INSIGHTS
We like to help our clients learn how to better protect themselves. Here’s what we’re reading now.
- Jul 29,2021
15 min read
Vulnerability allows execution of any binary you want on macOS, bypassing the codesigning system.
- Jan 19,2021
3 min read
The COVID-19 pandemic has caused hospital systems’ resources to be strained to the breaking point, and in some cases, beyond. Those who manage and use information systems need to take action now.
- Oct 09,2020
1 min read
On October 8, 2020, OccamSec participated in a joint OWASP London and OWASP Suffolk meeting.
- Jul 30,2020
1 min read
Establishing a beachhead is an important objective during many of our security assessments. To gain further access into an environment we need to get access to an Internet facing system, which can then be used to pivot into the network. The walkthrough below is a real life example, taken from one of our projects
- Jul 23,2020
1 min read
Commercial drone programmes in the UK are being accelerated due to the restrictions enforced by the Coronavirus lockdown. From medical PPE drops from mainland UK to the Isle of Wight
- May 27,2020
1 min read
During the ongoing COVID-19 outbreak many security professionals have by necessity been operating tactically & in response mode, trying to identify and mitigate the security risks of organisations that have had to move rapidly to remote working.
- Apr 11,2020
1 min read
While some organizations are halting their use of Zoom due to security concerns and alerts that come on a seemingly daily basis; in some cases it might be the only option for some people and is still an immensely popular solution for remote meetings.
- Mar 11,2020
1 min read
In one of my past lives, before cyber security came along, I was a hostage negotiator. To give you an idea of just how long ago, during my training we were negotiating (through an interpreter) with “terrorists” who were holding “hostages” in a (very real) airliner, surrounded by (also very real) armed police, parked just off one of the (very busy) runways at London’s Heathrow Airport.
- Feb 28,2020
1 min read
As we are constantly evaluating and refining our methodology for cloud penetration testing in a rapidly changing landscape, with both cloud native and hybrid cloud environments, we sometimes have a hard time placing our approach into established contexts of an on-prem world.
PODCASTS
If you’d rather listen than read - Introducing ‘Burned by the Firewall’ - The OccamSec Podcast.
- Mar 24,2021
1 min read
In our season finale, Mike and Davin are joined by Cynthia Boumann, Head of Global Audit at Dover Corporation. She share her insights on the universe of risk, living through the winter storm in Texas, and why there should be now be a larger conversation on infrastructure and resilience.
- Feb 17,2021
1 min read
Davin is joined by senior penetration tester, Cayce Mahon, and the two discuss how she went from inking to leet hacking, why Infosec is similar to art, favorite pwnage moments (naming no names), and why more women need to step into cyber security.
- Feb 17,2021
1 min read
Davin is joined by ex-covert intelligence expert and strategic advisor to OccamSec, Bob Hayes, to discuss intelligence operations in relation to the SolarWinds event, organized crime groups, the biggest secret of the intelligence space, and nearly getting run over by a nuclear submarine.