big.โ But real growth happens in public, by sharing small wins, struggles, and lessons as they come.
Every leader has blind spots. These were mine. Facing them with real feedback helped me become not just a better engineer, but a better leader.
What is one leadership blind spot you have seen in yourself or others? How did you work through it?
Stay sharp, stay secure.
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Leadership #InfoSec #GrowthMindset
๐11๐คฏ1
#CyberMonday PathWiper wiped Ukrainian infrastructure in 2025.
Cyber threats are not waiting for us to catch up. The PathWiper attack on Ukrainian critical infrastructure is a warning. Malware is now able to hit fast and giving defenders very little time to react.
๐ฅ Top News:
1๏ธโฃ Misconfigured HMIs exposed US water systems โ hundreds of control dashboards sat open on the internet, some with NO passwords.
2๏ธโฃ Voice phishing attacks are now targeting cloud systems for data extortion.
3๏ธโฃ A critical Cisco ISE flaw (CVSS 9.9) was patched, but proof-of-concept exploit code is already out there.
4๏ธโฃ Chrome extensions leaked user data by sending info over HTTP and hard-coding secrets.
๐ซข Recent Critical & High Severity CVEs
โ CVE-2021-32030/39780 (Asus Router #PotentialExpoit)
โ CVE-2024-56145 (Craft CMS #PublicExpoit)
โ CVE-2025-3935 (ScreenConnect #RemoteAccess)
โ CVE-2025-21479/21480 (Qualcome #MemoryLeak)
โ CVE-2025-5419 (Chrome #OutOfBounds)
See full CVE lists for the last 7 and 30 days if you want more detail โ https://www.cvedetails.com/
Staying proactive is the only way forward.
My take: Security is not about fear, it is about staying ready. Simple checks can stop big leaks before they start.
Have you checked your extensions lately?๐
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #DataProtection #ThreatIntel
Cyber threats are not waiting for us to catch up. The PathWiper attack on Ukrainian critical infrastructure is a warning. Malware is now able to hit fast and giving defenders very little time to react.
1๏ธโฃ Misconfigured HMIs exposed US water systems โ hundreds of control dashboards sat open on the internet, some with NO passwords.
2๏ธโฃ Voice phishing attacks are now targeting cloud systems for data extortion.
3๏ธโฃ A critical Cisco ISE flaw (CVSS 9.9) was patched, but proof-of-concept exploit code is already out there.
4๏ธโฃ Chrome extensions leaked user data by sending info over HTTP and hard-coding secrets.
๐ซข Recent Critical & High Severity CVEs
โ CVE-2021-32030/39780 (Asus Router #PotentialExpoit)
โ CVE-2024-56145 (Craft CMS #PublicExpoit)
โ CVE-2025-3935 (ScreenConnect #RemoteAccess)
โ CVE-2025-21479/21480 (Qualcome #MemoryLeak)
โ CVE-2025-5419 (Chrome #OutOfBounds)
See full CVE lists for the last 7 and 30 days if you want more detail โ https://www.cvedetails.com/
Staying proactive is the only way forward.
My take: Security is not about fear, it is about staying ready. Simple checks can stop big leaks before they start.
Have you checked your extensions lately?
__
Enjoy this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #DataProtection #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
๐4๐ค1๐คฏ1
I rarely ask for help, but today I must. 30,000 UAH could save real lives.
As a military and cybersecurity professional, my work is usually about building defense, in the cloud and on the ground. Today, I am reaching out for something even more personal.
The 3rd Assault Brigade (3 OShBr ๐บ๐ฆ) is in need of our help.
โ The goal is: 30,000 UAH.
โ The need is urgent: funds will support โะะฐะฒัะบ ะะพะฟั ัะฝะฐโ ('Dolphin Spider'), a new multi-purpose platform built by the Brigadeโs own engineers.
โ The impact is real: stronger tech means more lives protected and more missions completed.
Supporting these engineers is not just about equipment. It is about empowering the kind of innovation that keeps people safe and gives us a real edge.
Want to help?
1๏ธโฃ Contribute here: https://send.monobank.ua/jar/A3Y5u1H5cL
2๏ธโฃ If you canโt give, a simple repost can reach someone who can.
From my own experience at the front and in cyber defense, I know every bit counts. I believe in these people, and in our victory.
With faith in the #ZSU๐ซก
Glory to #Ukraine! ๐บ๐ฆ
#StandWithUkraine
As a military and cybersecurity professional, my work is usually about building defense, in the cloud and on the ground. Today, I am reaching out for something even more personal.
The 3rd Assault Brigade (3 OShBr ๐บ๐ฆ) is in need of our help.
โ The goal is: 30,000 UAH.
โ The need is urgent: funds will support โะะฐะฒัะบ ะะพะฟั ัะฝะฐโ ('Dolphin Spider'), a new multi-purpose platform built by the Brigadeโs own engineers.
โ The impact is real: stronger tech means more lives protected and more missions completed.
Supporting these engineers is not just about equipment. It is about empowering the kind of innovation that keeps people safe and gives us a real edge.
Want to help?
1๏ธโฃ Contribute here: https://send.monobank.ua/jar/A3Y5u1H5cL
2๏ธโฃ If you canโt give, a simple repost can reach someone who can.
From my own experience at the front and in cyber defense, I know every bit counts. I believe in these people, and in our victory.
