Many organisations are turning to virtualisation of apps and desktops. This often involves virtualisation platforms such as Citrix to deliver these services. Get your configuration or lock-down wrong ...

Unit 2, Verney Junction Business Park, ...

We help keep money in the banks, planes in the sky, and the lights on.

Ross Donald will be presenting: Flirting with AI: Pwning web sites through their AI chatbot agents and politely breaking guard rails Everyone is implementing AI chatbots to improve their customer ...

SharePoint is a Microsoft platform that enables collaborative working and information sharing. This done with team sites. They work like regular intranet pages with graphics and text, but they also ...

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...

My first DEF CON talk was nerve-racking but something I would definitely put myself through again. In hindsight I should have submitted a 45-minute talk as there were some elements missing from what I ...

The events in Baltimore earlier this year brought maritime cybersecurity into the spotlight. Initial outlandish claims asserted that the MV Dali was certainly hacked, whilst others made the equally ...

Threat modeling works to identify, communicate, and understand threats and mitigations within the context of protecting something of value. A threat model is a structured representation of all the ...

A few weeks back we read a story on the BBC web site about a BBC employee seeing someone else’s video footage on the mobile app for their home security camera. It wasn’t clear how this happened, but ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

When we carry out security assessments in Operational Technology (OT) and Industrial Control System (ICS) environments, one thing that often stands out is the use of dual-homed devices. In this blog ...