If you use a YubiKey for one-time passwords (OTP), you’ve probably done it at least once: you meant to type something, touched the key, and a long modhex string landed in Slack, a commit message, or an email. Annoying for everyone, and worse, it’s a real security risk. This post pulls together practical ways to reduce accidental triggers and what to do when a code gets out, plus how YubiOTP compares to TOTP so you can use both wisely....
In the last two blogs, we looked at the pieces that make a blockchain work and how the network agrees on what is true. In here, we will look at how all those pieces sit together as layers, how blockchains are structured, and how Layer 1 and Layer 2 actually differ in practice. Once we know what each layer is responsible for, concepts like rollups, sequencers, proofs and scaling start making sense....
I have been wanting to learn about kubernetes k8s since long, and create this blog series. Here we are finally started (thanks to null cloud security study group ), so without wasting too much time let’s get started. I am learning this having a security mindset, to find common misconfigurations and understand the development process to understand the mitigation. K8s is a container orchestrator. Before diving too much into the depth let’s see what orchestrators/orchestrations are....