With faith in the #ZSU๐ซก
Glory to #Ukraine! ๐บ๐ฆ
#StandWithUkraine
๐5
Want free mentorship? Bring 3 friends who love cybersecurity!
I know how hard it can feel to start in cybersecurity. When I began my journey, I had many questions and not enough answers. Today, I want to give back to the community that helped me learn and grow.
Hereโs how it works:
1๏ธโฃ Invite 3 friends who are interested in cybersecurity
2๏ธโฃ Comment below their names
3๏ธโฃ Iโll set up a free 1:1 session with you!๐ก
What will we talk about?
โ How to start a career in cybersecurity
โ Real-world threat trends and how to defend against them
โ Building a risk-resilient mindset
โ Deep dive into technical security (AWS, Azure, best practices)
Why bring friends?
Cybersecurity is not a solo sport. The more voices we have, the stronger our community becomes. Together, we can build a safer digital world.๐
Iโve spent over 10 years leading security teams and building strong defenses, in the private sector and for the Armed Forces. I know that sharing knowledge moves us all forward.
If you want to learn, connect, and grow, this is your sign.๐
Curious about what a session looks like? Ask me @stansecure
Stay secure.๐
__
Enjoying this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #Mentorship
I know how hard it can feel to start in cybersecurity. When I began my journey, I had many questions and not enough answers. Today, I want to give back to the community that helped me learn and grow.
Hereโs how it works:
1๏ธโฃ Invite 3 friends who are interested in cybersecurity
2๏ธโฃ Comment below their names
3๏ธโฃ Iโll set up a free 1:1 session with you!๐ก
What will we talk about?
โ How to start a career in cybersecurity
โ Real-world threat trends and how to defend against them
โ Building a risk-resilient mindset
โ Deep dive into technical security (AWS, Azure, best practices)
Why bring friends?
Cybersecurity is not a solo sport. The more voices we have, the stronger our community becomes. Together, we can build a safer digital world.
Iโve spent over 10 years leading security teams and building strong defenses, in the private sector and for the Armed Forces. I know that sharing knowledge moves us all forward.
If you want to learn, connect, and grow, this is your sign.
Curious about what a session looks like? Ask me @stansecure
Stay secure.
__
Enjoying this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #Mentorship
Please open Telegram to view this post
VIEW IN TELEGRAM
๐12๐คฏ1
The biggest telecom hack in history didnโt start with malware.
It started with a person.
A compromised employee account.
On December 12, 2023, Kyivstar, Ukraineโs largest telecom, was taken down
24 million people lost mobile service.
No phone. No internet. No air raid alerts.
The attackers didnโt break in, they were already inside.
This wasnโt just a breach. It was cyberwar, and a blueprint for whatโs coming.
Here are 3 lessons I believe every security leader must act on now:
1๏ธโฃ The Myth of the Impenetrable Fortress is Dead
Attackers got in by targeting people, not tech.
They were inside for weeks before striking.
โ๏ธ Your biggest risk is not your firewall - itโs your people.
โ๏ธ Assume breach. Build from the inside out.
โ๏ธ Security culture matters more than the latest tool.
2๏ธโฃ Resilience > Prevention
When the core was destroyed, prevention didnโt matter.
Recovery did.
โ๏ธ Do your backups survive when the backups are targeted?
โ๏ธ Has your incident response actually been tested under fire?
โ๏ธ Can your business keep running under attack?
3๏ธโฃ Attacks Hit People, Not Just Servers
โ ATMs down.
โ Air Raid Alerts silenced.
โ Lives disrupted.
This wasnโt an IT problem.
It was a humanitarian one.
We defend networks, but what weโre really protecting are communities, economies, and national resilience.
The Kyivstar attack wasnโt just about code.
It was about culture, readiness, and people under pressure.
The real heroes? The engineers working through the night.
Their story matters just as much as the breach.
Stay secure.๐
__
Enjoying this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Resilience #Kyivstar
It started with a person.
A compromised employee account.
On December 12, 2023, Kyivstar, Ukraineโs largest telecom, was taken down
24 million people lost mobile service.
No phone. No internet. No air raid alerts.
The attackers didnโt break in, they were already inside.
This wasnโt just a breach. It was cyberwar, and a blueprint for whatโs coming.
Here are 3 lessons I believe every security leader must act on now:
1๏ธโฃ The Myth of the Impenetrable Fortress is Dead
Attackers got in by targeting people, not tech.
They were inside for weeks before striking.
โ๏ธ Your biggest risk is not your firewall - itโs your people.
โ๏ธ Assume breach. Build from the inside out.
โ๏ธ Security culture matters more than the latest tool.
2๏ธโฃ Resilience > Prevention
When the core was destroyed, prevention didnโt matter.
Recovery did.
โ๏ธ Do your backups survive when the backups are targeted?
โ๏ธ Has your incident response actually been tested under fire?
โ๏ธ Can your business keep running under attack?
3๏ธโฃ Attacks Hit People, Not Just Servers
โ ATMs down.
โ Air Raid Alerts silenced.
โ Lives disrupted.
This wasnโt an IT problem.
It was a humanitarian one.
We defend networks, but what weโre really protecting are communities, economies, and national resilience.
The Kyivstar attack wasnโt just about code.
It was about culture, readiness, and people under pressure.
The real heroes? The engineers working through the night.
Their story matters just as much as the breach.
Stay secure.
__
Enjoying this? ๐ Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Resilience #Kyivstar
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
๐17๐คฏ2