2015-Feb-02 - Sudo: The most misused security tool ever

Sudo has to be the most misused security tool out there. ....


2014-Oct-26 - The S in HTTPS does not equal to a secure site

Setting up HTTPS is one of the least important things you can do to secure your site. The S in HTTPS, doesn’t really mean secure, it only means that the data is encrypted in “transit”. ....


2014-Oct-09 - Indicators of Compromised Behavior (IOCd-B)

You can not predict or control how an attacker will behave. You can not predict what tools ....


2014-Sep-03 - Shoudn’t Security Set you Free?

What comes to your mind when you think of security? Is it fences? Locks? Walls? Cages? ....


2013-Jul-08 - The attacker’s (and defender’s) disadvantage

A common challenge for defenders (the ones responsible for protecting networks and companies), ....


2013-Jun-20 - Always assume the worst

The latest NSA surveillance and PRISM news (aka Snowden leak) seems to have gotten a lot of ....


2013-Apr-19 - Using Phones/SMS as 2FA - Why I a not a believer

We often complain that TCP/IP is not secure and was not designed with security in mind. And that’s ....


2013-Apr-03 - When the metadata matters more than the data itself - Comment spam detection

I have been thinking and dealing a lot lately with comment spam. In the past, most ....


2013-Mar-16 - Sucuri CloudProxy - Not your traditional WAF

A few days ago we made public on the Sucuri blog that we were launching ....


2013-Feb-11 - base-file.com

Interesting domain being used on TDS redirections to Fake AV: ....


2013-Jan-30 - Fake jQuery

I posted in the Sucuri Labs about fake jquery sites in the past, but it seems ....


Quick Links

Social

External Projects