Top infosec news for March 2025
Hello everyone! Time to refresh your memory on the key information security events from last month. The main one, undoubtedly, was Signalgate involving top U.S. officials,…
Security - Articles for the year 2025
Read interesting articles and reviews for the year 2025. Analysis of key events in the "Security" sector
How a Former Employee Transferred Data to Competitors
In the small company TechnoSoft, which specialized in business automation software, a Friday evening seemed ordinary. The sales manager—a young, attractive girl with…
April Fools' joke that almost got me fired
Everyone should play one great joke at least once in their life. In this article, I will talk about mine. The story is true, only the names have been removed to protect…
How the call for papers at OFFZONE works: from submission to presentation
Getting to OFFZONE as a speaker is not the easiest task. Every year we get questions: how does the CFP work? which topics are better to choose? how to submit an application…
IDOR & UUIDs for PII Leakage
Hello, today I will share with you another report. The vulnerability we will discuss is IDOR. Using it, I was able to expose personally identifiable information (PII…
How to Protect Wealth Using IT and "Hostile" Interfaces?
A good interface should help the user. But what if I say that sometimes a good interface should hinder them?
Anomaly detection and leak prevention — how signature-based analysis helps detect internal threats
Hello, tekkix! My name is Alexander Shcherbakov. I will tell you how Privileged Access Management systems help control the actions of privileged users with the help of…
Codeby.Games. CTF TASK «ТЕТРИС»/«TETRIS»
Welcome to all CTF and ethical hacking enthusiasts on the Red Team! In this article, we will look at how to complete the easy task TETRIS, developed by pentesters from…
We hacked Google Gemini and downloaded its source code
In 2024, we released a post We Hacked Google A.I. for 50,000, which described how our group consisting of Roni “Lupin” Carta, Joseph “rez0” Tacker, and Justin “Rhynorater”…
In Windows, an 8-year security flaw has been discovered that Microsoft does not want to fix
Ignoring vulnerabilities in operating systems or other software products is fundamentally an unimaginable situation. On the contrary, developers always strive to find…
Overview and market map of ML protection platforms
Security Vision
Exploring the "malicious" RJ45 flash drive
Reverse engineering hardware can be very challenging — but sometimes all it takes is a cozy chair and Google Translate.
"The point is not in the muse and inspiration. The point is in labor." An honest interview with Alexey Lukatsky about the pros and cons of book writing
Hello! Today we decided to remind tekkix readers that Positive Technologies not only research vulnerabilities, write research papers, and develop software for protection…
Prepare your applications, this is a security audit
Hello, tekkix! My name is Yura Petrov, I am the head of development at Friflex and the author of the channel "Mobile Developer".
Detection is easy. Installing OPNSense and configuring NetFlow
Continuing the series of articles. - Detection is easy, dedicated to Detection engineering, which I write about in the Telegram channel of the same name. Today we will…
My first Standoff, or How I looked over the shoulder of a cyber attack investigator
Hello everyone! My name is Sasha Korobko, I have been working at Positive Technologies for more than a year and I am already actively involved in the processes of various…
Debugging the server for the little ones. Introduction
There are people who start thinking about privacy/confidentiality on the vast Internet or already practice it. There are those who do not want to pay for services and…
