An “interesting” part when working with APIs or runtime environments like containers is of course credential management. Somehow you have … More “Stealing the environment” – Insecure password injection in scripts and containers via environment variables
It’s very useful to be able to quickly perform some subnetting when given an IP address with its CIDR – … More Subnetting quick & easy
A network engineer recently asked me why VLAN hopping via a double tagging attack is considered dangerous – after all, … More Making a unidirectional double tagging VLAN hopping attack bidirectional
When it comes to typing Chinese characters on a computer, one has to decide if simplified characters should be used, … More Counterintuitive traditional Chinese input on Windows
According to the “rice farming theory“, societies that traditionally sustained on rice were collectivist societies, while wheat farming gave rise … More How fast does a society become individualistic?
Yes, cloud computing is not a new thing. Yes, it has been written many times before if the cloud is … More Is “the cloud” secure?
In one of my last posts, I wrote about attribution in cybersecurity, i.e. ways to find out who was behind … More Finding & Attributing Malicious Command & Control Servers
I recently had a look at the security assessments of different well-known cloud providers and found some interesting discrepancies. It … More Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)
While we are getting used to hearing news on a daily basis about hacking attacks, much less do we read … More Who the hæck?Attribution in cybersecurity
As I wrote in my last post on lateral movement, using AppLocker or Software Restriction Policies (SRPs) to avoid the … More SRPs block malware, but what if things stop working?