TL;DR  Introduction   I’m a huge fan of micro generation and domestic power storage batteries. However, as we dash for net zero, one of the ways to balance the grid is to capitalise on EV batteries ...

Why this sector is different Retail systems are designed for speed and convenience. That usually means lots of integration points, frequent change, and a long list of third parties that touch customer ...

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

If you went to our PTP Cyber Fest over the Infosec week you may have seen the PTP hack car being used as a games controller for the game SuperTuxKart (a free and open-source Mario Kart type game). You ...

When researching lateral movement techniques I came across a post from Raphael Mudge (of Cobalt Strike fame). He details scripting an Aggressor Script for Matt Nelson’s MMC20.Application Lateral ...

AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is already publicly available if not privately hosted). This involves building an AI chatbot system ...

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...

As well as running the Hacking You Fat: The FitBit Aria workshop at DefCon 23’s IoT Village this year (more on that later) we also thought we’d take on their big fridge challenge: “Can you own our ...

The Mitsubishi Outlander plug in hybrid electric vehicle (PHEV) is a big-selling family hybrid SUV. It has an electric range of up to 30 miles or so plus petrol range of another 250ish miles. We ...

The ability to edit Group Policy Object (GPOs) from non-domain joined computers using the native Group Policy editor has been on my list for a long time. This blog post takes a deep dive into what ...

On a Red Team engagement we entered a busy multicloud estate. AWS, GCP and Azure were all used, with Terraform Cloud orchestrating every change. That brings speed and consistency, but it also ...