OSI Network Model: Simple Explanation of Layers
Currently, the main model used in most network interactions is TCP/IP. It is simpler, more compact, and widely used. But here’s the catch: in any serious certification,…
Cybersecurity: Protecting Your Digital World
Understanding Cyber Threats and How to Mitigate Them
AI attacks, AI defends: how to use neural networks in information security
Hello! We share with you the material prepared by Roman Strelnikov — head of the information security department at Bitrix24. Roman is the person who controls everything…
The first large-scale MCP security study: what the analysis of 1,899 publicly accessible servers revealed
Model Context Protocol is rapidly becoming the de facto standard for interaction between AI agents and external tools. The statistics are impressive: as of May 2025,…
![How a Designer’s Stolen Passwords Nearly Tanked a Startup [MITRE: T1078 — Valid Accounts]](https://cdn.tekkix.com/assets/image-cache/w_1000h_625q_90/77/jpg/2025/04/c0c6e4f15f610e2a1d3502225ce59c2ecc05e85a.47d520d6.webp)
How a Designer’s Stolen Passwords Nearly Tanked a Startup [MITRE: T1078 — Valid Accounts]
Incident Description: The attacker uses stolen credentials to access the company’s server, website, or cloud.
Let's still make it until the May holidays: what is important to do so that the "long" weekend is not overshadowed by cyberattacks
Holidays, public holidays, any "extra" days off - this is an opportunity for attackers to try to launch an attack. The attackers' calculation is simple: the fewer "defending"…
IDOR & UUIDs for PII Leakage
Hello, today I will share with you another report. The vulnerability we will discuss is IDOR. Using it, I was able to expose personally identifiable information (PII…
"The point is not in the muse and inspiration. The point is in labor." An honest interview with Alexey Lukatsky about the pros and cons of book writing
Hello! Today we decided to remind tekkix readers that Positive Technologies not only research vulnerabilities, write research papers, and develop software for protection…
Detection is easy. Installing OPNSense and configuring NetFlow
Continuing the series of articles. - Detection is easy, dedicated to Detection engineering, which I write about in the Telegram channel of the same name. Today we will…
ONCE AGAIN ABOUT THE GREAT BORDER between matter and consciousness
According to an ancient tradition, the roots of which even old-timers with advanced amnesia do not remember, before the New Year, one wants to say something significant…
Evolution of NGFW in Russia on the example of UserGate. Interview with UserGate NGFW Development Manager Kirill Pryamov
There was already an interview on tekkix about Next Generation Firewall from Solar, which touched on the technical aspects of developing such solutions. There was also…
OSINT. Now what is the buzz about?
We at IDX, a company engaged in legal personal data verification, are naturally interested in everything related to PD, even if it goes beyond our operational activities.…
Five trends in Russian IT for 2025: from taxes to AI
As stereotypical and annoying as this approach may seem, at the end of the year I sit down and determine for myself a list of priority areas that make sense to observe…
Positive Technologies: «We invented it ourselves, paid for it ourselves, produce it ourselves, and suffer ourselves». How PT NGFW was created
I have already done material on domestic NGFW from one of the cyber security companies, so I decided to continue the practice and talk about other NGFWs. And in May 2024…
UserGate 7: test results + migration from old versions
In this article, I will talk about a relevant issue for many — migration from UserGate 6 to version 7. After the departure of foreign developers from the Russian market,…
Mobile Device Security: Interview with a Positive Technologies Expert
Recently, the head of the advanced technologies department of Positive Technologies, Nikolai Anisenya, visited the AUTHORITY channel.
Shadowsocks,OpenVPN,Vmess, VLESS: which protocol will win in the era of digital censorship?
In the modern internet, many face the question of how to bypass blocks and protect personal data. And, while VPN applications are well-known, solutions like Shadowsocks,…
How to hunt security professionals
In the life of every HR, sooner or later, HE appears... Security professional! And how to approach hunting people for this position is usually unclear.
