top of page
All Posts
Uncovering Rolling Window Vulnerabilities: A Closer Look at Digital Lock Security
Digital locks have transformed home and business security, providing both advanced features and unparalleled convenience. Yet, with this...
Feb 145 min read
DEFCON 31 Vishing Competition: Lessons from a judge
Read key lessons from the DEF CON 31 vishing competition for a different view on social engineering.
Aug 18, 20236 min read
10 million most popular websites
Our list of the top 10 million websites available for you to freely download
Dec 22, 20224 min read
Ruby off the Rails (CVE-2022-3704)
Understanding Ruby on Rails vulnerability CVE-2022-3704 and what it means for future-proofing code
Nov 15, 20223 min read
Lessons from Pentesting Smart Buildings
How to hack (& protect) smart devices. We share common findings from our smart building pentests.
Jul 20, 20227 min read
UK councils at risk of cyber attack: our ITV News interviews
We recently featured on ITV News explaining the Hackney Council cyber attack and the threat facing UK councils. Catch up on the videos.
Jul 6, 20221 min read
How safe are safe deposit boxes?
From Ocean's Eleven to The Da Vinci Code, heists of safe deposit boxes are often in the media. We take a deep dive into their security.
Jun 29, 20225 min read
Three things that every developer should know about cyber security
What every ethical hacker wishes developers knew about cyber security.
Mar 31, 20227 min read
You're the Salt to my Hash
Why hashing and salting are key ingredients for storing passwords securely.
Feb 14, 20225 min read
Divide and Contain
How do you protect your home network from cyber attacks against your employer? Read our overview of VLANs.
Feb 8, 20225 min read
Notes from a Pentester: How we found 2 new BuddyBoss vulnerabilities
How we discovered two Wordpress plugin vulnerabilities: CVE-2021-43334 and CVE-2021-44692.
Jan 26, 20224 min read
Notes from a Pentester: CVE-2021-43333 (DataLogic Devices)
During a recent pentest for a client we discovered a number of devices on their network that looked interesting, after 25 years of...
Jan 10, 20223 min read
How to Build Your Own Log4Shell Demo (CVE-2021-4428)
A step-by-step guide to building your own Log4Shell demo, with video overview.
Dec 16, 20213 min read
Explaining Log4Shell in Simple Terms
Vulnerabilities are discovered everyday. While some can be serious, most are not so scary that they get everyone in a (justifiable)...
Dec 13, 20216 min read
Digital Trust versus Zero Trust?
If people feel that there is "zero trust" of them, why should they trust you back?
Jul 23, 20213 min read
CVE-2021-29203 (HP Edgeline Manager) - Explained
FC takes a look at a proof of concept for CVE-2021-29203 (HP Edgeline Manager).
May 17, 20212 min read
Security for gamers: top tips
Gaming consoles and video games are always a popular gift over the festive period and this Christmas will be no different. The Covid-19...
Dec 11, 20202 min read
Internet of Things Device Security
Here it is folks! Week 3 of Cyber Security Awarness Month 2020, Do Your Part. #BeCyberSmart. In our third guidance document of Cyber...
Oct 15, 20202 min read
QR Codes: Top tips for using them securely
Blog post by Dave Mound What is a QR code? With the introduction of the Covid-19 contact tracing app in England and Wales, we're all...
Oct 6, 20204 min read
What is APT28's Drovorub Malware?
The NSA and FBI have today released an advisory (pdf) about the previously undisclosed malware called Drovorub, that has been attributed...
Aug 13, 20202 min read
bottom of page