Note from the author: While writing this blog post I ran into a client where I needed to spray against the Office365 portal hosted by Microsoft directly and wrote some code to do so. If you just want to read that bit, skip to the end.
Josh Magri

Recent Posts
It’s common knowledge that websites are able to give users free content by serving advertisements and performing analytics in order to generate revenue (full disclosure: if you check this page’s source code, you’ll see Google Analytics and HubSpot). It turns out that between you and the website you’re browsing, there are a few friendly third parties who are very interested in your data. Let’s take a surface level look into how online tracking works, and how you may be uniquely identified with a few JavaScript API calls.
Topics: Cybersecurity, Information Security, Personal Privacy
If you’re reading this, it’s very likely that you know how to use the internet. It’s also likely you’ve made an account on the internet somewhere. When you created your last account, what kind of requirements were you forced to use? For a number of web services, these requirements still follow the 2003 NIST SP 800-63 Appendix A standards that recommend an 8-character minimum, containing one uppercase, one lowercase, one digit, and one special character (Ex: Procircular1!).
Topics: Cybersecurity, Data Protection, Personal Privacy, hacking, NIST, Passwords