TL;DR Closing the Loop Just before COVID struck the world, I was travelling through Colorado on a Sunday on a ski trip with ...

TL;DR Introduction  AI is proving to be a useful companion for analysing data at scale for forensic examiners (data that is ...

TL;DR Introduction BIOS protection is the digital equivalent of a locked front door, but what if the doorbell doubled as a ...

TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

US Office Pen Test Partners Inc, 222 Broadway 22nd Floor, Suite 2525, New York, NY 10038, US +1 646 693 2501 ...

We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The attacker delivered an attack that combined remote code execution, persistence, tunnelling, and a ...

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...

Over the last year of looking at kids GPS tracking watches we have found some staggering issues. With these devices it almost seems that having multiple security issues is the new normal. While ...

I’ve had a keen interest in the original RottenPotato and JuicyPotato exploits that utilize DCOM and NTLM reflection to perform privilege escalation to SYSTEM from service accounts. The applications ...