A blue-team walkthrough of the CyberDefenders Openfire challenge using Wireshark and Zui: recovering the CSRF token and credentials, tracing the malicious plugin upload and reverse shell, and identifying the exploited CVE.
A host-based forensics walkthrough of the ShadowCitadel challenge: following the attack from a malicious email attachment through a PowerShell downloader and second-stage executable to the C2 beacon IP and persistence mechanisms.
Preventing prompt injection and token abuse in LLM integrations: a Chrome-extension example attack, then defenses including input validation, narrow prompts, output filters, token limits, rate limiting, and LangChain for pre/post-processing and usage tracking.
A blue-team walkthrough of the CyberDefenders XLMRat challenge: tracing the first-stage download URL and hosting provider from the PCAP, hashing the loader and executable payloads, and identifying the malware family and the LOLBin used for stealthy execution.
A blue-team walkthrough of the CyberDefenders BlueSky ransomware challenge: analyzing the PCAP to find the port-scan source IP, the targeted account, C2 process injection, the downloaded payload, and the registry keys used to disable Windows Defender.
A blue-team walkthrough of the CyberDefenders DanaBot challenge: using PCAP and threat intel to trace the initial-access IP, identify the malicious files and their SHA-256/MD5 hashes, and the process used to execute the banking trojan.
Practical, non-boring takeaways from NIST SP 800-190 for container security: image scanning and vulnerability management, controlled image provenance, least-privilege runtime restrictions, network segmentation, runtime threat detection, and host-OS hardening.
What passkeys are and why they are more secure and convenient than passwords: how the public-key authentication works, its security and usability advantages, and a quick guide to start using passkeys on iPhone and Mac.
Why software bills of materials (SBOMs) matter for security teams, managers, and developers, how to win management buy-in, and a short hands-on demo generating an SBOM in a GitLab CI pipeline.
A first look at OWASP SAMM for answering “is my business secure?”: why the answer is hard for small businesses, what SAMM covers, its maturity levels, and where to start implementing it.