TL;DR Why Discord appeals to attackers Discord has become an attractive tool for attackers not because it’s malicious, but ...

Join us for an evening of relaxed networking, conversation, and connection with the local cyber and tech community. OxCyber Socials are designed to bring together cybersecurity professionals, tech ...

We are seeking a DFIR Analyst to join our team, leveraging their technical expertise and investigative mindset to support forensic investigations and incident response engagements. The ideal candidate ...

Join Spencer Kelly and Ken Munro for a special Cybersecurity Awareness Month briefing on the biggest threats facing ...

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...

Over the last year of looking at kids GPS tracking watches we have found some staggering issues. With these devices it almost seems that having multiple security issues is the new normal. While ...

If you went to our PTP Cyber Fest over the Infosec week you may have seen the PTP hack car being used as a games controller for the game SuperTuxKart (a free and open-source Mario Kart type game). You ...

The Mitsubishi Outlander plug in hybrid electric vehicle (PHEV) is a big-selling family hybrid SUV. It has an electric range of up to 30 miles or so plus petrol range of another 250ish miles. We ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...

The ability to edit Group Policy Object (GPOs) from non-domain joined computers using the native Group Policy editor has been on my list for a long time. This blog post takes a deep dive into what ...

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...

At Infosecurity Europe this year, we demonstrated multiple methods to interrupt the shipping industry, several of which haven’t been demonstrated in public before, to our knowledge. Some of these ...