Update Adobe Reader Your Adobe Reader Needs Updating Your version of Adobe Reader is outdated. To ensure the best experience … Continue reading Dark Duckie Hotel Demo| PwnDefend
This weekend I was running a workshop with my awesome friend James, where we were discussing the realities of wireless network security, man in the middle attacks and what we have found in the field, both from an offensive perspective and as corporate network defenders. As with all things in life, sometime reality doesn’t work quite as well as a demo! So I’ve done a quick thread on twitter showing the kill chain an adversary can deploy when attacking WPA2 PSK (without PMF enforced) networ...| PwnDefend
Recently the Online Safety Act (OSA) has come into force, now regardless of your opinion on this, I wanted to look at some things that exist today when considering children’s mobile phone access.| PwnDefend
The U.S. bombing of Iranian nuclear facilities on June 22, 2025, alongside Israel’s ongoing military campaign, marks a significant escalation … Continue reading Why U.S. and Israeli Airstrikes on Iran Won’t Shift the Cyber Threat Landscape| PwnDefend
In my travels I have found it matters more how you do IT securely than how you ‘do security’. What … Continue reading Bolting on security does not work| PwnDefend
In the world of cybersecurity, the term Security Operations Center (SOC) carries significant weight. It evokes images of highly skilled analysts working around the clock to detect, respond to, and mitigate cyber threats. However, not all SOCs live up to this expectation. If a SOC lacks core functions like triage, analysis, assessment, and remedial action, it’s not truly a SOC—it’s merely a contact center masquerading as one. Let’s explore why these functions are non-negotiable for a...| PwnDefend
As part of my Cyber SOC GitHub repo I’ve put together lots of resources to try and help people with … Continue reading Business Email Compromise Check List| PwnDefend
If you are are a victim of unauthorised mailbox access and/or attempted fraud via mailbox compromise (BEC) then you know … Continue reading Business Email Compromise: Impact Assessment| PwnDefend
Ok with my AI companion GROK I’ve gone exploring on the differences between Japan’s new cyber laws and the UK! … Continue reading Japan goes on the Cyber Offensive| PwnDefend
I’m back with my AI enabled self! This evening I’m jumping into some interesting things about WIFI probes! Now back … Continue reading Wifi, Iphones and Persec/Opsec| PwnDefend
Chances are, no one’s actually watching you — but in a world full of cameras, phones, and digital breadcrumbs, it’s smart to know how to move with a little more privacy. Whether you’re heading to your favorite coffee shop or just want to practice slipping through the city unnoticed, this guide will help you stay low-profile without going full secret agent. It’s about blending in, being unpredictable, and keeping your personal movements personal — all without looking over your shou...| PwnDefend
Using AI feels great sometimes and then empty others, this was created in seconds, it’s fine, it works.. but it has no soul! But who cares about soul when it’s a check list right? The more fundamental question is, do you have the policies, processes and procedures to defend against social engineering attacks against password resets? If not, perhaps this may help.| PwnDefend
A cyberpunk-styled visualization of the Scattered Spider attack flow, defensive countermeasures, and an interactive checklist with activity log, designed for WordPress compatibility.| PwnDefend
Currently there appears to be a relatively significant cyber security incident at Marks and Spencer. So I thought I would give a demo of using AI (LLM, GROK) to create a timeline:| PwnDefend
When a suspected email mailbox compromise is reported, initiating an investigation promptly is critical. However, to ensure the investigation is effective, certain minimum intelligence requirements must be met. This blog outlines the bare minimum data needed to start investigating a suspected email mailbox compromise, whether the intelligence comes from an internal team or a third-party source.| PwnDefend
