Introduction   I stumbled into infosec the same year the NSA graced us with Ghidra. It’s by far become the most used tool in ...

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...

Key relay attacks against keyless entry vehicles are well known. Many 3 rd party car alarm vendors market themselves as solutions to this. We have shown that fitting these alarms can make your vehicle ...

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...

Unauthorised network access remains a significant threat, especially for organisations lacking robust network security controls. If an attacker infiltrates a building and connects their device to the ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

The aviation industry realised some time ago that taking a standard approach to the cyber security of its products was needed and that this was a specialist discipline. A family of documents was ...

Android has a number of different types of components that a program or app can instantiate to interact with the user or other programs. Recently I’ve been looking at exported as an interesting way to ...

AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is already publicly available if not privately hosted). This involves building an AI chatbot system ...

In a previous post we discussed the potential consequences of tampered take-off performance applications. We now discuss the integrity of Approach and Landing Performance applications, and potential ...

For those that followed my personal blog posts on Creating an EDR and Bypassing It, I developed a new tool called SharpBlock. The tool implements a Windows debugger to prevent EDR’s or any other DLL ...