Author: Kaveh Mofidi
-
Who is the biggest spammer?
It is certainly nothing new that those labeling their spamming activity as ‘email marketing’ have no idea what real email marketing looks like, but that is not the point of this short article. I have been closely observing that so-called ‘security companies’ are generating most of the junk email traffic. It is ironic that companies…
-
Why Are We Struggling With Cybersecurity?
Why are we struggling with cybersecurity? Why does it feel like hammering water when it comes to securing your assets in the cyber world? It’s a different story if you don’t believe that the majority of the industry is wasting time, thinking they are doing the right things to secure their network. Then how come…
-
Doctoring Data: How to sort out medical advice from medical nonsense
That’s the name of a book: *Doctoring Data* by Dr. Malcolm Kendrick. It teaches you how to spot misleading medical claims and understand the tricks used in health research and media. But you could easily generalize it to all kinds of data. The mindset is there — the idea — and you can definitely see…
-
The Panacea Illusion
The new obsession This feels like the beginning of a new religion. ChatGPT arrives, and suddenly everyone believes they’ve found the cure for everything. Every question, every confusion, every gap in understanding, now delegated to a chatbot. The same pattern repeats: a new tool, a new promise, a new exhaustion. People forget that every tool…
-
The Simplicity Behind Real Security
The Industry Loves Complexity Cyber security has a strange habit. Every year, more layers. More dashboards. More integrations. More moving parts…and somehow, more insecurity. Decades of experience showed me something simple: Complex solutions either fail, or create new attack surface while pretending to reduce it. That is the irony of modern security. We secure complexity…
-
Tools Cannot Think for You
The myth of the self‑running system Every year, the industry repeats the same fantasy: buy the right tool, and the work will magically disappear. But tools do not create plans. Tools do not define objectives. Tools do not understand your environment, your risks, or your deadlines. A tool can automate a task. It cannot replace…
-
How to choose a vendor in context of infosec goods and services
a new label doesn’t create a new capability.” know what you actually need most people start with vendors before they start with themselves. that is the first mistake. if you don’t know what problem you are solving, every vendor suddenly looks “perfect”. it’s like walking into a hardware store without knowing if you need a…
-
I am not the technical person but I must sell you something I have no clue about!
well, I actually changed the second part sarcastically, this is the original version: I am not the technical person but I really must sell you something today, can I connect you to another person in my company, an engineer perhaps? you know, we have a very great product but I am just lacking understanding what…
-
Security solution which acts like traditional painkiller
most security solutions are like traditional painkillers, we certainly feel better after talking them, but the root cause of pain remains intact and unresolved! as long as we do not address root cause of security incidents and vulnerabilities, we will be feeling better from short-term pain relief of “Security Solutions” and then suffering again soon…
-
utilizing dark web as defense
I was shocked when I heard from a “security professional” that using dark web as means understanding cyber threats has been Just Recently been discovered by them as an effective defense mechanism! no kidding! then why we are surprised we get hacked by the most trivial TTP out there? this is very disappointing that “security…