The Difference Between CSRF and Clickjacking
This might be obvious to those most familiar with CSRF and Clickjacking, but for those just getting a handle on it, here’s a short explanation…
Category: Mix
The Republicans Have Deliberately Chosen to Campaign on Emotion Rather Than Issues
It’s not that their logical arguments are slightly more emotional than democratic logical arguments; they’re actually purposely avoiding logic altogether. Emotion is simply far more…
Did You Know Notepad Could Do This?
Yeah, that Notepad. It has a feature that few know about, and I’m not talking about word wrap. You can actually use it as a…
Facism: “I Don’t Think That Word Means What You Think It Means.”
Many, especially in the blogsphere, are fond of saying, “This country is becoming fascist.” Or, “We’re on a path to fascism.” That sounds cool, and…
The Last Line of Defense Against Growing Cyber Threats
Every year, the number of vulnerabilities discovered and recorded increases. The sheer volume of vulnerabilities makes it impractical for organizations to patch everything, which is…
My Preferred Definition of Security
There is much debate in the information security world regarding the proper definition of security. I have seen dozens of definitions over the years, but…
The Original Sin Was Committed by God, Not Man
When debating someone who believes in the fundamental components of the Christian narrative, i.e. the choice by man to eat the apple, the fall, original…
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542)
In late 2023, we’ve discovered and coordinated a quite interesting vulnerability affecting the Emarsys SDK for Android versions 3.6.1 and below with the respective vendor,…
The Principles of Secular Humanism
Many of my friends who are still somewhat religious despite being freethinkers see the benefits of rejecting ideologies that are untrue, but they wonder what…
The Simple, Effective Way to Track What’s Said About You on the Internet
You don’t have to be an ego-freak to wonder if others are talking about you online. Egosurfing, i.e. the act of looking yourself up in…
Preventing Resource Exhaustion and Unauthorized Access
Agentic AI is transforming business. Organizations are increasingly integrating AI agents into core business systems and processes, using them as intermediaries between users and these…
End of an Era: It’s Time to Stop Making Fun of Microsoft Security
A lingering feeling that I’ve had for roughly the last year was solidified for me last week at Blackhat/DEFCON. Making fun of Microsoft’s security program…