TL;DR Introduction It’s more common than you might think to miss built-in defences. Windows has a lot of features that help ...
We are seeking an enthusiastic security consultant to join our team. Working alongside some of the best hacking minds in the country, you will be delivering pen testing services to a diverse range of ...
TL;DR Introduction Android splits its communications into multiple components, some of which we’ve written about before. One ...
I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...
When we carry out security assessments in Operational Technology (OT) and Industrial Control System (ICS) environments, one thing that often stands out is the use of dual-homed devices. In this blog ...
As Red Teamers, we often find information in SharePoint that can be useful for us in later attacks. As part of this we regularly want to download copies of the file, or parts of their contents. In ...
GPS is one service in the Global Navigation Satellite System (GNSS). Others include Russia’s GLONASS and the EU’s Galileo constellations. These are all used to provide Position, Navigation, and Timing ...
At Infosecurity Europe this year, we demonstrated multiple methods to interrupt the shipping industry, several of which haven’t been demonstrated in public before, to our knowledge. Some of these ...
Kubernetes has changed the way we deploy and scale workloads. It’s powerful, flexible, and very good at hiding a lot of complexity. It is also very good at hiding security problems until someone ...
On a recent Red Team engagement we got Domain Admin privileges on the on-premises Active Directory (AD) network. But we had not yet gained access to their cloud estate, which was hosted in Azure. Our ...
It’s been a while since I wrote a “Vulnerabilities that (mostly) aren’t” post, but a recent discussion in our pen testing teams brought about a change in how we’re reporting LUCKY13 (and potentially ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback