↓Skip to main content

Public Exposure/
Posts/

Posts

All write-ups in this blog on cyber security organized by date of publication.

Forgotten Protocol Chronicles: Do Not Underestimate the Installed Base

13 February 2024·1119 words·6 mins

by: John Kristoff

John Kristoff examines the risk involved in forgotten, yet active protocols hidden in plain sight through two case studies.

Exposed pfSense - Yet Another Management Interface Examined

9 January 2024·1036 words·5 mins

by: Lari Huttunen

Exposed management interfaces, such as the pfSense Web UI endanger the confidentiality, intergrity and availability of the whole networks they protect.

End-of-Life Components - the Acedia of Information Technology

12 December 2023·1148 words·6 mins

by: Lari Huttunen

Combatting Internet security issues starts with tackling obsolescence -- a key culprit often rooted in human laziness. — Combatting Internet security issues starts with tackling obsolescence – a key culprit often rooted in human laziness.

Cyber Situation Awareness is Broken

14 November 2023·1113 words·6 mins

by: Jouni Ihanus

An introduction into the basic concepts of Cyber Situation Awareness, CSA, which highlights cyber situational awareness issues and research topics.

The Case for Including Traffic Analysis into Your Threat Model

10 October 2023·1750 words·9 mins

by: [Erno Kuusela][erno]

It is important to come up with protections against traffic analysis, which is not just a privacy concern but also a security threat.

Cyber Warrior: Who is Behind the Cyber Shield?

12 September 2023·1114 words·6 mins

by: Agnė Brilingaitė

How to investigate cybersecurity workforce or personal development from the perspective of information technology, psychology and human genomics.

Tilting at Wind Farm Portals - a Modern Day Quixotic Challenge

8 August 2023·1046 words·5 mins

by: Lari Huttunen

A story of a lone vulnerability researcher's quest to get each publicly exposed Nordex wind farm management portal out of the Internet. — A story of a lone vulnerability researcher’s quest to get each publicly exposed Nordex wind farm management portal out of the Internet.

Woocommerce with Wordpress - a Woe in its Own Right

11 July 2023·2026 words·10 mins

by: Lari Huttunen

Navigating the Challenges of WooCommerce: Unveiling the intricacies of this widely-used ecommerce platform. Understand the complexities involved in building and managing online stores effectively.

Robot vs. Robot - May the Best AI Win

13 June 2023·1059 words·5 mins

by: Mikko Hyppönen

Mikko Hyppönen from WithSecure reflects on the evolution of fighting cybercrime from the early days to the present and beyond.

Case VMware: Why Tracking Your External Attack Surface is Critical?

9 May 2023·1223 words·6 mins

by: Lari Huttunen

To exemplify why defense in depth is essential, we examine a batch of VMware vulnerabilities exploited by ransomware operators.

←
1
2
3
4
→