Managing vulnerability reports is difficult for an organisation.  In an ideal world, something like this happens: Everyone is ...

TL;DR Introduction Infostealers are not new malware. They have been around for decades. What has changed is how effective ...

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...

The ability to edit Group Policy Object (GPOs) from non-domain joined computers using the native Group Policy editor has been on my list for a long time. This blog post takes a deep dive into what ...

The UK is witnessing a rise in phone thefts. This surge in criminal activity sees thieves brazenly snatching smartphones from unsuspecting pedestrians, often in broad daylight and crowded areas. In an ...

When we planned the first PTP Cyber Fest last year, we set out to create something different from the usual cybersecurity events. After two busy days last week, we can proudly say the event delivered ...

A few weeks back we read a story on the BBC web site about a BBC employee seeing someone else’s video footage on the mobile app for their home security camera. It wasn’t clear how this happened, but ...

For those that followed my personal blog posts on Creating an EDR and Bypassing It, I developed a new tool called SharpBlock. The tool implements a Windows debugger to prevent EDR’s or any other DLL ...