TL;DR  Introduction   In my previous blog post, I wrote about finding your path into DFIR; how to get started, where to focus ...

TL;DR  Introduction   There is a widely held belief that penetration testing Operational Technology networks is impossible.

Pwning web sites through their AI chatbot agents and politely breaking guard rails ...

Built on five years of hands on, community led events, it has grown into something a bit different from the usual cyber event. More practical. More interactive. More time with the people doing the ...

Key relay attacks against keyless entry vehicles are well known. Many 3 rd party car alarm vendors market themselves as solutions to this. We have shown that fitting these alarms can make your vehicle ...

CCTV is ubiquitous in the UK. A recent study estimates there are about 1.85m cameras across the UK – most in private premises. Most of those cameras will be connected to some kind of recording device, ...

The aviation industry realised some time ago that taking a standard approach to the cyber security of its products was needed and that this was a specialist discipline. A family of documents was ...

Windows thumbnail cache, or thumbcache, is a well-known forensic artifact, but often one that is overlooked. The thumbcache stores small previews of images, videos and documents and can persist even ...

A few weeks back we read a story on the BBC web site about a BBC employee seeing someone else’s video footage on the mobile app for their home security camera. It wasn’t clear how this happened, but ...

We’ve seen an increase in multi-stage Adversary in the Middle (AiTM) phishing BEC in M365. These usually originate from a compromised trusted party, and lead to a series of AiTM attacks and follow-on ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...