Blog

Cybersecurity Blog

Insights, technical guides and analysis from the Secra team on the latest cybersecurity threats and trends.

Cloud Security

AWS IAM Privilege Escalation: Attack Paths

AWS IAM privilege escalation paths: iam:PassRole abuse, policy versioning, sts:AssumeRole chains and how to detect them with CloudTrail.

2026-07-0610 min
iot-ot

Bluetooth and BLE Security: Attacks and Defense

Bluetooth and BLE attacks: BlueBorne, KNOB, BIAS and sniffing against IoT, wearable and medical devices. Secure pairing, defense and detection.

2026-07-0610 min
Threat Intelligence

Brushing Scam: What It Is and How to Protect Yourself

What the brushing scam is: fake sellers ship unsolicited packages to post fake verified reviews using leaked PII. How to detect and defend.

2026-07-0610 min
Compliance

Business Continuity Plan (BCP/DRP): ISO 22301 Guide

What a business continuity plan (BCP) is, how it differs from a DRP, BIA, setting RTO and RPO, ISO 22301 and its link to ISO 27001.

2026-07-0611 min
Pentesting

Business logic vulnerabilities: attacks and testing

What business logic vulnerabilities are, why DAST and SAST scanners miss them, the classic flaw taxonomy with examples and how to test them manually.

2026-07-0610 min
Threat Intelligence

Catfishing: what it is, how to detect and prevent it

What catfishing is in a corporate context: fake LinkedIn recruiters, sextortion, deepfakes, OSINT verification and defence aligned with NIS2.

2026-07-0610 min
Cloud Security

CI/CD Pipeline Security: Threats and Hardening 2026

CI/CD pipeline security: defend builds against poisoned pipeline execution, secrets leakage and insecure runners with OIDC, SLSA and hardening.

2026-07-0611 min
Compliance

Cyber Insurance: What It Covers, Exclusions and Price

What cyber insurance covers in 2026: coverages, exclusions, insurer requirements (MFA, EDR, backups, pentest) and price for businesses and SMEs.

2026-07-069 min
Compliance

Cyber Insurance Minimum Controls: MFA, EDR, Backups

Cyber insurance requirements in 2026: MFA, EDR, backups, pentest and IR plan. The minimum controls insurers demand before binding.

2026-07-067 min
PreviousPage 1 of 24Next