Apache ActiveMQ RCE CVE-2026-34197 Exploited in Wild
CVE-2026-34197 ActiveMQ RCE added to CISA KEV, ZionSiphon targets water ICS/OT, Sapphire Sleet hits macOS via ClickFix
Posts
Firmware Rootkit: The Malware That Survives a Full OS Reinstall
Technical analysis of UEFI/firmware rootkits: LoJax, MoonBounce, CosmicStrand, and BlackLotus. Detection with chipsec, TPM attestation, and Secure Boot …
Security Compliance Cheat Sheet: NIST, ISO 27001, SOC 2, PCI DSS
Quick-reference comparison of NIST CSF, ISO 27001, SOC 2, and PCI DSS for Solutions Engineers — decision tree, framework breakdowns, and real pre-sales …
SIEM Replacement: How Agentic AI Changes Security Operations
In 2022, the median time between initial access and the secondary threat hand-off was 8 hours. At RSAC 2026, Mandiant put the new number on the main stage: 22 s
BGP Hijacking: How Attackers Reroute the Internet Itself
Deep dive into BGP hijacking mechanics, real incidents including the 2018 AWS Route 53 attack, RPKI/ROA validation, BGPStream monitoring, and prefix filtering …
Cisco ISE & Webex RCE Patched — CVE-2026-20184
Cisco patches CVE-2026-20184 in ISE/Webex, nginx-ui CVE-2026-33032 exploited in the wild, SAP CVSS 9.9 SQL injection, PowMix botnet exposed
How to Whiteboard a Zero Trust Architecture in 10 Minutes
Step-by-step guide for Solutions Engineers to whiteboard a Zero Trust Architecture in customer meetings — the 5 pillars, drawing sequence, and vertical-specific …
Microsoft April 2026 Patch Tuesday — SharePoint 0-Day
Microsoft patches 167 flaws including exploited CVE-2026-32201 SharePoint zero-day. n8n phishing abuse, fake Ledger app, Mirax RAT proxy botnet.
MITRE ATT&CK Framework Explained for Solutions Engineers
A practical guide to MITRE ATT&CK for Solutions Engineers — how to use the framework in customer conversations, RFP responses, and product positioning.
Pass-the-Hash: Why Stealing the Hash Is Just as Good as the Password
Technical deep dive into Pass-the-Hash attacks: NTLM flow, LSASS extraction with Mimikatz, lateral movement with Impacket and CrackMapExec, and defenses …