TL;DR Why Discord appeals to attackers Discord has become an attractive tool for attackers not because it’s malicious, but ...

TL;DR What is CHECK, when should you use it, and why? CHECK is NCSC’s assurance scheme for penetration testing. It began as a way for government and critical systems to be tested safely, but any ...

Witness firsthand how an AI tool can be compromised in this revealing and practical demonstration. This 30-minute session will move beyond theoretical discussions, showcasing live exploitation ...

Ken Munro is presenting at 11:45 on Track 1: All at sea. Thought your OT / IT infrastructure was complex? Try doing it on a cruise ship. Cruise ships are among the most complex environments you’ll ...

Red teaming has always thrived on creativity, unpredictability, and a touch of chaos. But with AI in the mix, both the red (and blue) teams have to work harder to stay ahead. From automated generation ...

If you haven’t read the previous posts, I would recommend them as a primer to the devices, BLE and what we’re doing. In part one, we made a low-cost key finder beep by capturing and replaying BLE ...

In part one we started hacking Bluetooth and made a little £2 key-finder beep using only Android and Linux. If you haven’t read that post, I would recommend it as a primer to the devices, BLE and what ...

Ken Munro is presenting: Hacking planes. What can we learn on the ground from vulnerabilities in the air? Flying is safe, far safer than many other modes of transport. However, aeroplanes are ...

Most infrastructure testers go straight for existing public vulnerabilities or find issues in software to exploit. But what about the hardware sitting right under your nose? Routers, firewalls, ...