In February 2025, Microsoft disclosed an active phishing campaign conducted by a Russian state-aligned threat actor, Storm-2372. Unlike conventional phishing, this campaign exploited a legitimate Microsoft login feature—device code flow authentication—to bypass even phishing-resistant MFA and gain access to Microsoft 365 accounts. The attack is deceptively simple, difficult for victims [...]
Read MoreThe Digital Operational Resilience Act (DORA) is a pivotal European Union regulation designed to bolster the IT security and operational resilience of financial entities. Enacted on January 16, 2023, DORA mandates that, by January 17, 2025, financial institutions and their Information and Communication Technology (ICT) service providers must comply with [...]
Read MoreIntroduction to the LeakyCLI Vulnerability The LeakyCLI vulnerability identified by Orca Security is a critical issue found in the CLI tools of major cloud providers like AWS, Google Cloud, and Azure. This flaw allows sensitive credentials to be exposed in build logs, thereby increasing the risk of security breaches. Azure has fixed the vulnerability, whereas, AWS and GCP have given […]
In the rapidly evolving tech landscape, generative AI has emerged as a game-changer, driving innovation and efficiency across sectors. Amazon Web Services (AWS) has been at the forefront, introducing tools like Amazon Bedrock and Amazon SageMaker that empower tech companies to harness the power of generative AI. This blog dives into what these services are, their importance, practical applications, security […]
The cybersecurity landscape was recently shaken by the “Mother of Leaks,” a colossal data breach consolidating information from various sources, affecting billions of records. This unprecedented leak underscores the vital importance of robust cybersecurity measures and responsive mitigation strategies. In this article, the outline contains critical steps IT organizations should take immediately and proactively to navigate the aftermath of this […]
Imagine a scenario where you are throwing a party and you have to prepare for the number of guests that will come. With serverless, you don’t have to set up a big hall or arrange for all the chairs and tables in advance, instead, you only set up what you need when you know how many guests are coming and […]
Are you a student? an IT professional? or simply a person like me who loves to learn new things? Then keep Reading! because in this blog I will let you in on a secret! How ChatGPT Enables me to Learn Quicker! Power of asking the Right Question The new skill that you always wanted to learn or the boring stupid […]
As a beginner, it is quite easy to feel overwhelmed by the idea of architecting Cloud Native applications. If you don’t know where to start this is the right place. In this blog, I will point out the beginner concepts that you should start learning a little about. After that, you can simply start with a little project of yours […]
As a security professional understanding firewalls is the key skill you need to have. It is important to stay up to date with the latest technology and threats. Think of a firewall as a bouncer at a club. Just like the bouncer controls who can enter the club, a firewall controls what traffic can enter a network or computer system. […]
The AWS Well-Architected Framework is like a compass that helps organizations navigate the challenges of building and operating systems in the cloud. It is built around six pillars that represent the key areas that organizations need to consider when designing and operating systems in the cloud: Operational Excellence is about making sure that systems are designed and operated in a […]
In simpler terms: ALB works on Layer 7 (Application Layer) NLB works on Layer 4 (Transport Layer) But in order to understand what exactly is their purpose we need to deep dive into the the networking side of application deployment. AWS Application Load Balancer AWS ALB, or Amazon Web Services Application Load Balancer, is a load balancing service for applications […]
Are you interested in getting started with devops? Devops is a rapidly growing field that combines software development and IT operations to improve the speed and reliability of software releases. If you’re a developer or IT professional looking to learn more about devops and how to get started, this blog post is for you! First, let’s define what devops is […]