Brian Fajardo

2026 and Beyond Cybersecurity Trends You Should Know

Last year, we published a post on the cybersecurity trends that we could see in 2025 and beyond. Those trends consisted of shadow AI, deepfakes, writing malware using GenAI, prompt injection, utilizing AI to improve cybersecurity, and AI slop security reports. Now we're going to go over the

Life Update

My Cybersecurity Layoff Journey

I've been wanting to create this blog post for quite a while now and the day has finally come. I am going to talk about my cybersecurity layoff journey. After 436 days and 1352 applications, I finally obtained gainful employment. My inspiration behind publishing this post is to

Supply Chain Security

Shai-Hulud Strikes Back

In our last blog post, we discussed how fragile our open-source ecosystem is. The snow ball effect of supply chain attacks is something that keeps happening and now with more twists and turns with the recent Shai-Hulud 2.0 incident. In two months, two prolific supply chain incidents in terms

Supply Chain Security

The Snowball Effect of Supply Chain Attacks

Supply chain attacks are an escalating high impact threat that hit hard due to the interconnected nature of the modern software development ecosystem. The high level of trust placed in open-source components allows for these attacks to happen. We saw two recent large supply chain attacks from npm and Salesloft

Bitwarden Password Manager

Una Inversión Que Vale La Pena Para tu Perfil Digital - Bitwarden Gestor de Contraseñas

Cuándo fue la última vez que creaste una contraseña y como la creastes? Qué hiciste con la contraseña? La escribió en un papel o algún libro? O simplemente usas la misma contrasena o algo similar y después seleccionas "recordar contraseña"? Aunque estas prácticas sean simples, no son seguras.

Career Lessons

A Good Security Team

While searching for my next role, a question I have been asked during interviews has been what kind of team I am looking to work with. This is a common question asked during interviews for several reasons. Hiring managers are trying to find a good culture fit from the candidate.

OSINT

Navigating the LinkedIn Security Minefield

It's been 254 days since I was laid off. I am not going to talk about my Cybersecurity layoff journey yet, as it's something that I intend to do in another blog post. Today, I want to talk about how LinkedIn has become a security minefield.

Phishing

Investigando una Campaña Ataque Comando y Control (C2) a través de un Correo Phishing

Hace unos meses atrás, le llegó a mi mama un correo electrónico supuestamente de ADP, una empresa estadounidense de software y servicios de gestión de recursos humanos. El asunto se trataba de un aviso de wage garnishment, que es un procedimiento judicial en el que un tribunal ordena al empleador

2025 and Beyond Cybersecurity Trends You Should Know

It goes without saying that in cybersecurity, things change very fast! With threats evolving, so does the need for countermeasures to deter these threats. Attackers are utilizing AI now more than ever to automate their attacks. In this post, we'll go over some of those attacks already familiar

Threat Intelligence

Why Threat Intelligence Matters

You may have heard countless times that the threat landscape is always growing. As cliche as it may sound, threats are prevalent because there will always be the potential for danger or a harmful event that can exploit a vulnerability and cause harm to a system, organization, or individual. This

Privacy

Seguridad Honesta Hecha Facil

Cuando hablamos de honestidad, muchos pensaran en una persona que hace todo para no solo decir la verdad, pero también DEMOSTRARLO con sus acciones. Se puede decir que esta persona practica la frase, "las acciones hablan más que las palabras". Pero cómo podemos practicar la honestidad cuando hablamos

Paid-members only

Reviews

Is DEFCON Worth It? From a First-Timer's Perspective!

Paid-members only

Phishing

The Most Common Types of Phishing You Will Get

Life Update

Back and Better Than Ever!

It's been more than a year (513 days to be exact) since I last posted. Where have I been? Did I end up abandoning this blog? To not have posted anything in more than a year, it may seem like so. However, I've been growing in

Resources

A Real Gem for Cyber Hygiene - CISA's SHIELDS UP Campaign

In February of 2022, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), released a warning and advisory known as SHIELDS UP, that would put the nation on high alert.

Career Lessons

Celebration Time Oh No!

Company parties are a great time to get together to celebrate a win. Winning is awesome, but so is practicing good cyber hygiene. What good is it to celebrate your win, when you're not practicing good cyber hygiene? Cyber hygiene is a must whether you lose or win. It is non negotiable.

Privacy

Handle Others PII as You Wish For Your PII to Be Handled

Privacy is something of value to us. Protecting our privacy means being aware of our surroundings. Privacy will hold different values to different people. That is why privacy needs to be scrutinized carefully when protecting.

Interesting Readings

An Interesting Reading on Honest Security

An interesting reading I came across called Honest Security by Jason Meller.

Career Lessons

The Hardest Lesson

The hardest lesson can be the greatest incentive to have a broader understanding of your values specifically when those values are challenged by others even when there is evidence that your values are indeed necessary for success.

Suricata

Leveraging Wazuh Even More - Suricata NIDS Integration

Integrating Suricata with Wazuh brings many benefits. From inspecting our server's network traffic providing additional insight into our security, in tandem with Wazuh's own capabilities, we will leverage both tools to further harden our server as well as provide visual data using the ELK Stack.

Zapier + Discord

A Security Digest Using Zapier to Send Discord Channel Messages from New RSS Items in Multiple Feeds

A guide in using Zapier and Discord to create a security digest from new RSS items in multiple feeds to be sent to a discord channel.

Life Update

The Strength to Endure a Difficult Life

This blog post will be different from the rest. It will be different in the sense that I won't be talking about anything technical here. Instead I will talk about my recent trip to Colombia where I got to see my family again after 2 years, the last

Ubuntu Server Hardening

More Work to be Done - Ubuntu Server Hardening

In the conclusion of the last blog post, we ended up telling ourselves that more work needed to be done to further harden our server. This is exactly what this blog post will talk about. How can we improve the security measures that have already been taken? Let's

UniFi Cloud Controller AWS

Killing Two Birds With One Stone - Securing a UniFi Cloud Controller on AWS

This blog post is well overdue for many reasons. First I am excited to be back after taking a short break. The holidays came and I got a bit lazy. I then got sick but not from covid thankfully. I still don't know what I had, but it

Nginx

Sweet Patience

When one thing breaks and another, it's important to stay focused and not let your frustration cloud your ability to think and keep persisting towards a resolution!