Filter by author:
Filter by tag:
Release date:
Filter by title:

Jason Chavarría
Among exposed were secrets, code and AI training data
We describe the leak and mention its causes and threats, talk about the possible security risks when using Azure SAS tokens and give advice to prevent leaks.

Andres Roldan
An OffSec Exploitation Expert review
In this post, we review the EXP-401 course and OSEE certification offered by OffSec.

Felipe Ruiz
Towards an approach that engages more than SCA and SBOM
Understand what a comprehensive software supply chain security approach should aim at and why it is crucial to implement it during your company's SDLCs.

Jason Chavarría
An interview with members of our hacking team
Members of our hacking team who took part in the International Cybersecurity Challenge tell us what the hardest part was, their recommendations, and more.

Felipe Ruiz
A brief overview of this recent EU draft regulation
Learn about the draft Cyber Resilience Act, including its purposes, obligations and penalties, before its final version comes.

Carlos Bello
What is invisible to some hackers is visible to others
Here we present in detail a vulnerability we discovered in PaperCut MF/NG v22.0.10, along with the steps to follow to replicate the exploit.

Jason Chavarría
Increase the board's cyber savvy with these reads
Boards need to gain skills to identify, assess and supervise their organizations' cyber risk-management measures. We share resources to help them on their way.

Felipe Ruiz
Soon it will be a must in cybersecurity due to NIS2
We briefly introduce the NIS 2 Directive and pay special attention to its cybersecurity training requirement for organizations' boards of directors.

Jason Chavarría
Toyota's ancient and recently disclosed data leaks
We describe the data leaks recently disclosed by Toyota Motor Corporation lasting five, eight and ten years.