LLMs are on their way to becoming our greatest security vulnerability
LLMs are currently transforming all fields and are being weaponized by cyber attackers. In a brief span of time, GenAI has left its mark on cybersecurity as well. While gaining traction, its…
WhatsApp gets the boot: House of Representatives the app from official devices
The US Office of Cybersecurity finally banned WhatsApp on all staff devices, a move that has left many wondering why it took so long. The memo: “The Office of Cybersecurity has deemed WhatsApp…
NIST SP 800-12 Rev 1: An introduction to Computer Security
People might view cybersecurity as an extension of software development or of the tech industry. However, deeper exploration reveals this view to be inaccurate. Software development, personal…
23andMe bankrupcy sell: Privacy concerns and escalating tensions surrounding the headline
23andMe’s bankruptcy is making constant headlines. A while back Regeneron Pharmaceuticals bought genomics firm 23andMe for $256 million, after a court-supervised sale [source]. Despite the…
Signal is in the news and for the wrong reasons, yet again
“The human is the weakest link in the security chain.” Recent events in Washington have demonstrated this cliche with clarity. This week, we’ve all witnessed yet another high-profile security…
Pentesting a Windows Application: A Case Study
With time, pentesting develops into a somewhat predictable process. Years spent coding web applications now frequently result in web penetration testing assignments for me. While web…
Security Design Principles 101: Defense-in-Depth
In this article, we will discuss my all-time-favorite security topic: Defense-in-Depth. Encountering the secure design principle while studying for a certification was the first time I knew a…
Mitigation Strategies for Desktop and Web Applications
Lately, we’ve faced some interesting new challenges. Security layers are being implemented more frequently in the Software Development Lifecycle and this leads to issues that were not present…
Stop That Thief! Says the Data Bandit: OpenAI vs DeepSeek
So it’s already all over the news, with OpenAI’s recent allegations against DeepSeek. (It took a while to find a news link that wasn’t hidden under a paywall).
Cybersecurity 101: Understanding Confidentiality, in the CIA Triad
Continuing with our cybersecurity fundamental series, we’ll explore one essential concept in cybersecurity – the CIA Triad. While the acronym might evoke thoughts of a certain…