Posts

When AI Meets IoT: How a Forgotten Threat Re-Emerged with a New Twist

Image
Before World War II , France poured its military resources into building the Maginot Line, a massive chain of fortifications designed to prevent a German invasion. It was an engineering marvel and a symbol of confidence in modern defense strategy. But it failed. Germany bypassed the Maginot Line by advancing through the Ardennes Forest, an area France had deemed too rugged and irrelevant to defend. That assumption proved fatal. By ignoring an older vulnerability in favor of a newer, more "obvious" threat vector, France left itself open to a devastating attack. In cybersecurity, we’re making the same mistake. Just a few years ago, I was purchasing books on pentesting IoT devices and completing Udemy courses on IoT security. It felt like the next big cybersecurity frontier, a sprawling, vulnerable ecosystem of smart locks, thermostats, TVs, and routers, all running outdated firmware and barely protected APIs. But over time, that focus faded. The industry shifted almost ent...

When the Solution Becomes the Threat: AI Agents and the New Browser Security Crisis

Image
 "I'm sorry, Dave. I'm afraid I can't do that." – HAL 9000 Many science fiction fans will recognize this quote from the classic film 2001: A Space Odyssey, with HAL 9000 being the rather ambiguous villain in the story. However, viewers or those with only a casual familiarity with the story, often forget that HAL 9000 wasn’t evil. It was obedient. HAL was built to eliminate the risk of human error and it followed its programming to the letter. But when mission parameters conflicted with human judgment, HAL’s unwavering logic led to catastrophe. In cybersecurity, we’re facing a similar dilemma. For years, the weakest link in security was the human user. Every cyber security professional knew the phrase. Almost every certification quiz had some question about it. Employees click phishing links, reuse passwords, and misconfigure systems. So, just like the scientists in A Space Odyssey, we turned to automation: AI agents that could navigate web apps, handle rep...

Vibe Hacking, XBOW, and the AI Arms Race We're Not Ready For

Image
  Long before I ever heard of Dungeons and Dragons, my first role-playing game experience was the futuristic world of Cyberpunk, where hackers, called ‘Netrunners,’ battled each other in cyberspace in pursuit of wealth and power. Back then, the idea of an AI jacking into corporate systems, rewriting its own code on the fly, and outmaneuvering security agents was both thrilling and purely fictional. But today, those neon-soaked fantasies are starting to look more like forecasts. The difference? The AIs aren’t avatars in the grid. They’re real, and they’re rewriting the rules of cybersecurity in the background while most of us are still playing catch-up In today’s cybersecurity landscape, the line between science fiction and operational reality is disappearing fast. Earlier this month, Wired reported that the AI tool XBOW is now topping HackerOne’s vulnerability leaderboard. Simultaneously, so-called "blackhat LLMs" like WormGPT and FraudGPT have been quietly circulating in Di...

When Legitimate Security Tools Become Cyber Threats

Image
A little less than two thousand years ago, Roman citizens were forced to watch as their mighty capital and empire came crashing to the ground at the hands of an unstoppable Visigoth army. Perhaps the worst part of the destruction, at least for Roman leaders, was facing the uncomfortable truth that these soldiers destroying their city were doing so with the very weapons, armor, and training that Rome had provided, under the pretense that those tools would be used to protect the empire. In cybersecurity, we face the same uncomfortable situation almost daily. The powerful tools we create to defend, outwit, and protect against cybercriminals often become the very tools those cybercriminals use against us. A recent report from Proofpoint highlights this growing danger: a threat group tracked as UNK_SneakyStrike has been leveraging an open-source penetration testing tool—TeamFiltration—for account takeover (ATO) campaigns across Microsoft Entra ID environments. What’s Happening TeamFiltratio...

Unlocking the Power of Generative AI in Cybersecurity: Don't Let Your Rosetta Stone Be A Brick

Image
One of the most important archaeological discoveries ever made is the Rosetta Stone. This ancient tablet, which contained the same text written in Greek and Ancient Egyptian, was the key to deciphering hieroglyphics—unlocking a lost language and, with it, centuries of history, culture, science, and religion. What many people don’t know is that prior to its rediscovery in 1799, the Rosetta Stone was being used as a mere brick in a medieval fortress wall. Its incalculable historical value was completely overlooked until French soldiers stumbled upon it during repairs. Now, imagine a tool with the potential to reshape the future of cybersecurity being used for little more than routine tasks. As crazy as it sounds, that’s exactly what many organizations are doing with Generative Artificial Intelligence (Gen AI). They recognize its existence and may use it for basic troubleshooting, installation instructions, or general problem-solving—but fail to explore its full power. Like the Rosetta St...

Prophylactic AI Security: Why a Proactive Strategy Matters More Than Ever

Image
Tigran Petrosian Before working in IT security, I was a tournament chess player. One of my greatest influences was World Champion Tigran Petrosian—known not for flashy attacks, but for his near-supernatural ability to anticipate his opponent's plans and neutralize threats before they happened. That skill, known in chess as prophylaxis , is one that the world of cybersecurity desperately needs to adopt. From Chess to Cybersecurity: The Power of Prophylaxis Prophylaxis in chess is the ability to anticipate your opponent’s strategy and block it before they execute it. Petrosian’s style wasn’t dramatic or aggressive, but it was extremely effective. He rarely lost. In much the same way, cybersecurity professionals must anticipate and neutralize risks before they evolve into threats. Unfortunately, the current state of information security remains largely reactive. A scan finds vulnerabilities; the team patches them. A penetration test reveals gaps; the team scrambles to close them. An a...

It's Not Always What's On The Inside That Counts

Image
  While serving as the head of an Information Security department, I once had a Chief Technology Officer (CTO) tell me, "The organization doesn't need security controls as long as they have security awareness training." The statement will seem naïve and even laughable to many security professionals. However, his words reflect a growing misconception shared by technology leaders in a time where everyone is worried about employees clicking on ransomware, visiting infected websites, or compromising a network over the VPN. Even my own Doctoral Dissertation is about the need for mandatory cybersecurity awareness training courses in middle schools. Yet, a look at the news reminds us that securing employees inside a company is not enough to secure the company. One of the most concerning stories hitting the news this month is how ransomware groups are turning their focus toward firmware attacks. Leaked chats from the Conti ransomware group reveal that the organization is acti...