Jason Duff

Jason Duff

Jason Duff

CISSP | Seasoned Cybersecurity Practitioner and Technology Generalist. 25 Years of industry experience across a broad range of technologies, industries and Security Domains.

AI Fatigue is real, and we are all living it
Perspectives

AI Fatigue is real, and we are all living it

It is difficult, if not impossible to not be subjected to AI in one way or another all day, every day. It is exhausting...

Jason Duff
The AI Security Maturity Model
Perspectives

The AI Security Maturity Model

A Practical Framework for IT Leaders to Assess Readiness and Close Gaps in Agentic AI Security

Jason Duff
A Multi-Front War in Cyber Security
Intelligence

A Multi-Front War in Cyber Security

The Rise of Advanced, Multi-Stage Attacks: Several reports highlight the increasing complexity of cyberattacks. We&rsquo...

Jason Duff
Recent Cyber Security Events That May Affect You - Round Two!
Intelligence

Recent Cyber Security Events That May Affect You - Round Two!

Hey everyone, I am back with another round of ‘Cyber Security Events That May Impact You (Round Two)’. This ...

Jason Duff
May 16, 2025 | Cybersecurity Briefing: A Review for IT Leaders and Security Professionals
News

May 16, 2025 | Cybersecurity Briefing: A Review for IT Leaders and Security Professionals

This is your weekly briefing on significant information security incidents, focusing on data breaches, ransomware attack...

Jason Duff
Recent Cyber Security Events That May Affect You
Intelligence

Recent Cyber Security Events That May Affect You

It’s hard to avoid hearing about data breaches in the news. In recent months, several major events have highlighte...

Jason Duff
Large-scale Cyberattack Targets Internet Service Providers
Intelligence

Large-scale Cyberattack Targets Internet Service Providers

Large-scale cyberattack targets internet service providers (ISPs) was a coordinated assault, primarily impacting network...

Jason Duff
VMware ESXi Vulnerabilities Fuel Ransomware Attacks
Intelligence

VMware ESXi Vulnerabilities Fuel Ransomware Attacks

Recently, there has been a surge in cybersecurity incidents exploiting VMware ESXi vulnerabilities. Tens of thousands of...

Jason Duff
Trending Story: BRG suffers Ransomware Attack Amidst Buyout
News

Trending Story: BRG suffers Ransomware Attack Amidst Buyout

Ransomware has been a hot topic in the cybersecurity ethos recently. That trend continues with the ongoing saga of the B...

Jason Duff
Data Breaches and You: What You Need to Know
Intelligence

Data Breaches and You: What You Need to Know

It feels like every day we hear about massive data breaches impacting millions. It’s unsettling, but understanding...

Jason Duff
This Week in Cybersecurity: A Critical Review for IT Leaders and Security Professionals
Intelligence

This Week in Cybersecurity: A Critical Review for IT Leaders and Security Professionals

This week saw a concerning surge in significant cybersecurity incidents, impacting various sectors and highlighting pers...

Jason Duff
The AI-Powered Ransomware Surge: Are Cybercriminals Getting Lazier or Smarter?
Intelligence

The AI-Powered Ransomware Surge: Are Cybercriminals Getting Lazier or Smarter?

Recently we have seen threat actor tactics shifting towards an escalated use of artificial intelligence (AI) to enhance ...

Jason Duff
BADBOX 2.0: A Massive Botnet Infecting Millions of Devices
Intelligence

BADBOX 2.0: A Massive Botnet Infecting Millions of Devices

Today’s top story is the revelation of BADBOX 2.0 , a massive botnet infecting millions of devices. This sophistic...

Jason Duff
Cybersecurity Threats: Protect Yourself in 2025 and beyond
Intelligence

Cybersecurity Threats: Protect Yourself in 2025 and beyond

It’s impossible to ignore the headlines: data breaches are becoming increasingly common, impacting millions of peo...

Jason Duff
Examining the Fallout from the Change Healthcare Cyberattack
News

Examining the Fallout from the Change Healthcare Cyberattack

The aftermath of the Change Healthcare cyberattack, which occurred a year prior is still generating tremors in the indus...

Jason Duff
Cybersecurity Takes Center Stage: A Summary of Top Trends
Intelligence

Cybersecurity Takes Center Stage: A Summary of Top Trends

Cybersecurity takes center stage: there has been a convergence of significant cybersecurity news, highlighting the escal...

Jason Duff
Over 100 U.S. Spies Fired for Misuse of Secure Communication Platforms
News

Over 100 U.S. Spies Fired for Misuse of Secure Communication Platforms

Over 100 US government employees, including spies, have been terminated for engaging in sexually explicit conversations ...

