Articles and Comments By Tim Mackey
Expert Commentary
Malicious PyPI Package Found Posing as SentinelOne SDK in recent Hack Trend
December 23 , 2022 by Tim Mackey
"The interesting part of this story is the volume of malicious packages that were uploaded to mainst...
Expert Commentary
Is Ransomware responsible for the recent hit on Guardian?
December 23 , 2022 by Tim Mackey
“Addressing ransomware needs to move from a reactionary mindset to a proactive one. If your organi...
Expert Commentary
OpenSSL Recent Vulnerability, What Experts Say?
November 08 , 2022 by Tim Mackey
How not to perform an incident response – OpenSSL CVE-2022-3602
Over the past several days, there...
Expert Commentary
Supply Chain Attacks Or Vulnerabilities Experienced By 80% Of Organisations
October 28 , 2022 by Tim Mackey
The top level findings in this research are not at all surprising. Software supply chains are very c...
Expert Commentary
Do You Think Businesses Must Do More To Boost Cyber Defences, Says Nadhim Zahawi
October 19 , 2022 by Tim Mackey
Improved cyber defences are more than just stronger firewalls or better educated employees. Mitigati...
Expert Commentary
Cybersecurity Experts Welcome NSA/CISA Best Practices For Software Supply Chain
September 05 , 2022 by Tim Mackey
Developers play a key role in securing the software they create for their employers, but when that s...
Expert Commentary
Expert On Report Showing 297% Increase In US Breaches Tied To Supply Chain And Third-party Suppliers
August 18 , 2022 by Tim Mackey
If we look at the history of data breaches, we’re likely to find that many can be classified as a...
Expert Commentary
Major Cyber Bug In Log4j To Persist As ‘Endemic’ Risk For Years To Come
July 15 , 2022 by Tim Mackey
"Rarely do we get a comprehensive review of the impact and root causes of a cyber incident so quickl...
Expert Commentary
Why Supply Chain Security Risks Provide Backdoor For Hackers And How To Prevent It, Experts Insight
April 08 , 2022 by Tim Mackey
Software supply chains are complex entities often comprising hundreds of “suppliers” per applica...
Expert Commentary
Honda Bug Lets A Hacker Unlock And Start Your Car via Replay Attack
March 28 , 2022 by Tim Mackey
While owners of Honda vehicles impacted by CVE-2022-27254 might be understandably concerned over the...
Expert Commentary
Comment: Chinese Spies Hacked A Livestock App To Breach US State Networks
March 09 , 2022 by Tim Mackey
It shouldn’t come as any surprise that nation-state actors would begin targeting other governments...
Expert Commentary
Expert Reacted On 'Dirty Pipe' Linux Vulnerability
March 09 , 2022 by Tim Mackey
The Dirty Pipe vulnerability illustrates an inherent risk with all software development – code cha...
Expert Commentary
Log4Shell Threat Far From Gone: Attackers Continue To Target Vulnerability
March 04 , 2022 by Tim Mackey
It’s not surprising that attackers continue to attempt to exploit a high profile vulnerability lik...
Expert Commentary
Log4Shell Threat Remains Extremely High, Cyber Security Expert Insight
March 03 , 2022 by Tim Mackey
It’s not surprising that attackers continue to attempt to exploit a high profile vulnerability lik...
Expert Commentary
New Report Calls For Increased Industry Collaboration To Speed IoT Security Adoption
February 23 , 2022 by Tim Mackey
Where application security was once an afterthought, something to be addressed after market share wa...
Expert Commentary
OpenSSF Announces The Alpha-Omega Project To Improve Software Supply Chain Security For 10,000 OSS Projects
February 03 , 2022 by Tim Mackey
While improving overall security of software, be it open source or commercial, should be a priority...
Expert Commentary
InfoSec Experts Advise On A 12-year-old Vulnerability Discovered In Polkit For Linux
January 27 , 2022 by Tim Mackey
CVE-2021-4034, also known as PwnKit, is a local privilege escalation vulnerability in Linux. While r...
