PinnedPublished inSystem WeaknessSecurely using the JDBC connector with SQLBest practices for writing a clean, custom interface, that mitigates against SQL Injection and other vulnerabilities.Oct 1, 2022Oct 1, 2022
PinnedLog4sHell: Impact and Remediation StepsSince the Log4j vulnerability (CVE-2021–44228)was disclosed to the public on Dec 9, 2021, the cyber community has been scrambling. We were…Dec 15, 2021Dec 15, 2021
PinnedWhat is the difference in Single Sign-On (SSO) and Pass Through Authentication (PTA)?Googled this question and had no luck, so ChatGPT and I wrote our own…Feb 17, 20231Feb 17, 20231
Published inCodeXTuesday Morning Threat Report: Mar 25, 2025Attackers target a severe Apache Tomcat vulnerability, Google buys Wiz for $32 billion, and nation-state hackers target a Microsoft…6d ago6d ago
Published inInfoSec Write-upsTuesday Morning Threat Report: March 18, 2025X suffers an outage from a DDoS attack, malware hosted on GitHub infects millions, and Chinese hackers breach utilities in MassachusettsMar 18Mar 18
Tuesday Morning Threat Report: Mar 11, 2025AI cheats when it is put under pressure to win, the UK investigates Reddit, and Google tracks people with Android apps they never openMar 11Mar 11
Published inCodeXTuesday Morning Threat Report: Mar 4, 2025US spies lose their jobs over explicit chats on secure channels — and Google is ditching SMS for MFA!Mar 4Mar 4
Published inInfoSec Write-upsTuesday Morning Threat Report: Feb 25, 2025Apple removes advanced encryption in the U.K. and OpenAI bans accounts being used for mass surveillanceFeb 25Feb 25
Tuesday Morning Threat Report: Feb 18, 20252.7 billion IoT records leak, DOGE gets hacked, and Google works on new Android features to thwart scammersFeb 18Feb 18
Tuesday Morning Threat Report: Feb 11, 2025The Homeland Secretary gives Apple a secret order to let the U.K. surveil all iCloud backups globally and ex-Google AI thief tried in…Feb 11Feb 11
