It is always a bit of a shock when an easily exploitable way to gain SYSTEM or root-level privileges comes to light, especially for overworked, underpaid system administrators who have to get to work pronto before man+dog have a go. And so our gast was flabbered this week by a Twitter post by ‘jonhat’ which showed that just by installing a … Read more
If you have been reading the security news, you will no doubt have seen the enormous crypto-asset heist from Chinese Blockchain outfit Poly. Initially relieving them of about $600 million worth of crypto goodies 2 weeks ago. There have been many interesting reports of coins being returned, then not returned, reward and job offers. It … Read more
Some of the unjustified and truly ancient at Tiberium HQ are so old that they know Morse Code. Several have actually passed tests in it and used it in either fear/anger or from the comfort of their floating Gin Palace. Seems that Phishing/Hacking gangs or at least one of them have been using (amongst other techniques) none other than Morse Code to … Read more
This week we are starting out with something unapologetically geeky, which shows a fresh attitude to platform development at Microsoft and if you are anything like us, has the capability of sending you down a rabbit hole for an afternoon at least. This week Jonathan Norman, the vulnerability research lead for Microsoft Edge (we are still gruntled … Read more
In this blog we talk about the concept of ‘Zero Trust’, what it is, why it is important and what it means for you. Ours is an industry of buzzwords, hype, trend and quite often smoke and mirrors. Technologies come, usually in the form of some niche, initially expensive functionality. They enter the mainstream as the big … Read more