Jason Duff
Significant Security Events for the Week of Feb. 28th
Intelligence

Significant Security Events for the Week of Feb. 28th

This report summarizes notable information security incidents affecting businesses globally, focusing on data breaches, ...

Jason Duff
A Deep Dive into the Latest Ransomware Scourge: ETHAN
Intelligence

A Deep Dive into the Latest Ransomware Scourge: ETHAN

There have been considerable rumblings throughout the cybersecurity community surrounding the emergence of the latest ra...

Jason Duff
The Lazarus Group's Record-Breaking Crypto Heist: A $1.5 Billion Blow to Bybit
Intelligence

The Lazarus Group's Record-Breaking Crypto Heist: A $1.5 Billion Blow to Bybit

The dominant cybersecurity story today centers around the Lazarus Group, a North Korean state-sponsored hacking group, a...

Jason Duff
A Chinese hacking group breached the RNC communications systems
News

A Chinese hacking group breached the RNC communications systems

A Chinese government-linked hacking group breached the Republican National Committee’s (RNC) internal communicatio...

Jason Duff
Gmail Security Upgrade: QR Codes Replace SMS for Enhanced Authentication
Intelligence

Gmail Security Upgrade: QR Codes Replace SMS for Enhanced Authentication

Google’s announcement to replace SMS-based two-factor authentication (2FA) for Gmail with QR is a significant shif...

Jason Duff
Dogecoin Hack and Elon Musk's Restricted Access.
News

Dogecoin Hack and Elon Musk's Restricted Access.

Today we have a look at the hacking of Dogecoin and the subsequent court order restricting Elon Musk’s restricted ...

Jason Duff
Significant Cybersecurity Incidents of the Past Week.
Intelligence

Significant Cybersecurity Incidents of the Past Week.

This week saw a range of significant cybersecurity incidents impacting various sectors, highlighting the persistent and ...

Jason Duff
DeepSeek Cybersecurity Nightmare for Individuals and Enterprise
News

DeepSeek Cybersecurity Nightmare for Individuals and Enterprise

We have recently seen several significant cybersecurity stories, but one has consistently dominated headlines: the DeepS...

Jason Duff
IoT leak exposed a staggering 2.7 Billion records.
Intelligence

IoT leak exposed a staggering 2.7 Billion records.

This massive breach, dwarfing many previous incidents, exposed a staggering 2.7 billion records, many containing sensiti...

Jason Duff
U.S. Coast Guard Data Breach Delayed Pay for Hundreds
News

U.S. Coast Guard Data Breach Delayed Pay for Hundreds

This incident resulted in delayed pay for 1,135 service members due to a compromise of the Coast Guard’s personnel...

Jason Duff
This Week in Cybersecurity: A Critical Review for IT and Security Leaders
Intelligence

This Week in Cybersecurity: A Critical Review for IT and Security Leaders

This week has seen a concerning rise in various cyber threats, highlighting the persistent and evolving nature of the mo...

Jason Duff
Elon Musk's DOGE A Cybersecurity Nightmare?
Intelligence

Elon Musk's DOGE A Cybersecurity Nightmare?

February 13th, 2025, marked a significant escalation in cybersecurity concerns surrounding Elon Musk’s Department ...

Jason Duff
Ban of DeepSeek by Taiwan: A Cybersecurity Wake-Up Call
Intelligence

Ban of DeepSeek by Taiwan: A Cybersecurity Wake-Up Call

Today’s dominant cybersecurity story centers around the ban of DeepSeek by Taiwan, citing serious national securit...

Jason Duff
The DeepSeek AI Data Leak and its Global Fallout
News

The DeepSeek AI Data Leak and its Global Fallout

February 11th, 2025, saw the continued fallout from the DeepSeek AI data leak, a story dominating cybersecurity headline...

Jason Duff
Zyxel's Unpatched Zero-Day Vulnerabilities: A Cybersecurity Crisis in the Making
News

Zyxel's Unpatched Zero-Day Vulnerabilities: A Cybersecurity Crisis in the Making

February 8th, 2025 marks a critical point in cybersecurity with the escalating impact of unpatched zero-day vulnerabilit...

Jason Duff
A Weekly Analysis for IT Leaders and Cybersecurity Professionals
Intelligence

A Weekly Analysis for IT Leaders and Cybersecurity Professionals

This week saw a concerning surge in various cybersecurity threats, impacting numerous sectors globally. Key incidents in...

Jason Duff
DeepSeek Malware Distributed via Fake Packages. Potential Cybersecurity Crisis
Intelligence

DeepSeek Malware Distributed via Fake Packages. Potential Cybersecurity Crisis

Today’s most significant cybersecurity story revolves around the malicious distribution of DeepSeek malware disgui...

