by valino | May 19, 2026 | Uncategorized, Compliance
Today we are introducing something we should have had from day one: a contact form built the way a cybersecurity company should build one. We are launching a new contact system, and we are proud of how it treats you and your message. Most contact forms on the web are...
by valino | May 18, 2026 | Hacking, Active Directory
The most expensive privileged access failure we triaged in 2026 came down to a single domain administrator account whose password had not been changed since 2019. The account belonged to a former employee. The password was on a credential dump that surfaced six weeks...
by valino | May 18, 2026 | Hacking, Compliance
This is the second Sunday letter we have written for the CEO who is reading on a quiet evening with the laptop half-closed. The first focused on the questions to ask. This one focuses on the question executives most often avoid: what does cyber liability actually...
by valino | May 16, 2026 | Hacking, Phishing
The MFA fatigue attack we worked last quarter succeeded in eleven minutes. The attacker had a valid username and password — purchased on a credential market for $14 — and used a script to send an authentication push notification to the user’s phone every twenty...
by valino | May 15, 2026 | Hacking, SOC
The most consequential alert fatigue incident we worked in 2026 was not caused by a missed alert. It was caused by a perfectly delivered alert that the on-call analyst dismissed because it was the 3,471st event of his shift. The alert was the first phase of a...
