Category: penetration testing

The Disgruntled Employee?
A Zero Day Latest News, pentest

The Disgruntled Employee?

When we talk about cyber threat actors one of the terms we use is “Disgruntled Employee”. Everyone knows what that means; someone who is fed ... Read More

Updating Airplanes
A Zero Day Latest News, pentest

Updating Airplanes

If you think updating Windows etc is painful, spare a thought for avionics maintenance engineers. Flight Management System (FMS) and related navigation databases (navaids, airspace ... Read More

Pwning a Smart Car Charger, Building a Botnet
A Zero Day Latest News, pentest

Pwning a Smart Car Charger, Building a Botnet

…or Why We Don’t Build Commercial IoT on a Raspberry Pi. A positive story of disclosure and remediation. We’re quite into our electric vehicles at ... Read More

Schiphol hijack false alarm. An insiders view of what happened
A Zero Day Latest News, pentest

Schiphol hijack false alarm. An insiders view of what happened

I had the misfortune of being at Schiphol last night as this unfolded: //www.bbc.co.uk/news/world-europe-50325887 All ended well, delayed by about an hour. Had the incident ... Read More

Objections to IoT regulation. A rational reply
A Zero Day Latest News, pentest

Objections to IoT regulation. A rational reply

I often hear objections to security-specific consumer IoT regulation, typically from industry lobby groups that have a vested interest in keeping regulation very ‘light touch’. ... Read More

Let’s Learn: Dissecting Lazarus Windows x86 Loader Involved in Crypto Trading App Distribution: “snowman” & ADVObfuscator
APT, Lazarus

Let’s Learn: Dissecting Lazarus Windows x86 Loader Involved in Crypto Trading App Distribution: “snowman” & ADVObfuscator

Goal: Document and dissect the latest Lazarus Windows 32-bit (x86) version involved in the crypto trading application distribution targeting Windows and macOS users. The malware ... Read More

Unmasking mystery boxes on ship’s bridges
A Zero Day Latest News, pentest

Unmasking mystery boxes on ship’s bridges

We pen test a variety of vessel and platform types across different fleets and operators. In every single test to date we have unearthed a ... Read More

Mapping the Attack Surface of an Airport
A Zero Day Latest News, pentest

Mapping the Attack Surface of an Airport

Aviation security is a complex environment. What first sparked my interest in avionics security was a comment from an airport customer of ours. They had ... Read More

Help, my accounts have been hacked! What should I do?
A Zero Day Latest News, pentest

Help, my accounts have been hacked! What should I do?

I run staff security awareness sessions for a huge variety of organisations. Regardless of where I am the most common question I get asked is ... Read More