Yasin Soliman

Yasin Soliman

I'm Yasin, a security analyst from the UK, interested in web application testing and red team operations.

Yasin Soliman



Technical writing

Yasin SolimanYasin Soliman

Penned on a variety of topics, these articles have been written to inform, spark interest and most importantly, help the wider community stay safe. Many focus on items of analysis or follow a tutorial-style format.

Current articles

Graham Cluley Security News

I've published a total of fourteen articles for security expert Graham Cluley. The Security News website is particularly popular with readers in the States, India, and here in the UK, but it's read by audiences the world over.

GCSN draws its readership from some of the world's largest financial service providers, professional institutions and the general public.

How to set up your Facebook privacy settings

My first "how-to" article was published in March 2016 – a comprehensive, step-by-step guide with over 1.3k total shares to this day.

Plugins: yes, they're handy but they also increase the surface of attack

Also published in March, my second article is the precursor to a three-part special, discussing the perils of web add-ons and modern attack vectors.

Plugins: how to update or uninstall completely

This series takes a look at Flash, Java and Silverlight. I first explain how to check if the plugin is installed, before discussing steps you can take to stay safe.

How to avoid sharing your location on Facebook and Twitter

My next article was published in April 2016. Focusing on two of the world's largest social networks, I explain how to check that you have the appropriate privacy controls in place.

How to review your privacy on Windows 10

The release of Windows 10 prompted many an article on the topic of privacy. In this article from May, I focus on steps you can take to ensure minimal advertiser tracking and overhead.

How to rid your new PC of pre-installed junk, once and for all

You've just unboxed your new laptop, fiddled with pages of privacy settings and finally reached the desktop. Upgrading to a new PC should feel like a fresh start, right? This article from July sparked 26 on-site comments (many suggesting a clean wipe and install of Linux), and nearly 500 shares.

How to report a cybercrime

This article from the end of July discusses how you can report a cybercrime to the police in your part of the world.

How to protect yourself from mobile ID theft

In August, I covered an emerging form of ID theft which has recently surfaced over in the United States – explaining how you can stay protected.

How to lock down your iOS 10 device

Continuing with the mobile theme, in early October I reviewed a handful of steps you can take to better protect your personal privacy on iOS 10.

Post-Mirai, how to better protect your IoT devices

In the wake of the Mirai botnet making its unpleasant presence felt across the Internet, this article discusses how you should defend your IoT devices.

How to lock down your Twitter account; staying safe with third-party apps

Inspired by the first Twitter Counter compromise – back in November 2016 – this guide helps ensure that rogue third-party apps don't hijack your account.

Top tips for protecting your Android device from malware

My first GCSN article of 2017 presents a selection of tips for protecting your Android-powered device – an OS Apple’s Tim Cook called "a toxic hellstew of vulnerabilities."

Author profile

If you're interested in an automatically updating list of my Graham Cluley articles, pop over to my author profile.


I was delighted to join the Guest Author team on Tripwire's highly popular State of Security blog in February – covering a range of cyber threats and risk management techniques.

Tripwire delivers advanced threat, security and compliance solutions used by over 9,000 organizations, including over 50% of the Fortune 500. Tripwire enables enterprises, service providers and government agencies around the world to detect, prevent and respond to cyber security threats.

The World of the Technical Support Scam

In my first longform article for Tripwire, I explore the origins of this "amalgamation of social engineering and confidence trickery" – before investigating the scammers' techniques and conventions with a selection of real-world case studies.

The Evolution of Phishing

Verizon’s latest Data Breach Investigations Report notes that over 30 percent of phishing messages sent during 2016 were opened — a 6% increase from 23 percent in 2014. Last month's longform article is an enquiry into the true nature of this "opportunistic vector" – no locale, industry, or organisation is safe.

Managing Cyber Risk in Schools and Educational Institutions

Educators are driving transformational change through technology — but as this article from April 2017 shows, we must not overlook the risks that emerge when information security is concerned.

Security Risks to Consider When Deploying Containers on Docker

Flexible containerisation is completely changing the way we build and maintain applications at scale. With positivity and momentum of growth in mind, we must not forget one core priority in today’s ever-changing tech landscape: information security.