Signal is in the news and for the wrong reasons, yet again
“The human is the weakest link in the security chain.” Recent events in Washington have demonstrated this cliche with clarity. This week, we’ve all witnessed yet another high-profile security…
Pentesting a Windows Application: A Case Study
With time, pentesting develops into a somewhat predictable process. Years spent coding web applications now frequently result in web penetration testing assignments for me. While web…
Security Design Principles 101: Defense-in-Depth
In this article, we will discuss my all-time-favorite security topic: Defense-in-Depth. Encountering the secure design principle while studying for a certification was the first time I knew a…
Mitigation Strategies for Desktop and Web Applications
Lately, we’ve faced some interesting new challenges. Security layers are being implemented more frequently in the Software Development Lifecycle and this leads to issues that were not present…
Cybersecurity 101: Understanding Confidentiality, in the CIA Triad
Continuing with our cybersecurity fundamental series, we’ll explore one essential concept in cybersecurity – the CIA Triad. While the acronym might evoke thoughts of a certain…
The Mathematics Behind Password Strength: The Simple Truth
The conventional thinking about password security often misses important nuances. While common sense trained us to believe “p#4St49@!” represents the pinnacle of security, the mathematics…
DORA 2025: The Financial Sector’s New Cyber Reality
The Digital Operational Resilience Act (DORA) will apply as of 17 January 2025, marking another checkpoint in EU’s regulatory landscape. While organizations still struggle to adapt to NIS2,…
Always On Guard: The Mental Health Cost of Cyber Threat Awareness
Two years ago, I joined the cybersecurity field. I began on my own, but then pursued it as a career change, coming from development and tech lead role. What I completely did not foresee was…
The Psychology of Phishing: Why Smart People Fall for Scams
Do you know that feeling of dread when you realize you’ve clicked on a suspicious link? I know it perfectly. It has happened to me several times in the last year! The positive aspect of it is…
Offensive Security Certified Professional (OSCP): Understanding the Technical Challenge
The Offensive Security Certified Professional (OSCP) certification stands as one of the most demanding technical assessments in cybersecurity, as of today. Unlike other certifications that…