IDOR & UUIDs for PII Leakage
Hello, today I will share with you another report. The vulnerability we will discuss is IDOR. Using it, I was able to expose personally identifiable information (PII…
Cybersecurity: Protecting Your Digital World
Understanding Cyber Threats and How to Mitigate Them
"The point is not in the muse and inspiration. The point is in labor." An honest interview with Alexey Lukatsky about the pros and cons of book writing
Hello! Today we decided to remind tekkix readers that Positive Technologies not only research vulnerabilities, write research papers, and develop software for protection…
Detection is easy. Installing OPNSense and configuring NetFlow
Continuing the series of articles. - Detection is easy, dedicated to Detection engineering, which I write about in the Telegram channel of the same name. Today we will…
ONCE AGAIN ABOUT THE GREAT BORDER between matter and consciousness
According to an ancient tradition, the roots of which even old-timers with advanced amnesia do not remember, before the New Year, one wants to say something significant…
Evolution of NGFW in Russia on the example of UserGate. Interview with UserGate NGFW Development Manager Kirill Pryamov
There was already an interview on tekkix about Next Generation Firewall from Solar, which touched on the technical aspects of developing such solutions. There was also…
OSINT. Now what is the buzz about?
We at IDX, a company engaged in legal personal data verification, are naturally interested in everything related to PD, even if it goes beyond our operational activities.…
Five trends in Russian IT for 2025: from taxes to AI
As stereotypical and annoying as this approach may seem, at the end of the year I sit down and determine for myself a list of priority areas that make sense to observe…
Positive Technologies: «We invented it ourselves, paid for it ourselves, produce it ourselves, and suffer ourselves». How PT NGFW was created
I have already done material on domestic NGFW from one of the cyber security companies, so I decided to continue the practice and talk about other NGFWs. And in May 2024…
UserGate 7: test results + migration from old versions
In this article, I will talk about a relevant issue for many — migration from UserGate 6 to version 7. After the departure of foreign developers from the Russian market,…
Mobile Device Security: Interview with a Positive Technologies Expert
Recently, the head of the advanced technologies department of Positive Technologies, Nikolai Anisenya, visited the AUTHORITY channel.
Shadowsocks,OpenVPN,Vmess, VLESS: which protocol will win in the era of digital censorship?
In the modern internet, many face the question of how to bypass blocks and protect personal data. And, while VPN applications are well-known, solutions like Shadowsocks,…
How to hunt security professionals
In the life of every HR, sooner or later, HE appears... Security professional! And how to approach hunting people for this position is usually unclear.
The dark side of IT: sinister stories about passwords, stinginess, and DDoS
When spirits come into our world and magic becomes not just a myth, but something real, anything can happen. For example, all servers suddenly overheat, smoke, and users…
Nose to the wind: how our DNS sniffer helps find Blind vulnerabilities
Hello everyone! In the blog of the Solar 4RAYS Cyber Threat Research Center, we continue to share the results of incident investigations, useful tools for information…
Profiling: comparing pt-pmp and perf tools on real examples
Hello, tekkix! In the previous article, the primary analysis of the application was discussed, which tools should be used to collect information and how to work with…
25,000 spectators, 6,000 solo participants, and 138 teams in cyber exercises — how CyberCamp 2024 went
A few days ago, we held the main online camp on practical cybersecurity for the third time — CyberCamp 2024. It took place from October 3 to 5 online. Over the course…
Ladybug in action. How to find vulnerabilities in Android and get into the top white hackers of Google
It is no secret that bug hunting is gaining popularity every year, attracting the attention of both companies seeking to improve the security of their products and white…
Navigation through the challenges of fintech development: from compliance to security
Fintech has truly revolutionized the field of financial services. The accelerated development of technology and the growing interest in digital financial solutions have…
