Ideas, Observations & Stories in Cybersecurity
Introduction In the previous post, we covered indirect prompt injection — where an attacker embeds malicious instructions inside documents your RAG pipeline retrieves. By itself, that’s already a serious problem. But what happens when your system isn’t a single AI assistant? What happens when it’s a network of autonomous agents — each specializing in a…
Introduction If you’ve been following this series, you already know what prompt injection is and why it’s dangerous. But direct prompt injection — where a user manipulates the model through the chat interface — is only the tip of the iceberg. Indirect prompt injection is where things get really scary for enterprise applications. And nowhere…
If you’ve been in application security for any amount of time, you’ve seen this pattern before. A new technology arrives. Developers adopt it fast. Security teams scramble to catch up. And in the gap between adoption and understanding, attackers find a comfortable home. We saw it with cloud misconfigurations. We saw it with GraphQL. We’re…
Every organization today claims to follow a Secure SDLC. And yet, vulnerabilities still reach production — not rarely, but routinely. Not exotic zero-days. Not nation-state exploits. But basic, structural flaws that should never have existed in the first place. So the uncomfortable question is not whether Secure SDLC exists.It’s whether it actually works the way…
After completing CSSLP, I wanted to take a step beyond technical depth and build leadership skills — GSLC was a natural choice, and here I am after successfully clearing the GIAC Security Leadership (GSLC) certification. GSLC is not just another cybersecurity certification. It is a leadership-focused credential designed to validate a security professional’s ability to…
When I saw the “Pass” result for the CSSLP exam, my first reaction wasn’t excitement. It was relief. And then — clarity. CSSLP wasn’t just another certification to add to my profile. It was a mirror held up to my career, forcing me to confront how often security is treated as an afterthought, a patch,…
Introduction We will move our discussion ahead from our last topic on Ransomware and will go through a ransomware Akira. In the crowded and ever-evolving ransomware landscape, Akira has quickly established itself as one of the most disruptive players. Emerging in March 2023, Akira targets organizations with a double extortion playbook — exfiltrating sensitive data…
Introduction Ransomware has evolved from being a nuisance for individual computer users to one of the most damaging threats to modern organizations.It’s not just about encrypting files anymore — the latest ransomware operations have become full-fledged criminal enterprises, combining data theft, extortion, and public shaming into a single high-pressure attack model. In this blog, we’ll…
Introduction We have discussed in the previous post regarding the introduction, basically Insecure deserialization is a critical vulnerability that often lurks in legacy systems and internal applications. Serialization and deserialization are foundational operations in modern software development, enabling communication between systems, data storage, and object persistence. However, improper use of deserialization—particularly with unsafe serializers like…
In the realm of cybersecurity, one vulnerability that continues to haunt developers and security professionals alike is insecure deserialization. This seemingly innocuous process, crucial for transferring data between systems, harbors a myriad of risks when implemented carelessly. We delve deep into the intricacies of insecure deserialization, uncover its potential threats. I will also demonstrate practical…
