Tag

Credential Theft

Posts exploring how attackers steal usernames, passwords, and authentication tokens through phishing, keylogging, brute force attacks, and credential stuffing. Includes actionable guidance on multi-factor authentication, password managers, and monitoring for compromised credentials.

posts

Security in Cloud Computing

Security in Cloud Computing: What Goes Wrong in 2026

A Single Checkbox Left 540 Million Facebook Records Exposed Back in 2019, researchers at UpGuard discovered that two third-party Facebook app developers had stored more than 540 million user records on Amazon S3 buckets with no access restrictions. Not encrypted. Not firewalled. Just sitting there, publicly readable, because someone didn&

Carl B. Johnson Jul 09, 2026 6 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In January 2024, security researchers at Checkmarx uncovered a massive man in the middle attack campaign targeting the Python Package Index (PyPI), where threat actors intercepted developer credentials and injected malicious code into software supply chains. The attack went undetected for months. This wasn't some exotic nation-state operation

Carl B. Johnson Jul 05, 2026 6 min read
VPN Best Practices

VPN Best Practices: What Actually Protects You in 2026

In early 2024, Ivanti disclosed critical vulnerabilities in its Connect Secure VPN that were already being actively exploited by threat actors — including nation-state groups. CISA issued an emergency directive ordering federal agencies to disconnect affected devices within 48 hours. If that doesn't make you rethink your VPN best

Carl B. Johnson Jul 05, 2026 5 min read
Password Manager

Why Use a Password Manager: Stop Reusing Passwords

The Breach That Started With One Reused Password In 2023, a single employee at Norton LifeLock's parent company, Gen Digital, reused a personal password across multiple accounts. Attackers used credential stuffing to compromise nearly 925,000 customer accounts. One password. Nearly a million victims. If you've

Carl B. Johnson Jul 02, 2026 5 min read
Remote Work Cybersecurity Tips

Remote Work Cybersecurity Tips That Actually Work

Your Home Office Is Now the Attack Surface In 2023, a single remote employee at MGM Resorts answered a social engineering call from a threat actor impersonating IT support. That one interaction led to a ransomware attack that cost the company over $100 million in losses. The attacker didn'

Carl B. Johnson Jul 01, 2026 5 min read