Cloudflare Hijacked my Ghost(Pro) Domain
Cloudflare will gladly delegate any of your domains that are pointing to any SaaS provider hosted on their platform. In this article I show how to take back control
Analyzing Data from a Public-Facing Honeypot
What happens if you setup a badly password protected server on the public internet without telling no one? How much time would it take before a botnet would try to hijack it?
Implications of Privacy and Encryption on Smart Devices
In the recent past, there have been numerous debates on the privacy of personal data in devices like smartphones and laptops as well as on online sites like Facebook and Google.
Bypassing Active Directory Group Policy
Networks that run with users as local administrators have no way to enforce policies on their organization's computers. In this post, I show how and why.
Never accept an MDM policy on your personal phone
With BYOD, companies are more than ever keen on protecting their data. MDM tools, like Google Apps, do more than that; they invade your privacy.
Inspecting the Meltdown and Spectre CPU Vulnerabilities
A CPU predicts you will walk into a bar, you do not. Your credit card has been stolen. The drinks are 30% more expensive. (Oh, and the bartender was insider trading)
Using Subresource Integrity (SRI) with Public CDNs
Public CDNs are awesome; they are fast and free, but it means that third parties have control of stuff that run on your site. What if the CDN is compromised?
On HSTS
What is HSTS? How does it protect your web host from SSL Stripping Man In The Middle attacks? How can you implement it?
Enabling Windows' DNS Server to Validate DNSSEC
DNSSEC is a suite of specifications for securing DNS. How do you enable your Windows DNS Server to Validate DNSSEC?
Introduction to the Diffie-Hellman Key Exchange
How can Alice and Bob agree on a secret, without having any prior knowledge of each other, over the Internet and with Eve listening in on the conversation?
Petya Ransomware Defeated
Petya is a new variant of ransomware, first seen in March 2016 that encrypts your entire hard drive. Learn how to reverse it and get your data back.
Protecting against Encrypting Ransomware
Encrypting Ransomware is one of the biggest threats in 2016, both for personal computers, your corporate IT and enterprise infrastructure. How can you mitigate and minimize your attack vectors?
Today is World Backup Day; don't be an April Fool!
March 31st is World Backup Day. Even though, everyday should be World Backup day, today we discuss some important backing up techniques and tips to hopefully raise some awareness