Eva is an Information Security Professional with over 20 years of expertise in Information Security and compliance, including standards such as FedRAMP, ISO 27001/2, PCI, HIPAA, NIST, SOC 1/2, and GDPR. Eva has an enormous amount of experience in creating formal documentation, including company programs, policies, and individual procedures, used to educate internal users and […]
Original release date: April 15, 2022VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and…
Original release date: April 15, 2022CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actor…
This is a current list of where and when I am scheduled to speak:
I’m speaking at Future Summits in Antwerp, Belgium, on May 18, 2022.
I’m speaking at IT-S Now 2022 in Vienna, Austria, on June 2, 2022.
I’m speaking at the 14th International Conference…
Original release date: April 14, 2022Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages …
The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, …
Original release date: April 14, 2022Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and ad…
Original release date: April 14, 2022CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors a…
Original release date: April 13, 2022Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this …
Original release date: April 13, 2022CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), warning that certain advanced persistent th…
