TL;DR  Introduction   There is a widely held belief that penetration testing Operational Technology networks is impossible.

TL;DR:  What DORA is, who it affects, and what “good” looks like  If you run a financial services business in the EU, or you provide tech to one, DORA (the Digital Operational Resilience Act) is now ...

UK Office Pen Test Partners LLP, Unit 2, Verney Junction Business Park, Buckingham, MK18 2LB, United Kingdom +44 20 3095 0500 ...

Retail systems are designed for speed and convenience. That usually means lots of integration points, frequent change, and a long list of third parties that touch customer journeys. Attackers focus on ...

It’s more common than you might think to miss built-in defences. Windows has a lot of features that help keep your identity safe, make endpoints more secure, control what software can run, and make it ...

Kubernetes has changed the way we deploy and scale workloads. It’s powerful, flexible, and very good at hiding a lot of complexity. It is also very good at hiding security problems until someone ...

In my previous job as the SOC manager for a public sector organisation, I would often see attempts from scammers trying to get some unlucky employee’s payroll details changed to their own bank account ...

Windows thumbnail cache, or thumbcache, is a well-known forensic artifact, but often one that is overlooked. The thumbcache stores small previews of images, videos and documents and can persist even ...

The UK Cyber Security and Resilience Bill (CS&R) was announced last year in the King’s Speech. It addresses gaps in current regulation, like NIS, with a broader scope, enhanced incident reporting ...

In certain circumstances it can be challenging installing client applications for testing. Situations arise where the application could be provided unsigned or requires self-signing. As a result, the ...

When we carry out security assessments in Operational Technology (OT) and Industrial Control System (ICS) environments, one thing that often stands out is the use of dual-homed devices. In this blog ...

As Red Teamers, we often find information in SharePoint that can be useful for us in later attacks. As part of this we regularly want to download copies of the file, or parts of their contents. In ...