Decoded offers a human point of view on cybersecurity and security trends, unpacking complex topics through analysis, context, and real-world implications.
Mandiant’s M-Trends 2025 confirms it. Voice phishing surged. Email phishing collapsed. Your stack is not the problem. The person who picked up the phone is. And nobody tested them.
Before a phishing email is written, attackers already understand your company. Using OSINT sources like LinkedIn, GitHub, and public infrastructure data, they map employees, tools, and internal patterns to craft believable attacks. This PacketHunters analysis explores how exposure fuels modern phishing reconnaissance.
March is about exposure. Not the embarrassing kind — the dangerous kind. Before any attacker sends a single phishing email, they already know your org inside out. OSINT, attack surface recon, open data trails.. this month we pull back the curtain on what’s visible, what’s exploitable, and why the scariest hacks start with a Google search.
Phishing is not declining; it is evolving alongside identity sprawl and legacy infrastructure. This closing Decoded article examines why identity drift, fragmented governance, and underfunded awareness programs continue to expose organizations despite modern security tooling.
A public tender from Sogei seeking COBOL programmers exposes a deeper issue: critical legacy systems still run modern economies. When knowledge disappears and governance lags behind, outdated environments become prime targets for phishing-driven takeovers. The real risk is not COBOL itself, but unmanaged identity and uncurated trust layered on aging infrastructure.
Cybersecurity didn’t fail because attackers evolved faster. It failed because many of our assumptions stopped being questioned. Rethink Month opens with a reflection on trust, habit, and why real security progress starts by challenging what feels “normal.”
A personal reflection on social engineering, human behavior, and identity in the age of AI, drawing from real-world experience and behavioral analysis to explain why understanding people still matters more than understanding machines.
A personal reflection from years in offensive security on how recovery, community, and honest conversations have become more important than perfect defenses in modern cybersecurity.
Behind every identity-based attack there are humans making decisions, trusting signals, and interpreting reality. In this Decoded episode, the Baited team reflects on identity not as a technical construct, but as a human experience shaped by fatigue, trust, culture, and context.
Digital identities are breaking under pressure – deepfakes, credential leaks, synthetic users, token theft. Identity Month opens by exploring why identity resilience is now the foundation of cybersecurity, and how companies must evolve from access control to continuous verification.