Jason Duff
Deepfakes and the $25 Million Heist: A New Era of Cybercrime
Intelligence

Deepfakes and the $25 Million Heist: A New Era of Cybercrime

The cybersecurity world is buzzing about a disturbingly sophisticated attack that highlights the evolving nature of atta...

Jason Duff
The Fall of Major Cybercrime Marketplaces
Intelligence

The Fall of Major Cybercrime Marketplaces

Today’s most significant cybersecurity news isn’t about a single vulnerability or a specific company breach;...

Jason Duff
The Rise of AI-Powered Attacks and the Urgent Need for Enhanced Defenses
Intelligence

The Rise of AI-Powered Attacks and the Urgent Need for Enhanced Defenses

The cybersecurity landscape is dominated by a confluence of escalating threats and evolving defensive strategies. The ov...

Jason Duff
The Fallout from the Rahman Espionage Case
Intelligence

The Fallout from the Rahman Espionage Case

While several significant cybersecurity events occurred around February 1st, 2025, the most impactful and trending story...

Jason Duff
This Week in Cyber: January 25th - 31st, 2025
Intelligence

This Week in Cyber: January 25th - 31st, 2025

This week saw a concerning rise in significant cybersecurity incidents impacting various sectors. This analysis is inten...

Jason Duff
LinkedIn's AI Training Lawsuit: A January 2025 Cybersecurity Flashpoint
News

LinkedIn's AI Training Lawsuit: A January 2025 Cybersecurity Flashpoint

As of January 30th, 2025, a significant cybersecurity story dominating headlines is the lawsuit against LinkedIn for all...

Jason Duff
Disable Local Administrator Accounts to Thwart North Korean Cyber attacks
Intelligence

Disable Local Administrator Accounts to Thwart North Korean Cyber attacks

The most significant cybersecurity story on January 29th, 2025, centers around an urgent warning issued by the FBI regar...

Jason Duff
Intelligence

A Multi-pronged Attack Targeting Individuals and Organizations

We have seen a convergence of significant cyber security events, highlighting a multi-front war in cyber security and t...

Jason Duff
Ubuntu 24.04 | New features, new look, new technology, but is it worth the upgrade?
Fundamentals

Ubuntu 24.04 | New features, new look, new technology, but is it worth the upgrade?

The all new Ubuntu 24.04 is here! Ubuntu has released their latest LTS version, Ubuntu 24.04 Noble Numbat, so I decided ...

Jason Duff
Fedora 40 | First Impressions from a Debian user
Fundamentals

Fedora 40 | First Impressions from a Debian user

If you have read any of my other ramblings, you may have picked up on the fact that I am almost exclusively a Debian (va...

Jason Duff
PGP | What is it and how to use it?
Guides

PGP | What is it and how to use it?

PGP stands for ‘Pretty Good Privacy’ but it is much more than that. It is the open source gold standard mech...

Jason Duff
DNS Tutorial | How the Domain Name System works.
Guides

DNS Tutorial | How the Domain Name System works.

Today I thought I would give a basic overview of how the Domain Name System (DNS) works and explain a bit about the most...

Jason Duff
Lenovo Yoga 6 Review: My new mobile Linux machine
Reviews

Lenovo Yoga 6 Review: My new mobile Linux machine

The Lenovo Yoga 6 is by no means a mobile workstation but it is light, stylish and functional - and an all-in-one. Toda...

Jason Duff
Quick Config | RealTek wireless and Bluetooth drivers Lenovo Yoga 6 (Ubuntu)
Guides

Quick Config | RealTek wireless and Bluetooth drivers Lenovo Yoga 6 (Ubuntu)

I recently got my hands on the newest version (2022) of the Lenovo Yoga 6 with an AMD Ryzen 5700 series processor, 16GB ...

Jason Duff
Quick Config | chronyd will not start in LXD containers
Guides

Quick Config | chronyd will not start in LXD containers

I have been working to get FreeIPA server installed and configured in an LXD container and found that the installation d...

Jason Duff
Linux | Is it right for me and how to Install it
Guides

Linux | Is it right for me and how to Install it

Over the years, I have spoken to countless individuals who are not necessarily ’tech savvy’ about Linux and ...

Jason Duff
Pixel Buds Pro Review: My thoughts on the matter
Reviews

Pixel Buds Pro Review: My thoughts on the matter

Background Recently, I decided it was time for a new pair of earbuds - quality ones. I had been using a pair of Mifo O5 ...

Jason Duff
My favorite Linux Distributions and Why
Perspectives

My favorite Linux Distributions and Why

Updated 2023/02 Today I thought I would take a break from all of the technical articles and write something a little mor...

