TL;DR Why Discord appeals to attackers Discord has become an attractive tool for attackers not because it’s malicious, but ...

We help keep money in the banks, planes in the sky, and the lights on.

TL;DR What is CHECK, when should you use it, and why? CHECK is NCSC’s assurance scheme for penetration testing. It began as a way for government and critical systems to be tested safely, but any ...

Unit 2, Verney Junction Business Park, ...

A Live Demonstration of Vulnerability and Exploitation  Witness firsthand how an AI tool can be compromised in this revealing ...

Many organisations are turning to virtualisation of apps and desktops. This often involves virtualisation platforms such as Citrix to deliver these services. Get your configuration or lock-down wrong ...

Over the last year of looking at kids GPS tracking watches we have found some staggering issues. With these devices it almost seems that having multiple security issues is the new normal. While ...

Well, that’s the Svakom Siime Eye, a vibrator endoscope. Yes, this thing exists. It is a pretty normal, slightly awkwardly-shaped vibrator with a camera in the end. It costs $250. But, more relevant ...

The CyberGhost VPN client suffers from an elevation of privilege vulnerability and is filed under CVE-2023-30237. A specially crafted JSON payload sent to the CyberGhost RPC service can lead to ...

SharePoint is a Microsoft platform that enables collaborative working and information sharing. This done with team sites. They work like regular intranet pages with graphics and text, but they also ...

My first DEF CON talk was nerve-racking but something I would definitely put myself through again. In hindsight I should have submitted a 45-minute talk as there were some elements missing from what I ...

When researching lateral movement techniques I came across a post from Raphael Mudge (of Cobalt Strike fame). He details scripting an Aggressor Script for Matt Nelson’s MMC20.Application Lateral ...