PinnedSzilárd PfeifferinSystem WeaknessNo Zero Trust Network without Strong AuthenticationWhile there is no one definition for Zero Trust architecture, the major tenets of the approach, as described by CISA, make clear that…Nov 12, 2022Nov 12, 2022
PinnedSzilárd PfeifferHow would Zero Trust prevent a Log4Shell attack?There is a seemingly trivial solution to any remote code execution attacks, namely: not to let the inbound traffic match the pattern that…Feb 11, 2022Feb 11, 2022
PinnedSzilárd PfeifferCryptoLyzer: A comprehensive cryptographic settings analyzerCryptoLyzer is a multiprotocol cryptographic settings analyzer with SSL/TLS, SSH, and HTTP header analysis ability.Dec 26, 2021Dec 26, 2021
PinnedSzilárd PfeifferinSystem WeaknessModern Techniques to Prevent Malware instead of Detecting ItThough we would not argue against the importance of detecting malware, there should also be a cheap and effective step before detection…Jan 18, 2022Jan 18, 2022
Szilárd PfeifferinSystem WeaknessBitcoin account hijacking using OSINT techniquesResearchers at Kudelski Security have managed to break Bitcoin and Ethereum wallets using a novel attack against one of the most popular…Mar 16, 2023Mar 16, 2023
Szilárd PfeifferThe internet: where everybody is your neighborThe internet is not as big as you might think. Until IPv6 arrives, there are fewer than 4 billion IPv4 addresses. In theory, it would be…May 11, 2022May 11, 2022
Szilárd PfeifferZero Trust: Is it anything new?What are the theories and practices and why they are so important? Let’s take a look.Sep 20, 2021Sep 20, 2021
Szilárd PfeifferCryptography Weakening: A Tale of the Law-abiding CriminalThe EU Council says backdoor and security are compatible. The idea is fundamentally flawed.Feb 24, 2021Feb 24, 2021
Szilárd PfeifferWhy Do Certificate Revocation Checking Mechanisms Never Work?The certificate revocation system, just like any other cyber security mechanisms is needless, as long as everything is going well, but…Sep 8, 2020Sep 8, 2020