Notes from the attack team.
Field notes on red teaming, pentesting, TIBER/DORA and offensive security training.

Attackers’ Truth: Adapting the Storm-2949 Cloud Breach for Red Teaming
In February 2026, a critical manufacturing organization was compromised not by zero-day malware, but by their own cloud architecture.

Cybersecurity Breakfast Session together with the Austiran Business Council, Netherlands Business Council and the German Emirati Joint Council for Industry & Commerce
Speaking at the recent Austrian Business Council UAE cybersecurity event reinforced a critical market reality. The region is building the future, but foundational security is trailing behind the pace of innovation.

One-Off vs. Managed Pentesting: What Financial Institutions Must Know
Banks and large enterprises are not defined by a single website or mobile app. A modern financial institution might operate hundreds of interconnected services – from customer-facing portals to backend APIs, building management systems, and even IoT-based C…

Pandas, Bears and Threat Actors: Why Red Teaming Goes Beyond CVEs
Why are there a panda and a bear in our current social media banners? They are not random mascots – they represent real-world threat actors (e.g., China-based APT “Panda” groups and Russian “Bear” groups) that define modern cyber conflict. Each has its own…

We have security solution X, do we even need a pentest?
" We already run Vectra and CrowdStrike — do we still need pentests? " This caught me a bit off-guard.