Insights, information
and resources

Our Approach to Exploiting CVE-2023-4911: A Deep Technical Dive into a Local Privilege Escalation bug

There is an ever growing risk of cyber-attacks against educational institutions. It becomes increasingly important to implement measures protecting student data and information.

A cautionary tale demonstrating the additional benefits of continuous penetration testing in the detection of hard to find vulnerabilities.

When it comes to space data centers, threat models play a crucial role in ensuring the security. From cosmic radiation to potential cyberattacks, safeguarding our extraterrestrial data is going to be an ongoing mission!

The new SEC cybersecurity risk management ruling can be treacherous waters to navigate, are you and your organization prepared?

An example of creative chaining of lower risk vulnerabilities into a critical finding, highlighting why lower risk issues may be more than they seem.

Security awareness training is fundamentally flawed and probably a waste of time and resources.

Find out why the best way to protect your environment is to combine the benefits of AI with the endless creativity of people.

Go into the mind of one of our penetration testers to see how they abused a known issue with Sequelize to get SQL injection.

Darren and Mike are joined by a fellow Scotman, Robbie Tyrie, Application Security Lead at FNZ. With millions of transactions to secure every month, Robbie discusses how the FNZ team manage the security of their environment and leverage automation throughout various stages of application development and production. And of course, be prepared for a little bit of football rivalry.

Founder and CEO of the Cyber Helpline, Rory Innes, joins Mike and Darren in the studio to discuss their mission what drove his team to start their work five years ago. Now responding to over 800 incidents a year, the Cyber Helpline brings expert advice to everyone, and gain some interesting stories along the way.

Mike and Darren are joined in the studio by Joshua Finney who was recently named CISA’s Cybersecurity Division Employee of the Year. Josh covers some of the critical gaps and weaknesses he sees in his day to day, some of the initiatives being undertaken, and provides salient guidance for business of all size.