The Hidden Threat After Login: Understanding Session HijackingYou did everything right. You turned on multi-factor authentication (MFA). You use strong passwords. Maybe you even switched to passkeys. So how did an attacker still get into your email? The answer iMay 25, 2026·6 min read
AWS Bottlerocket: Reinventing Container Security and Efficiency for Modern WorkloadsFeb 20, 2025·5 min read
Leveraging Steampipe and the AWS Plugin for Security and ComplianceIn today’s cloud-first environment, ensuring your AWS infrastructure is secure and compliant is more critical than ever. Manual audits simply can’t keep pace with the rapid growth and complexity of cloud resources. Steampipe—an open-source tool that ...Feb 2, 2025·6 min read
Beware the New Cyber Scam Involving “Free” or Discounted Phones and SIM CardsCybercriminals are always inventing new ways to deceive unsuspecting individuals. A recent wave of fraud involves victims receiving a phone that appears free or heavily discounted—but is actually pre-loaded with malicious software. In many cases, sca...Jan 27, 2025·5 min read
Managing CVE Data Locally with CVE Database ManagerIntroduction In the cybersecurity landscape, keeping track of vulnerabilities is crucial for maintaining secure systems. The Common Vulnerabilities and Exposures (CVE) list is a comprehensive catalog of such vulnerabilities. However, using public API...Aug 4, 2024·3 min read
The Ripple Effect of CrowdStrike's Update: Industry Perspectives and Future SafeguardsIntroduction: Understanding the Scale and Impact I want to make it clear that I am not trying to criticize or undermine CrowdStrike as a company. I genuinely appreciate their cybersecurity products and their significant contributions to the security ...Jul 28, 2024·7 min read
Security Best Practices for Amazon EC2Only use encrypted EBS volumes. Encrypt your data, snapshots, and disk I/O using the AWS KMS AES-256 algorithm. Activate your VPC Flow Logs. Collect IP traffic from and to the network interfaces in your VPCs for further analysis. Protect your EC2 Key...Feb 24, 2024·3 min read
Secure SDLC: Essential Password Security Practices and BeyondIn today's ever-evolving threat landscape, robust password security isn't optional – it's the foundation of any responsible cybersecurity strategy. Lax password practices create convenient openings for malicious actors, potentially compromising sensi...Feb 24, 2024·3 min read
