Cybersecurity

As someone who’s spent over a decade in retail operations across the Middle East, I’ve witnessed firsthand how dramatically our industry has transformed. What once relied on simple point-of-sale systems and cash registers now operates through complex digital ecosystems involving cloud-based inventory management, mobile payments, customer apps, and integrated supply chains. But with this digital transformation comes a sobering reality: retail businesses have become prime targets for cybercriminals. In 2025 alone, retail cyberattacks increased by 87% globally, with the average cost of a data breach reaching $4.88 million. Here in the GCC region, we’re seeing similar trends as our retail landscape modernizes rapidly. The question isn’t whether your business will face a cyber threat—it’s when, and whether you’ll be ready. Understanding the Modern Retail Threat Landscape# Point-of-Sale (POS) Vulnerabilities# Your POS system remains the crown jewel for cybercriminals. Every transaction processes sensitive payment data, making these systems incredibly attractive targets. I’ve seen retailers in Riyadh lose weeks of revenue after POS malware infections, not to mention the devastating impact on customer trust. Modern POS attacks often involve: ...

Bandit is the best starting point for anyone new to wargames. It teaches you the Linux command line through increasingly tricky challenges. Here’s my walkthrough. bandit0# This one is easy — the password is in the readme file. cat readme bandit1# To read files with special characters as the name, prepend ./: cat ./- bandit2# To read files with spaces, quote the filename: cat 'spaces in this filename' bandit3# Use ls -la to see hidden files and directories: ls -la inhere/ ...

Leviathan# The Leviathan wargame from OverTheWire tests basic Linux privilege escalation skills. Here’s my walkthrough. leviathan0# Use grep to find the password. leviathan1# Read the binary and trace with ltrace and strings. leviathan2# If you ltrace the binary printfile you will see it’s using the access() function — which is known for a TOCTOU (Time-of-check to time-of-use) vulnerability, mostly abused using symlinks. Check how the binary works: ltrace -f ./printfile filename ...

This is the writeup for the Mr Robot CTF challenge on TryHackMe. Solution# First we start by enumerating the ports: nmap -p- -Pn -T4 | tee ports.txt Then we run the nmap script to find more information on the ports discovered: nmap -sC -sV -p -T4 | tee ports.txt It is good practice to run a gobuster scan to find directories while busy enumerating the box further: gobuster dir -u -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt ...