CYBERSEC

Becoming Cyber Savvy

It’s Cyber Awareness month, when the vendors send emails explaining how to be cyber aware flooding your way.

INFOSEC

Journalists Need Infosec Skills

They teach you a lot of different things at journalism school, but infosec skills don’t tend to be among them.

INFOSEC

Stealing My Own Banking Information

Infosec writer, Miguel Calles, highlights how well-meaning convenience features might result in information security leaks.

INFOSEC

How I 'Almost' Landed A Job In Infosec

This is the story of how I failed to break into infosec and insight into how my thinking changed during my journey.

INFOSEC

A Guide To Infosec's Volunteer Army

There is an enormous amount of unpaid work being done in the infosec space by volunteers, work that makes a real difference to the community.

TECHNICAL

Don't Think About Being a Black Hat

Don't even think about being a black hat, I did and regret it. Also here is how to hack a PC and turn on the webcam.

INFOSEC

Hello My Data, Are You Out There?

Zao provoked infosec dystopian fury with concerns about intrusive privacy policies, but Zao was just the tip of the iceberg.

UNUSUAL JOURNEYS INTO INFOSEC

Unusual Journeys into Infosec Featuring Phillip Wylie

Learn about Philip Wylie's journey into infosec, including bear wrestling, getting shot, and overcoming some major challenges.

INFOSEC

The Problem With Infosec Recruitment

In general most people like being employed and do not like being unemployed, but hardly anyone likes looking for work.

INFOSEC

Raspberry Pi Infosec Projects

Five of my favorite infosec projects that you can easily setup yourself using the new Raspberry Pi 4 and some patience.

OSINT

Tracking The OSINT Hunter

Gathering open-source intelligence, when done properly, should be an anonymous affair, it simply will not do to leave your digital footprints behind.

INFOSEC

Twitter - The Good, The Bad & The Ugly

Twitter is a great platform for interacting with other researchers, but is also plagued with drama.

UNUSUAL JOURNEYS INTO INFOSEC

Unusual Journeys Into Infosec Featuring @J3llyPh15h

After what seems like an extremely long break we are back with another series of Unusual Journeys into Infosec.

INFOSEC

The Protonmail Ultimatum

An ultimatum has been issued, if Protonmail does not publicly renounce a partnership with Huawei, members of the infosec community will act.

INFOSEC

Ship It To Me For Free

The story of how I won my first four figure bug bounty and discovered that anything can be shipped for free if you know how.

TECHNICAL

Weak DPAPI encryption at rest in NordVPN

The NordVPN client leverages a DPAPI to save their user login credentials, but this makes the credentials vulnerable.

TECHNICAL

Backdooring My Router Firmware

I decided to backdoor the firmware on my D-Link DIR-300 Router in order to satisfy my curiosity.

INFOSEC

Cybersecurity Yoga

Yoga is an ancient practice that helps achieve balance between mind, body, and soul. Learn how to leverage yoga to improve your cybersecurity defense.

OSINT

Account Knocking For Fun and OSINT

If you have been around on the internet long enough, chances are you’ve forgotten your login to a website once or twice and had to recover the account.

OSINT

OSINT Investigations On Tumblr

We often forget about Tumblr in OSINT investigations and it is not as commonly used as some of the bigger social media platforms. Still, Tumblr offers a wealth of information for open source intelligence (OSINT) investigations.

TECHNICAL

Abusing PHP query string parser to bypass IDS, IPS, and WAF

Learn how IDS, IPS, and WAFs are vulnerable because of the design limitations of the PHP query string parser.

TECHNICAL

Introduction To Serverless Security: Part 3 - Preventing Accidental Deletion

Avoid falling victim to the pitfall of accidentally deleting your critical data when using Serverless. Learn how to enable AWS CloudFormation termination protection.

INFOSEC

How to Hunt Your Way through Bug Bounties

Getting started in bug bounties can be rough. Learn how to get started on the right path.

CYBERSEC

Zero Trust Upgrade Your Web Gateway

What I like most about this zero trust upgrade model is that I can isolate all the fucks I have to give about the malicious traffic passing through my web gateway.

INFOSEC

Balance & Stay Motivated In Infosec

Infosec is crazy, it's easy to lose perspective, learn to stay motivated and balanced in a world of dumpster fires.