Expert Commentary
New Laws Proposed To Strengthen The UK’s Resilience From Cyber Attack, Experts Weigh In
January 20 , 2022 by Tim Mackey
Most modern organisations are, in reality, distributed operations where online storefronts, payment...
Expert Commentary
The Aftermath Of Log4j: What Can Be Done To Protect Companies From The Security Implications After Log4j?
January 19 , 2022 by Tim Mackey
Are we seeing the end of the era of open source? Why?
While it might be tempting to view a major vul...
Expert Commentary
What Experts Say On Critical Log4j Vulnerability?
December 13 , 2021 by Tim Mackey
Apache log4j is the de-facto way Java applications write their log information. This means that a ve...
Expert Commentary
Expert Reacted On ‘Trojan Source’ Bug Threatens The Security Of All Code
November 02 , 2021 by Tim Mackey
We’ve seen a variety of novel attacks on software supply chains in 2021, and this is another examp...
Expert Commentary
Location Data Collection Firm Admits Privacy Breach
November 01 , 2021 by Tim Mackey
Collecting location data without explicit consent from the user where the user is clear on the benef...
Expert Commentary
Cybersecurity Experts Comment On Pandora Papers
October 04 , 2021 by Tim Mackey
Protecting oneself from the impact of any data breach is a challenge for most of the public. This ch...
Expert Commentary
Apple Issues Urgent iPhone Software Update To Address Critical Spyware Vulnerability
September 14 , 2021 by Tim Mackey
Zero-click software or apps should be a high concern for any mobile device user. This class of softw...
Expert Commentary
Comment: Security Flaw Potentially Leaves Millions of Routers Exposed Globally
August 04 , 2021 by Tim Mackey
The research leading to CVE-2021-20090 highlights a series of implementation weaknesses in the softw...
Expert Commentary
Supply Chain Cyber Attacks Expected To Quadruple
August 03 , 2021 by Tim Mackey
Traditionally, cybersecurity incidents have involved direct attacks between malicious actors and the...
Expert Commentary
Cybersecurity Comment: IBM Research: Cost of a Data Breach Hits Record High
July 28 , 2021 by Tim Mackey
Each year, the IBM Cost of a Data Breach report provides a wealth of insights into the business impa...
Expert Commentary
Morgan Stanley Data Breach – Experts Reaction
July 09 , 2021 by Tim Mackey
When a patch is issued for software that has been actively exploited, simply patching the software a...
Expert Commentary
Microsoft Issues Emergency Patch for Windows Flaw
July 08 , 2021 by Tim Mackey
Whenever there is a new security disclosure, it should be assumed that knowledge of how to exploit t...
Expert Commentary
UK, US Agencies Warn Russian Hackers Using 'Brute Force' To Target Hundreds Of Groups
July 02 , 2021 by Tim Mackey
It shouldn’t surprise anyone that any nation is actively attempting to compromise the credentials...
Expert Commentary
PoC Exploit Accidentally Leaks for Dangerous Windows PrintNightmare Bug
July 01 , 2021 by Tim Mackey
Whenever there is a new security disclosure, it should be assumed that knowledge of how to exploit t...
Expert Commentary
Experts Reaction On Linkedin Breach Reportedly Exposes Data Of 92% Of Users
June 30 , 2021 by Tim Mackey
From a user’s perspective, there is no difference between a data breach where company servers were...
Expert Commentary
Expert On Report: 79% Of Developers Don’t Update Third-party Libraries In Their Code
June 25 , 2021 by Tim Mackey
The Veracode report highlights a trend we’ve seen portrayed in multiple industry reports, includin...
Expert Commentary
Expert React: Battle For The Galaxy - 6 Million Gamers Hit By Data Leak
June 03 , 2021 by Tim Mackey
With the prevalence of misconfigured databases, it’s clear that some teams lack the ability to con...
