PinnedSzilárd PfeifferinSystem WeaknessNo Zero Trust Network without Strong AuthenticationWhile there is no one definition for Zero Trust architecture, the major tenets of the approach, as described by CISA, make clear that…9 min read·Nov 12, 2022----
PinnedSzilárd PfeifferHow would Zero Trust prevent a Log4Shell attack?There is a seemingly trivial solution to any remote code execution attacks, namely: not to let the inbound traffic match the pattern that…6 min read·Feb 11, 2022----
PinnedSzilárd PfeifferCryptoLyzer: A comprehensive cryptographic settings analyzerCryptoLyzer is a multiprotocol cryptographic settings analyzer with SSL/TLS, SSH, and HTTP header analysis ability.7 min read·Dec 26, 2021----
PinnedSzilárd PfeifferinSystem WeaknessModern Techniques to Prevent Malware instead of Detecting ItThough we would not argue against the importance of detecting malware, there should also be a cheap and effective step before detection…25 min read·Jan 18, 2022----
Szilárd PfeifferinSystem WeaknessBitcoin account hijacking using OSINT techniquesResearchers at Kudelski Security have managed to break Bitcoin and Ethereum wallets using a novel attack against one of the most popular…6 min read·Mar 16, 2023----
Szilárd PfeifferThe internet: where everybody is your neighborThe internet is not as big as you might think. Until IPv6 arrives, there are fewer than 4 billion IPv4 addresses. In theory, it would be…5 min read·May 11, 2022----
Szilárd PfeifferZero Trust: Is it anything new?What are the theories and practices and why they are so important? Let’s take a look.9 min read·Sep 20, 2021----
Szilárd PfeifferCryptography Weakening: A Tale of the Law-abiding CriminalThe EU Council says backdoor and security are compatible. The idea is fundamentally flawed.12 min read·Feb 24, 2021----
Szilárd PfeifferWhy Do Certificate Revocation Checking Mechanisms Never Work?The certificate revocation system, just like any other cyber security mechanisms is needless, as long as everything is going well, but…18 min read·Sep 8, 2020----