Blog

• Running a VPN Client on a Router in Combination with Pi-Hole

  Using a VPN (Virtual Private Network) is a powerful way to enhance your online privacy and security. A VPN encrypts your internet connection and hides your device’s location, ensuring no one can track your online activities. Typically, a VPN is installed directly on a device, but by configuring it on your router, you can extend its protection to your entire network, safeguarding every connected device.

• A Critical View of Bitcoin’s Ideological Foundations

  Bitcoin’s ideological roots are grounded in a blend of libertarianism, anti-authoritarianism, Austrian economics, and cypherpunk thought. Its core philosophy is centered around decentralization, individual freedom, and skepticism toward centralized systems of control, especially government and financial institutions. As such, Bitcoin is often viewed as both a technological innovation and a political statement against traditional power structures.

• Verifying Multisig xpubs on Bitbox and Trezor Hardware Wallets

  Multi-signature (multisig) refers to requiring multiple keys to authorize a Bitcoin transaction. Whilst a multisig setup can offer substantial security benefits it also comes with certain risks. As documented in a Bitbox post back in 2020, most hardware wallet (HW) multisig setups can be pretty insecure. In particular, that post rightly pointed out the difficulties at that time with verifying the extended public key (xpub) of certain HWs.

• Configuring Policies in Microsoft Defender External Attack Surface Management (MDEASM) via API

  This is a brief post explaining how to configure policies in Microsoft Defender External Attack Surface Management (MDEASM) through its API. Although the policies functionality has been available in MDEASM for some time, the process for configuring them via the API has, unfortunately, not yet been documented.

• Analysing Formbook Malware

  I was recently alerted to an email containing an attachment named 3D PICTURE DRAWING DESIGN.pdf (SHA-256: 6657978de693874ef0b1d7491ff7ecc4066631d88b1481b19d9913d56356fd81). When opened the pdf tries to trick the user into clicking on an embedded link that leads to hxxps://filebin.net/v84mk8ucvp2m702e/3D_PICTURE_DRAWING.pif

• Transferring a Large File to a Target Server Using Azure DevOps, CyberArk, and Ansible

  I recently needed to drop a large file onto a target Linux server where direct SCP was prohibited. The server is entirely managed using Ansible playbooks in Azure DevOps with it’s credentials stored in CyberArk. Ok no problem…maybe?

• From Deployment to Defense: How to Set Up Microsoft Defender External Attack Surface Management (MDEASM) using Terraform and Azure DevOps

  Microsoft Defender External Attack Surface Management (MDEASM) is an Azure based security service that helps organizations gain visibility and manage their external attack surface. I was recently presented with the challenge of having to deploy and configure this resource entirely through code using Azure DevOps. What follows are some hopefully useful notes on how I managed to do this.