Cover Photo by David East on Unsplash Introduction In this post, I’m going to talk about a concept you may have heard of (shadow admins), what they are, why they are a problem you need to care about, and what to do about them. What is a shadow admin? The name should be fairly self explanatory …

Cover Photo by National Cancer Institute on Unsplash Introduction In this post, I’m going to talk about becoming a Microsoft Security Researcher. I mentioned this in my last post. I sort of brushed over it but when I was speaking to one of my colleagues and friends about the post just before I …

Cover Photo by Joe Zlomek on Unsplash In this post, I’m going to talk about something that I discovered whilst working on a project a little while ago, some default behaviour in the Microsoft Azure Linux VM Agent which can lead to credential/secret leakage in your linux VM. What is the Azure …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked about the many challenges of implementing Least Privilege. You may have been forgiven for thinking this is all just too hard to do right from day …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about what Least Privilege actually is. In this post, I’ll explore common approaches taken/tooling used to address some of …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about the history of computers and privileged access. In this post, I want to get into a term you may hear a lot of if you work in …