SteelCon isn’t just another name on the ever-growing list of security conferences—it represents something different. Born in 2014 out of a desire to create a hacker con with character, SteelCon has since become a standout in the UK’s infosec calendar. Set in the heart of Sheffield at Hallam University, it offers a refreshing alternative to the traditionally London-heavy tech event scene. From its rapid expansion to its warm community vibe, SteelCon brings together expertise, inclusivity, and innovation under one roof—and with a northern accent. The growth of SteelCon has been…

Over the course of the last decade, information security has undergone a transformation that few could have predicted. Technological advancements—driven by innovation, demand for convenience, and the explosion of connected devices—have dramatically altered how we live, work, and communicate. With these shifts, the definition of security has expanded far beyond traditional boundaries. What was once a concern isolated to IT departments has now become a boardroom imperative and a societal concern. Looking back, the 2010s were about more than just new gadgets or faster networks. They were about foundational changes…

Injected iframe attacks are among the oldest tricks in a cybercriminal’s toolkit, yet they remain astonishingly effective in modern threat landscapes. At their core, iframe injections involve placing an invisible HTML element within a webpage that loads malicious content from a remote server. When users visit the compromised site, the iframe triggers quietly in the background, typically loading exploit kits, phishing pages, or malicious downloads. What makes iframe attacks particularly insidious is their stealth. Unlike overt malware or phishing emails, these attacks do not require any interaction from the user….

In the earliest days of UNIX operating systems, user authentication was a rudimentary process. System user data, including encrypted or even plaintext passwords, was stored in a file named /etc/passwd. For functionality, this file needed to be accessible to all users on a machine. Unfortunately, this accessibility posed a significant security concern: attackers could simply open the file, extract the password hashes, and run offline password-cracking tools to try different combinations without triggering alarms. This issue became especially problematic in multi-user environments such as academic institutions, enterprise settings, and shared…

Cybersecurity plays a crucial, often invisible role in the digital lives of individuals, corporations, and nations. It protects critical infrastructures, supports global financial systems, and shields sensitive data from being misused. Yet despite its growing relevance, the public understanding of what cybersecurity professionals actually do remains clouded—thanks, in large part, to how the field is portrayed in fiction. Movies, TV shows, and novels often reduce the field to flashy visuals and absurd technical shortcuts. Hackers are shown smashing through digital defenses with a few keystrokes. Security systems crumble in seconds….