Expert Commentary
New Plans to Boost Cyber Resilience of UK’s Critical Supply Chains
May 18 , 2021 by Tim Mackey
Digital supply chains are formed both with the data that powers our modern lives, but also with the...
Expert Commentary
Experts Insight On US Pipeline Shut After Cyberattack
May 11 , 2021 by Tim Mackey
The Colonial Pipeline cyberattack serves as a wakeup call to anyone using software to power their bu...
Expert Commentary
Experts Insight On Critical Remote Code Execution Flaws, IE Zero-Day Fixed In Microsoft's March Patch Tuesday
March 10 , 2021 by Tim Mackey
While most IT teams are accustomed to regular patch updates and patch cycles, the current set of Mic...
Expert Commentary
Experts Advise After Personal Data Of 1.4 Million Washington Exposed
February 02 , 2021 by Tim Mackey
Compromises come in many forms where the attacker defines the rules of their attack. In this case, t...
Expert Commentary
Florida Medicaid Website Hacked For 7 Years, Hundreds Of Thousands Affected
February 01 , 2021 by Tim Mackey
Cybersecurity threats evolve over time, which means that data controllers need to be ever vigilant t...
Expert Commentary
Experts Reacted On Hackney Council Leaked Documents
January 08 , 2021 by Tim Mackey
Whenever an organisation is in the position of dealing with a demand of ransom from a cyber-attack,...
Expert Commentary
More Than 45 Million Medical Images Openly Accessible Online
December 17 , 2020 by Tim Mackey
Secure configuration and secure deployments start with secure defaults. The problem is that with lon...
Expert Commentary
Experts Reaction On Dua Lipa And Other Spotify Artists' Pages Hacked By Taylor Swift 'Fan'
December 03 , 2020 by Tim Mackey
While the details of what weaknesses in Spotify’s security practices remain unknown, the attack hi...
Expert Commentary
Expert Reaction On Half Of All Docker Hub Images Have At Least One Critical Vulnerability
December 02 , 2020 by Tim Mackey
Container images are a combination of an application with operating system elements and supporting f...
Expert Commentary
Experts Insight On Baltimore County Public Schools Fall Victim To A Ransomware Attack
December 01 , 2020 by Tim Mackey
Over the years I’ve often been asked about consumers having a marketplace to sell or minimally man...
Expert Commentary
Experts Reaction On Verizon Cyber-Espionage Report
November 23 , 2020 by Tim Mackey
If your business were a target of a well-funded malicious group, how would you know? For most victim...
Expert Commentary
Lazda And Eatigo Suffer Data Breach; Millions Of Account Details Sold Online
November 03 , 2020 by Tim Mackey
Data retention and archival processes should be part of any digital privacy and cybersecurity plan....
Expert Commentary
Expert Reacted On Isentia Breach And Its Impact On Government Departments
October 28 , 2020 by Tim Mackey
Ransomware attacks are on the rise, and for the attackers, it’s likely comforting to learn that pe...
Expert Commentary
Comment: 73% Of Security Professionals And Developers Sacrifice Security For Speed
October 04 , 2020 by Tim Mackey
Prioritisation of feature development relative to security has long been a challenge, but it’s not...
Expert Commentary
Security Expert On Amazon One - Palm Scanner Launched For 'Secure' Payments
October 04 , 2020 by Tim Mackey
Biometric based user identification is nothing new. In recent years programs like CLEAR in the US in...
Expert Commentary
What Experts Says On House Approves Bill Making Hacking Federal Voting Systems A Crime?
September 23 , 2020 by Tim Mackey
We can all agree that malicious access to a voting machine at any point in its life is a bad thing ,...
Expert Commentary
Expert On Study Finds Serious Problems With Vulnerability Management
September 04 , 2020 by Tim Mackey
It’s not surprising to find that IT organisations have a disconnect between their perception of pa...
