Latest posts

Over the past few weeks, I’ve been asked a version of the same question by several colleagues and security-conscious peers… “How am I receiving an email that looks like it’s from my own email address? It even shows my name and domain, when I hover over the sender or look at the full message headers,…

Read more

The digital security world is bracing for a perfect storm… one where AI-powered cyberattacks are colliding with the emerging quantum threat to encryption. This isn’t theoretical anymore. From Black Hat USA 2025 to real-world breaches exploiting LLMs and legacy crypto, the writing is on the wall –> Crypto-agility is no longer a “nice to have.”…

Read more

Why the modern CISO must think like a strategist, not just a technologist In many organizations, cybersecurity is still viewed as a roadblock, the team that says “no,” slows down deployments, and overcomplicates the simple. But in a world where digital trust is currency, this outdated mindset is not just inaccurate, it’s dangerous. Security, when…

Read more

New “Man-in-the-Prompt” Attack. How Browser Extensions Are Weaponizing AI. AI platforms like ChatGPT, Google Gemini, Claude, Copilot, and others are now at risk from a growing threat vector: Man-in-the-Prompt (MitP) attacks. Unlike traditional prompt injection, this exploit involves malicious browser extensions modifying the DOM (Document Object Model) of AI interfaces to inject hidden prompts, exfiltrate…

Read more

Why I Align with Anthropic’s CEO on the Imminent Risks of AI In recent months, the tone around AI risk has subtly but noticeably shifted. The grandiose visions of AI revolutionizing everything, from productivity to medicine, still dominate headlines. But underneath the surface, those closest to the core of AI research are expressing something very…

Read more

What if reality doesn’t truly exist, until you look at it? That may sound like science fiction, but it’s a real question posed by some of the most brilliant minds in physics. At the heart of it lies a strange but undeniable fact: simply observing something appears to change it. And that leads to an…

Read more

“Everyone’s doing it.” That phrase has never been a sound cybersecurity strategy, but when it comes to AI adoption, it’s become the unofficial policy for far too many organizations. In the race to stay competitive, companies are embracing artificial intelligence tools, without fully understanding the risks. And that, in my opinion, is a ticking time…

Read more

When ransomware strikes, the first few minutes can make or break your response. Acting swiftly and methodically can contain the damage, preserve vital evidence, and prevent the attack from spreading deeper into the network. This SOC playbook outlines the critical steps to take immediately when ransomware is suspected, along with key pitfalls to avoid. Identify…

Read more

In the traditional enterprise structure, Information Technology (IT), the Security Operations Center (SOC), and the Network Operations Center (NOC) have each operated in their own distinct silos. The responsibilities have been clearly divided: IT handles infrastructure, patching, user onboarding, and core system maintenance. NOC monitors network uptime, performance, and system availability. SOC watches for threats,…

Read more

Let’s be honest, AI is the hottest acronym in the room. Vendors plaster it across their marketing. CISOs get asked about it in board meetings. And every product roadmap now includes “AI enhancements” like it’s the secret sauce to cybersecurity nirvana. But as someone managing a SOC in the real world… juggling threat intel, compliance,…

Read more