Cybersecurity 101: Understanding MITRE ATT&CK Framework
Traditional security frameworks often fail to connect with the realities of development. Usually, we see the results of…
133 posts
Backup Strategies for Home & Self-Hosted Solutions
After setting up your self-hosted environment, establishing a solid backup strategy is important. This guide applies to home…
Web Security 101: Understanding Cross-Origin Resource Sharing (CORS)
Continuing the web security headers series, after covering HSTS (Strict Transport Security), and CSP (Content Security Policy), now…
A Decade of Let’s Encrypt: From Complex Certs to One-Click Security
Time passing is always constant, at least in the Newtonian classical world. Two days ago, on November 18,…
Critical Authentication Bypass Found in Really Simple Security: 4M WordPress Sites at Risk
Wordfence’s Threat Intelligence team has identified a critical authentication bypass vulnerability affecting over 4 million WordPress sites that…
Cyber Resilience Act: Security Requirements in Development
On October 10th, 2024, the EU Parliament mandated security standards for connected software with the enactment of the…
PostgreSQL PL/Perl Vulnerability: ENV Variable Exploit & Dev Notes
Researchers have discovered a high-severity vulnerability in PostgreSQL’s PL/Perl trusted language extension that could allow attackers to execute…
Web Security 101: Understanding Strict-Transport-Security Headers
In this series of evaluating web security headers, we are now diving in with HSTS, the HTTP Strict-Transport-Security…
Introduction to Offensive Security – The Ethics and Legality of Cybersecurity
Offensive security practices like penetration testing and red teaming are used to identify and address vulnerabilities before malicious…
Web Security 101: Understanding Content Security Policy Headers (CSP)
Content security policy (CSP) is a browser feature that can help minimize the risk of a multitude of…