TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

The behind-the-scenes, real stories you don’t get everyday. From accidental career pivots to hard-won promotions, these ...

Malice, Mistakes & Misunderstandings: The Insider Threat Spectrum (PG) “Tough conversations. Home truths. Real self-reflection. This isn’t just another talk — it’s an immersive, provocative session ...

TL;DR Data from legitimate microchip databases may be leaking or being scraped Enumeration attacks, where chip ID numbers are guessed, expose owner contact details Vet and warden accounts often lack ...

With the rights tools, and practice it’s possible for SMEs to do their own AD password audits without the expense of ...

If you went to our PTP Cyber Fest over the Infosec week you may have seen the PTP hack car being used as a games controller ...

TL;DR Introduction The Content Security Policy (CSP) is a layer of security for web applications that helps detect and stop ...

Introduction Microsoft Patches for October 2018 included a total of 49 security patches. There were many interesting ones including kernel privilege escalation as well as critical ones which could ...

Introduction The International Association of Classification Societies (IACS) have introduced two new Unified Requirements (UR); E26 “Cyber resilience of ships” and E27 “Cyber resilience of on-board ...

ACARS (Aircraft Communications Addressing and Reporting System, pronounced ‘ay-cars’) which is an avionics system used to for sending text messages between ground and airborne stations. This is a ...

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and ...