$ cd ~/securember/blog
Blog
Practical material on offensive security and compliance - no marketing fluff.
12 July 2026Privacy / OSINT
GDID: the Windows identifier a VPN won't hide
Windows 11 assigns every installation a persistent Global Device Identifier. In July 2026 an FBI filing showed how a GDID located a user despite a VPN. We explain what it is, how it tracks, and why a network tunnel isn't enough.
Read more 12 July 2026Vulnerability analysisAnatomy of an RCE: how Log4Shell worked (CVE-2021-44228)
A single string in an HTTP header, full server takeover. We break down the Log4Shell attack chain step by step - with diagrams, a sample request and layered defence.
Read more 10 July 2026ComplianceNIS2 in practice: where to start before the auditor arrives
Registration by October 2026, measures in place by April 2027, the first audit a year later. Five steps worth taking in this order - and the mistakes that most often surface during audits.
Read more// no results