The Qwiet Blog

Remote code execution (RCE) has been a part of many cybersecurity news headlines throughout the past few years. When attackers exploit an RCE vulnerability, they can gain complete control over the target machines or systems, almost like an invisible hand puppeteering the technologies.  As a developer, you should know how to identify and remediate a […]

I’m sure we’re all familiar with the idea made popular by Malcolm Gladwell’s book Outliers that it takes 10,000 hours to truly master something.  Based on the paper “The Role of Deliberate Practice in the Acquisition of Expert Performance“, the research data indicates that people who are experts in a field got to that level […]

For a lot of programmers, Python is their “love language.” Easy to learn and use, Python is perfect for building cutting-edge machine learning and cloud computing projects. Unfortunately, knowing that programmers love Python, malicious actors have started targeting the Python Package Index (PyPI) as part of supply chain attacks.  As researchers identify more malicious Python […]

According to the 1980’s cartoon G.I. Joe, “knowing is half the battle.” Unfortunately, threat actors often have more information than their targets, which is why they’re so successful. For developers and AppSec teams, having information about threat actor tactics, techniques, and procedures (TTPs) helps even the digital battlefield.  Threat intelligence feeds provide data about malicious […]

The National Cybersecurity Strategy Implementation Plan plays a vital role in safeguarding the digital infrastructure of the nation. This comprehensive plan, outlined by the White House, is comprised of three pillars and sets forth a roadmap to enhance cybersecurity measures across various sectors.  Pillar Three of the implementation plan focuses on the need for developers […]

Software engineers’ ideal state includes being able to work with minimal disruption. This “flow state” is when they are most productive and have the best chance of delivering the products and features they are tasked with producing within the required timeline. Whenever something adversely impacts their flow state productivity, mental health, and overall effectiveness may […]

In the ever-evolving world of cybersecurity, staying informed about the latest threats and trends is crucial. To cater to the growing need for expert insights, we are thrilled to announce the launch of the new Hacking Exposed podcast. Hosted by renowned cybersecurity expert Stuart McClure, this podcast promises to be a treasure trove of knowledge […]

I couldn’t walk five feet at RSA recently without someone asking me about ChatGPT. The questions all boiled down to “ChatGPT—is it bad, really bad, or just plain horrible?” ChatGPT is all of these things, and at the same time it is none of them. ChatGPT is only what we make of it. Like any […]

In the ever-evolving landscape of cybersecurity, zero-day vulnerabilities tend to steal the limelight. These newly discovered vulnerabilities are often seen as the epitome of sophisticated cyberattacks, capturing headlines and fueling the imagination of both the public and cybersecurity professionals. However, the reality is that while zero-day vulnerabilities may be intriguing, the majority of successful cyberattacks […]