tomneaves.com
  • about
  • archives
  • 05/09/2025 Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files
  • 21/04/2025 Agent In The Middle - Abusing Agent Cards In The Agent-2-Agent (A2A) Protocol To 'Win' All The Tasks
  • 20/03/2025 Why Principle of Least Privilege Matters More Than Ever in A World Of Backdoored LLMs
  • 10/12/2024 When User Input Lines Are Blurred: Indirect Prompt Injection Attack Vulnerabilities in AI LLMs
  • 27/03/2024 Why We Should Probably Stop Visually Verifying Checksums
  • 01/03/2024 Hunting For Integer Overflows In Web Servers
  • 26/01/2024 Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
  • 11/01/2024 (Response) Splitting Up Reverse Proxies To Reach Internal Only Paths
  • 17/10/2023 Hidden Data Exfiltration Using Time, Literally
  • 27/08/2023 SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames
  • 08/06/2023 From Admin to AdminPlusPlus: Breaking Out of Sandboxed Applications Through Recon, Being Brave and Abusing SSO Domain Account Mappings
  • 30/05/2023 Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining
  • 23/05/2023 From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over
  • 18/05/2023 When User Impersonation Features In Applications Go Bad
  • 16/05/2023 Abusing Time-Of-Check Time-Of-Use (TOCTOU) Race Condition Vulnerabilities in Games, Harry Potter Style
  • 13/04/2023 CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd
  • 25/03/2021 From Creative Password Hashes to Administrator: Gone in 60 Seconds (Or Thereabouts)
  • 20/01/2021 FTSE100: Cyber and The Board - Where Are We Now?
  • 04/02/2020 Reversing (and Recreating) Cryptographic Secrets Found in .NET Assemblies Using Python
  • 03/11/2014 Smuggler - An interactive 802.11 wireless shell without the need for authentication or association
  • 19/03/2014 Has Cyber Security Awareness Improved Among the Largest UK Businesses?
  • 04/03/2013 'Cyber' Security must become a board level issue in the UK
Copyright © 2025 Tom Neaves. All Rights Reserved.