Expert Commentary
Data Of American Voters Appeared On The Russian Dark Web
September 02 , 2020 by Tim Mackey
American voters should view this dataset as being very similar in scope to the publicly accessible v...
Expert Commentary
Experts Insight On Major US Twitter Accounts Hacked in Bitcoin Scam
July 17 , 2020 by Tim Mackey
The Twitter hack demonstrated the real risks when employees have the ability to impersonate users. I...
Expert Commentary
Expert Reaction On News: New Zealand Property Management Company Leaks 30,000 Users Personal Data
July 16 , 2020 by Tim Mackey
Cloud storage solutions are convenient and cost-effective, but we must not forget that proper config...
Expert Commentary
Expert Reaction On Spotify Not Working As iPhone Users Complain The App Crashes Immediately Upon Opening
July 13 , 2020 by Tim Mackey
Modern applications are a combination of proprietary code, open source software and increasingly thi...
Expert Commentary
UK And Australia Open Joint Data-Privacy Investigation Into Clearview AI
July 10 , 2020 by Tim Mackey
It really hasn’t been a good few months for facial recognition companies. Starting with the revela...
Expert Commentary
Expert Insight On New macOS Malware Spreading Through Google Search Results
June 23 , 2020 by Tim Mackey
The attack outlined here is essentially a “drive-by” where the attacker is attempting to pollute...
Expert Commentary
Comment: Potentially Sensitive Data From Over 200 US Police Departments Exposed Online By 'BlueLeak's
June 23 , 2020 by Tim Mackey
Ignoring the obvious political aspects of the BlueLeaks data collection, it’s worth asking why the...
Expert Commentary
Experts Reaction On Australia Targeted By 'Sophisticated' Cyber Attack - By 'State-based' Actor
June 19 , 2020 by Tim Mackey
Cyber-attacks come in all forms, and the attacker defines the rules of their attack. In this case, t...
Expert Commentary
Vulnerability Analysis Of 2500 Docker Hub Images - Expert On Report
June 17 , 2020 by Tim Mackey
The Vulnerability Analysis Report highlights a known problem within the world of application contain...
Expert Commentary
Experts Reaction On Paid Hackers Targeted Thousands Of People And Hundreds Of Institutions Worldwide
June 10 , 2020 by Tim Mackey
Cyber defenders implicitly know that it’s the attackers who define the rules for their attacks and...
Expert Commentary
Experts On News: Ghost Confirms Hack Attack - 750,000 Users Spooked By Critical Vulnerability
May 05 , 2020 by Tim Mackey
Data centre patch strategies need to take into account not only the applications deployed, but also...
Expert Commentary
Experts Insight On Tesla Data Leak: Old Components Containing Personal Info End Up On eBay
May 05 , 2020 by Tim Mackey
Businesses and consumers need to recognize that, just like with laptops, any piece of software is ca...
Expert Commentary
Experts Comments On Bugs In WordPress plugins LearnPress, LearnDash, And LifterLMS For Online Courses Let Students Cheat
May 01 , 2020 by Tim Mackey
LearnDash, LearnPress and LifterLMS are all examples of WordPress plugins designed to turn WordPress...
Expert Commentary
US States Expand Internet Voting Experiments Amid Pandemic, Raising Security Fears
April 30 , 2020 by Tim Mackey
When election officials find ways to increase opportunities for voters to cast their ballots, that i...
Expert Commentary
Microsoft Teams Has Fixed A Funny Gifs Cyber-attack Flaw- Experts Commentary
April 28 , 2020 by Tim Mackey
For the general public, this specific vulnerability has been mitigated by Microsoft, but the researc...
Expert Commentary
Experts Reaction On Bill Introduced To Put National Security Warnings On TikTok, FaceApp
April 22 , 2020 by Tim Mackey
Transparency is key to any data protection strategy. While placing a warning on apps based on their...
