Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Beyond the Browser: The Questions That Expanded the Attack Surface
    penetration testing |  social engineering |  phishing |  Cyber Security Awareness
    After presenting this research at security conferences this year, I was expecting the usual post-talk questions like "what tools did you use?", "does this also work on mobile?", or a compliance officer asking if PDF forms are covered under their DLP policy. What the audience did instead was take ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    I Built the Droid I Was Looking For (AI Pit Droid pt. 1)
    I Built the Droid I Was Looking For (AI Pit Droid pt. 1)
    Maker Faire  |  3D Printing  |  Robotics  |  Edge Computing  |  Star Wars  |  AI Pit Droid
    Blog 1 of 4: Introduction How It Started
    Continue Reading
    GLBA Breach Notifications: Is Your Incident Response Program Built for It?
    GLBA Breach Notifications: Is Your Incident Response Program Built for It?
    Most security and compliance conversations about the Gramm-Leach-Bliley Act (GLBA) focus on the ...
    Continue Reading
    PCI-DSS 4.0.1 - Proving Security: A Penetration Testing Series
    PCI-DSS 4.0.1 - Proving Security: A Penetration Testing Series
    PCI  |  penetration testing  |  compliance  |  PCI DSS
    The Illusion of Security
    Continue Reading
    Rolling for Resilience Part 5 - Side Quests: Not Every Member of the Party Swings a Sword!
    Rolling for Resilience Part 5 - Side Quests: Not Every Member of the Party Swings a Sword!
    This is the fifth post in this series addressing my perspective on the current state of ...
    Continue Reading
    The AI Arms Race Just Went Public: What Project Glasswing Means for You
    The AI Arms Race Just Went Public: What Project Glasswing Means for You
    penetration testing  |  AI  |  Mythios  |  Anthropic AI  |  Project Glasswing
    Anthropic's announcement this week isn't just a product launch. It's a public acknowledgment that ...
    Continue Reading
    The Secret Handshake – Covertly Redirecting Mobile Traffic to a Different Backend
    The Secret Handshake – Covertly Redirecting Mobile Traffic to a Different Backend
    Normally while performing iOS or Android mobile application penetration tests, we request a custom ...
    Continue Reading
    Paths to Power in Active Directory Part 4: ESC3 – In The Name of The Crown
    Paths to Power in Active Directory Part 4: ESC3 – In The Name of The Crown
    In Part 2, ESC1 – No One, Yet Everyone, we examined a misconfiguration that allows a low-privileged ...
    Continue Reading
    Understanding MFA Fatigue Attacks
    Understanding MFA Fatigue Attacks
    Multi-factor authentication has become one of the most widely recommended controls in security. The ...
    Continue Reading
    Rolling for Resilience Part 4 - Boots in the Field: Manuals for Real-Time Action
    Rolling for Resilience Part 4 - Boots in the Field: Manuals for Real-Time Action
    This is the fourth post in this series addressing my perspective on the current state of ...
    Continue Reading
    Paths to Power in Active Directory Part 3: ESC2 – The Seal of Any Purpose
    Paths to Power in Active Directory Part 3: ESC2 – The Seal of Any Purpose
    “ Power in Active Directory, much like power in Westeros, often changes hands not through force, ...
    Continue Reading
    Supply Chain Security: Trust Is the New Attack Surface
    Supply Chain Security: Trust Is the New Attack Surface
    In February 2026, while participating in a panel at IT Expo, one statement kept resonating ...
    Continue Reading
    Has contents: true Total pages: 33 Current page: 1
    1 2 3 4 5