TL;DR  Introduction   In my previous blog post, I wrote about finding your path into DFIR; how to get started, where to focus ...

TL;DR  Introduction   There is a widely held belief that penetration testing Operational Technology networks is impossible.

UK Office Pen Test Partners LLP, Unit 2, Verney Junction Business Park, Buckingham, MK18 2LB, United Kingdom +44 20 3095 0500 ...

I stumbled into infosec the same year the NSA graced us with Ghidra. It’s by far become the most used tool in my arsenal for reverse engineering and vulnerability research. It’s free, extensible, and ...

Retail systems are designed for speed and convenience. That usually means lots of integration points, frequent change, and a long list of third parties that touch customer journeys. Attackers focus on ...

Infostealers are not new malware. They have been around for decades. What has changed is how effective they have become, and how easily they blend into normal user behaviour. In 2025, infostealers ...

I live in the countryside & as a result, know quite a few farmers. The subject of connected farming systems comes up quite a lot in the local pub. Those of you who have watched Clarkson’s Farm will ...

On a Red Team engagement we entered a busy multicloud estate. AWS, GCP and Azure were all used, with Terraform Cloud orchestrating every change. That brings speed and consistency, but it also ...

You’ve done a build review on a host and need to get files from a host, or need to access an application, for example, a Nessus instance running internally. There’s always evidence generated, but ...

I’ve been advising on cyber risk in the insurance sector for over a decade. It still surprises me how many proposal forms include questions that offer very little insight into the actual risk being ...

Along with user interactive tasks, Android needs a method of running things in the background. There are multiple methods of doing this, but the most common method is the service. This is a task that ...

AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is already publicly available if not privately hosted). This involves building an AI chatbot system ...