Expert Commentary
Singapore Warns Political Parties Of Cybersecurity Threats, Election Interference
April 21 , 2020 by Tim Mackey
The democratic election process has always invited debate and expression of opinions within the popu...
Expert Commentary
Comment: Open Source Assessment Platform Riddled With XSS Flaws
April 10 , 2020 by Tim Mackey
People select open source solutions for a variety of reasons, but for many the allure of a free tool...
Expert Commentary
Email.it Data Breach Exposes 600,000 Users - Expert Commentary
April 08 , 2020 by Tim Mackey
People’s digital lives are increasingly held in their hands and powered by free services like publ...
Expert Commentary
Security Expert Re: Key Ring Exposes 44 M Digital Wallet Items Due To AWS S3 Bucket Misconfiguration
April 03 , 2020 by Tim Mackey
Unsecured S3 buckets are almost a daily occurrence, but in this case the security risk was compounde...
Expert Commentary
Industry Leaders And Cybersecurity Experts Insight On Marriott International Data Breach
April 01 , 2020 by Tim Mackey
This data breach at Marriott International highlights the importance of performing a detailed threat...
Expert Commentary
Experts Insight On Tupperware Website Hacked And Infected With Payment Card Skimmer
March 26 , 2020 by Tim Mackey
Online credit card skimming differs from the physical skimming practices most people have heard abou...
Expert Commentary
Tech Giant GE Discloses Data Breach - Experts Reaction
March 25 , 2020 by Tim Mackey
Our modern digital economy is fundamentally a supply chain where the organization we do business wit...
Expert Commentary
Experts Comments On Cyberspace Solarium Commission Report - US At Risk Of A "Catastrophic cyber-attack"
March 13 , 2020 by Tim Mackey
The US Cyberspace Solarium Commission highlights the unfortunate reality of current cybersecurity pr...
Expert Commentary
Experts Reaction On Millions Of Websites Face 'Insecure' Warnings
March 04 , 2020 by Tim Mackey
Certificate revocation, while rare, does occur and web site owners should be prepared for this situa...
Expert Commentary
Experts Reaction On UK Home Office Breached GDPR 100 Times Through Botched Management Of EU Settlement Scheme
March 03 , 2020 by Tim Mackey
The ICIBI review of EUSS practices highlighted 100 instances of applicant data potentially being mis...
Expert Commentary
Clearview AI's Entire Client List Stolen In Data Breach - Experts Reaction
February 28 , 2020 by Tim Mackey
In cybersecurity there are two types of attacks – opportunistic and targeted. With the type of dat...
Expert Commentary
Experts Reaction On Report: Millions Of Windows And Linux Systems Vulnerable To Cyber-attack
February 19 , 2020 by Tim Mackey
With supply chain cyber attacks on the rise in 2019, this research should serve as notice to softwar...
Expert Commentary
Experts Insight On Brazilian Firm Exposes Personal Details Of Thousands Of Soccer Fans
February 06 , 2020 by Tim Mackey
Cloud storage solutions are convenient and cost effective, but are increasingly in the news for bein...
Expert Commentary
Major Flaw In Windows 10 Discovered By The NSA - Experts Reactions
January 16 , 2020 by Tim Mackey
There are times when it’s reasonable to defer a patch, but deferring the patch for CVE-2020-0601 i...
Expert Commentary
Experts Response On TikTok Vulnerability To Let Hackers Access Users’ Videos
January 09 , 2020 by Tim Mackey
With 40% of TikTok users being between 10-19, the ability for this user base to detect or understand...
Expert Commentary
Expert on News: US On High Alert For Iran-backed Cyber Attacks
January 07 , 2020 by Tim Mackey
Geopolitical concerns are nothing new for multi-national businesses, but for those who operate only...
Expert Commentary
2020 Cybersecurity Landscape: 100+ Experts' Predictions
December 25 , 2019 by Tim Mackey
Cyber-attacks on 2020 candidates will become more brazen. While attacks on campaign websites have al...
