Cover Photo generated with AI - 19th November 2023 at 17:59 UTC by DALL-E 3 via Bing Chat Introduction In this post, I’m going to talk about a problem I recently experienced with permissions in GitHub, how I worked around them and what you need to know about OAuth permissions in GitHub. What …

Introduction I recently managed to pass the Google Cloud Certified: Professional Cloud Security Engineer exam. In my last post, I talked about the learning journey - this post will cover what I did to prep for the exam after completing those courses and my experience of the exam itself. Preparation …

Cover Photo by David East on Unsplash Introduction In this post, I’m going to talk about a concept you may have heard of (shadow admins), what they are, why they are a problem you need to care about, and what to do about them. What is a shadow admin? The name should be fairly self explanatory …

Cover Photo by National Cancer Institute on Unsplash Introduction In this post, I’m going to talk about becoming a Microsoft Security Researcher. I mentioned this in my last post. I sort of brushed over it but when I was speaking to one of my colleagues and friends about the post just before I …

Cover Photo by Joe Zlomek on Unsplash In this post, I’m going to talk about something that I discovered whilst working on a project a little while ago, some default behaviour in the Microsoft Azure Linux VM Agent which can lead to credential/secret leakage in your linux VM. What is the Azure …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked about the many challenges of implementing Least Privilege. You may have been forgiven for thinking this is all just too hard to do right from day …