Calculating the Long-Term Business Cost
API attacks can be costly. Really costly. Obvious financial impacts like legal fines, stolen finances, and incident response budgets can run into the hundreds of…
Category: Mix
The cyber threat landscape part 1: Enhancing cybersecurity strategies
The world continues to witness a dramatic transformation in the cybersecurity landscape. The demand for effective, global threat intelligence intensifies as geopolitical and economic shifts…
10 practical tips for beginners
Capture The Flag (CTF) challenges are fun to play, form a powerful training ground and help drastically develop your hacking skills. CTF competitions come in…
Expanding Capabilities and Attack Surfaces
AI and APIs have a symbiotic relationship. APIs power AI by providing the necessary data and functionality, while AI enhances API security through advanced threat…
Unlocking Engagement with Employee Feedback
Since 2018, HackerOne has maintained an employee engagement survey participation rate of over 80%, with half of the surveys achieving 90% or more participation. The…
Top 4 new attack vectors in web application targets
We all like to find vulnerabilities in bug bounty programs, they get us bounties, increase our ranks on platform leaderboards and help us stay motivated…
Final Thoughts on the 2024 Election
I have some interesting thoughts going into the big day tomorrow, and I wanted to try to capture them concisely. The best overview debate (Harris…
Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale
In a concerning trend, cybercriminals are leveraging DocuSign’s APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively…
Exploring OWASP Noir’s PassiveScan | HAHWUL
Detecting Secrets with Noir – The PassiveScan Advantage Hello, security enthusiasts! Today, we’re diving into the exciting new features of OWASP Noir v0.18, particularly focusing…
Fixing Ubiquiti WiFi Roaming
The three settings I had to enable to get proper WiFi roaming The problem I’m a massive fan of Ubiquiti stuff, but even after upgrading…
TIL you can Import CSV files into Google Calendar
Today I learned that Google Calendar has a really useful CSV import feature that lets you bulk-import events. This is particularly handy if you mapped…
Who Should Own AI Risk at Your Organization?
In this blog, we’ll explore who is and should be accountable for AI risk within organizations and how to empower them to take this significant…