Jason Duff
Ubuntu 22.04 | Configure LDAP/Kerberos Client Authentication
Guides

Ubuntu 22.04 | Configure LDAP/Kerberos Client Authentication

Adventures in the LXD Lab | Authentication Services Now that I have a fancy new authentication system (Kerberos and LDAP...

Jason Duff
Ubuntu 22.04 | Install and configure an OpenLDAP Server
Guides

Ubuntu 22.04 | Install and configure an OpenLDAP Server

Adventures in the LXD Lab | Authentication Services Tinkering is what I do but this article goes a bit beyond tinkering ...

Jason Duff
Ubuntu 22.04 | Install and configure a Kerberos Server
Guides

Ubuntu 22.04 | Install and configure a Kerberos Server

Adventures in the LXD Lab | Authentication Services As part of the lab and as a continuation of “Ubuntu 22.04 | In...

Jason Duff
Ubuntu 22.04 | Install Bind DNS Server
Guides

Ubuntu 22.04 | Install Bind DNS Server

Adventures in the LXD Lab | Name Resolution Services One of the core services that all devices browsing the internet or ...

Jason Duff
Pop!_OS 22.04 | Building an LXD Lab
Guides

Pop!_OS 22.04 | Building an LXD Lab

Adventures in the LXD Lab | In the beginning there was….

Jason Duff
Pop!_OS 22.04 | Window Lag Dragging/Moving
Guides

Pop!_OS 22.04 | Window Lag Dragging/Moving

My Issue Recently, I decided to reinstall my OS (Pop!_OS) and post installation, I noticed the when dragging/moving wind...

Jason Duff
Lenovo Chromebook Duet 5 Review: A tablet to rule them all?
Reviews

Lenovo Chromebook Duet 5 Review: A tablet to rule them all?

Obligatory Intro I am typically not a fan of devices that do not provide a full-blown operating system with all of the b...

Jason Duff
Kali Linux | Deploy it in a Docker Container
Guides

Kali Linux | Deploy it in a Docker Container

If you are like me, you prefer to not have to dual boot and certainly do not want to install Kali directly on your produ...

Jason Duff
Personal Security Policy | Protect your digital life with 3 easy tips.
Intelligence

Personal Security Policy | Protect your digital life with 3 easy tips.

For most people it is common to be versed or at least aware of your organizations cyber security policy as part of ongoi...

Jason Duff
Raspberry Pi | Automated script to change the password
Guides

Raspberry Pi | Automated script to change the password

Recently I was performing a network audit and discovered a large number of Raspberry Pi devices that were configured wit...

Jason Duff
Patching | Why it is important (Just Do It!)
Intelligence

Patching | Why it is important (Just Do It!)

Many users avoid patching for various reasons, such as having to reboot their computer -or- reluctance that patches may ...

Jason Duff
Multi-Factor Authentication | What is it and why you must have it!
Intelligence

Multi-Factor Authentication | What is it and why you must have it!

In addition to following best practices for your passwords, Multi-Factor authentication is an additional safeguard used ...

Jason Duff
Intelligence

Password Security | Best practices for secure and strong passwords

Password Security best practices are your first line of defense against account breaches. Unfortunately, many people und...

Jason Duff
Mod Security | Atomicorp rules blocking Cloudflare
Guides

Mod Security | Atomicorp rules blocking Cloudflare

The Issue So I had a customer reach out to me tonight and let me know that they are getting a server offline message fro...

Jason Duff
VMWare | Create Template CentOS 6.5
Guides

VMWare | Create Template CentOS 6.5

In this article, I am going to outline a very basic and quick way to create a VMWare virtual machine template for provis...

Jason Duff
Guides

VMWare | Create Template Ubuntu 12.04

In this article, I am going to outline a procedure to create a very basic Ubuntu VMWare virtual machine template for rap...

Jason Duff
Guides

CentOS | Manage Auto Start services

Most server admins want their servers to run as lean and secure as possible. For that reason, we usually try to disable ...

Jason Duff
Guides

Exchange 2010 | Configure Autodiscover

This is a short article on how to configure Microsoft Exchange Server 2010 Auto Discover feature. I remember when I init...

Jason Duff
Intelligence

Must Have Security Audit Tools

I have always had an interest in network/computer/data security and have for years played around with a number of intere...

Jason Duff
Guides

CentOS | Build Secure FTP Server with vsftpd

In this article, I am going to outline the steps that I have taken to create a secure and stable FTP server for general ...

Jason Duff
Ubuntu/Debian | LAMP Security
Intelligence

Ubuntu/Debian | LAMP Security

This post outlines the procedures that I use to secure a LAMP stack built on Ubuntu or Debian. All of the techniques out...

Jason Duff