TL;DR   Introduction  I have read a lot of OT pen test reports. I’ve spoken with a lot of clients about pen test reports. And ...

I stumbled into infosec the same year the NSA graced us with Ghidra. It’s by far become the most used tool in my arsenal for reverse engineering and vulnerability research. It’s free, extensible, and ...

Retail systems are designed for speed and convenience. That usually means lots of integration points, frequent change, and a long list of third parties that touch customer journeys. Attackers focus on ...

Kubernetes has changed the way we deploy and scale workloads. It’s powerful, flexible, and very good at hiding a lot of complexity. It is also very good at hiding security problems until someone ...

In my previous job as the SOC manager for a public sector organisation, I would often see attempts from scammers trying to get some unlucky employee’s payroll details changed to their own bank account ...

In the field of maritime cyber, we often cite the movie Speed 2: Cruise Control from 1997 as an interesting prediction of the future. It illustrates the reality of today quite well, despite being ...

Discord has become an attractive tool for attackers not because it’s malicious, but because it’s legitimate and trusted. It often flies under the radar of security controls and offers features that ...

If you haven’t read the previous posts, I would recommend them as a primer to the devices, BLE and what we’re doing. In part one, we made a low-cost key finder beep by capturing and replaying BLE ...

On a Red Team engagement we entered a busy multicloud estate. AWS, GCP and Azure were all used, with Terraform Cloud orchestrating every change. That brings speed and consistency, but it also ...

Windows thumbnail cache, or thumbcache, is a well-known forensic artifact, but often one that is overlooked. The thumbcache stores small previews of images, videos and documents and can persist even ...

You’ve done a build review on a host and need to get files from a host, or need to access an application, for example, a Nessus instance running internally. There’s always evidence generated, but ...