On March 28, 2022, Mandiant published a blog post entitled “Forged in Fire: A Survey of MobileIron Log4Shell Exploitation” that I helped author.
Back in December when CVE-2021-44228 (the Log4j vulnerability) dropped, I analyzed exploitation and post-exploitation attempts. Some of my findings made it directly into the blog post.
Recently my employer, Brigham Young University, presented me with the SAERA Award for accountability and results.
On March 23, 2021 I found myself in a Zoom meeting, which was not out of the ordinary after a year working from home. This was a broader team meeting called together by the CISO, so I figured it was some type of news or major discussion.
After an introduction to some guests on the call, one of the guests began to say we’re here to recognize someone for their contributions to the university. I immediately thought of several people on the call who are outstanding employees.
Suddenly, I heard my name. Wait, did I really? Yes, I had. Everyone was looking at me. Well, their images seemed to look at me. I was quite surprised and speechless. After some stammering, I thanked my manager who nominated me, those from HR who reviewed and approved the award, and the team for their encouragement and support.
What is the BYU SAERA Award? It is the Staff and Administrative Employee Recognition Award given to those who demonstrate the university values, abbreviated CRITERIA, in their work such as:
- Respect for Sacred Resources
- Exceeding Customer Expectations
- Respect for All Individuals
- Accountability and Results
I was given the award for demonstrating the value of “Accountability and Results” for handling an unexpected and difficult project. Although the award recognizes the specific work I did, it is also an acknowledgement of consistently demonstrating the university values in my work. I am honored to receive this award.
A hacker and a vigilante hacked and defaced the now defuncted Utah Valley University (UVU) website learningstyles.uvu.edu in 2019 and 2020.
The average total compensation (salary and benefits) of a cybersecurity professional working in Utah higher education is $100,631 in 2019.
94% of Utah K-12 school districts do not have any dedicated cybersecurity professionals according to a survey of 35 school districts.
Hackers infiltrated a website operated by the United States Ski and Snowboard Association (USSA) for the National Standard Race (NASTAR) but ultimately did not take any significant adverse actions.
The political election campaign of Tom Sakievich responded quickly to remove “malvertising” malware from their website this past week after I discovered and reported the hack.
University Of Utah Health announced Friday afternoon another data breach taking place at the height of the COVID-19 pandemic. This is their second health breach this year due to phishing.
Utah Valley University (UVU) removed two websites with 17-year-old critical vulnerabilities after the UtahCyberCheck found and reported them.