Expert Commentary
267M Facebook User IDs, Phone Numbers And Names Exposed Online - Expert Commentary
December 23 , 2019 by Tim Mackey
Another day, another unsecured database found on the internet. With this database containing Faceboo...
Expert Commentary
Experts Insight on Hacking Group, Lazarus, Has Expanded Its Reach With Trojan Affecting Linux Systems
December 19 , 2019 by Tim Mackey
When thinking about APTs, there is a tendency amongst the public to focus on the threat and not the...
Expert Commentary
Experts Reaction On 1.2 Billion Records Were Found Online On An Exposed, Unsecure Single Server
November 25 , 2019 by Tim Mackey
This incident highlights multiple data privacy tenants. The most obvious of which being that given a...
Expert Commentary
Experts On FT Investigation Reveals Info Shared With Hundreds Of Third Parties Including Google And Facebook
November 18 , 2019 by Tim Mackey
Consent and awareness are key principals of privacy, and there’s nothing more private than one’s...
Expert Commentary
Comment: Security Researchers Discover Flaws In U.S. Cash Machines
November 12 , 2019 by Tim Mackey
All too often when attempting to secure software, there is a tendency to focus on external threats....
Expert Commentary
Experts Comments On Facebook Reveals Another Privacy Breach, This Time Involving Developers
November 07 , 2019 by Tim Mackey
As Facebook have demonstrated over the years, maintaining a matrix of permissions for any account is...
Expert Commentary
Experts Reactions Facebook Portal Vulnerability
October 31 , 2019 by Tim Mackey
This is an example of how an incomplete threat model can allow users to gain access to information t...
Expert Commentary
Experts On "BriansClub" Hack Rescues 26m Stolen Cards
October 16 , 2019 by Tim Mackey
Whether you’re running a global enterprise, a startup, small business or a shop for stolen data th...
Expert Commentary
Why Cybersecurity Programs Shown To Have Tangible Value In M&A Assessments
October 03 , 2019 by Tim Mackey
In the age of digital transformation where technology plays an increasingly significant role in busi...
Expert Commentary
Telnet Backdoor Vulnerabilities Impact Over A Million IoT Radio Devices
September 10 , 2019 by Tim Mackey
The pattern behind these disclosures is reminiscent of how the template used in the original Mirai b...
Expert Commentary
Experts Dots On Massive Database Of Facebook Users' FB IDs And Phone Numbers Found Online - On An Unprotected Server
September 06 , 2019 by Tim Mackey
It’s important to recognise that the owner of this database was not identified, which means that a...
Expert Commentary
Nato's Secretary General Says A Cyberattack On One Of Its Members Will Trigger Article 5
August 29 , 2019 by Tim Mackey
Cyber-security is a constant battle between attackers and defenders. In this battle, the attackers o...
Expert Commentary
One In Four People Would Be Willing To Buy Back Their Private Information From The Black Market
August 19 , 2019 by Tim Mackey
There’s an interesting paradox in this report. With the average respondent willing to pay close to...
Expert Commentary
Critical Flaw Within Canon DSLR Camera Can Lead To Ransomware Attack
August 12 , 2019 by Tim Mackey
Protocols are funny things. When created, they often assume a specific physical interface or connect...
Expert Commentary
E-Commerce Site StockX Confirms It Was Hacked, Exposing Data From 6.8 Million Customers
August 06 , 2019 by Tim Mackey
When communicating IT and security issues to the general public, and specifically to customers, it...
Expert Commentary
Google Reveals Devastating iPhone Vulnerabilities - But Hides One Which The Company Hasn't Fixed
August 01 , 2019 by Tim Mackey
The flaw (CVE-2019-8641) identified by the Project Zero team at Google, but with details withheld, i...
Expert Commentary
Capital One Suffers Data Breach Affecting 100 Million Customers
July 31 , 2019 by Tim Mackey
The disclosure by Capital One of a breach impacting 100 million users highlights the importance of a...
Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center)