2023

• Green Team Tree Planting at Ōwhiro Bay

  26th June 2023

  ZX Green Team gets muddy planting native trees.

  View insight: Green Team Tree Planting at Ōwhiro Bay

• ZX Hosts 10 Brandon Street Green Team meeting

  20th June 2023

  Last month ZX hosted the 10 Brandon Street Green Team meeting bringing together Green Teams from other companies in our building to share sustainability ideas.

  View insight: ZX Hosts 10 Brandon Street Green Team meeting

• Setting off on our carbon neutral journey

  27th February 2023

  We are thrilled to announce that we have officially set off on our carbon neutral journey with Toitū Envirocare!

  View insight: Setting off on our carbon neutral journey

2022

• Running a runZero (rumble.run) Rumbler for Zero Dollars

  10th November 2022

  How to take advantage of the normal way users deploy runZero asset discovery to capture credentials

  View insight: Running a runZero (rumble.run) Rumbler for Zero Dollars

• Green Team May Beach Clean Up

  22nd June 2022

  This past May the ZX Green Team went out on a mission to tidy up local shores.

  View insight: Green Team May Beach Clean Up

• Customising Blacklist3r for OWIN OAuth Access Tokens

  19th January 2022

  Using a modified version of Blacklist3r, we managed to bypass authentication in OWIN

  View insight: Customising Blacklist3r for OWIN OAuth Access Tokens

2021

• Hacking for Heroes will return…

  14th December 2021

  We’re excited to announce that Hacking for Heroes will return in 2022

  View insight: Hacking for Heroes will return…

• Reverse engineering BMC PATROL Agent for static keys and IVs

  16th July 2021

  A dive into BMC PATROL Agent and the security issues within.

  View insight: Reverse engineering BMC PATROL Agent for static keys and IVs

• All my Intune users could become Local Administrators and it's a Feature?

  19th March 2021

  An investigation into how Intune allows users to escalate their privilege to become a local administrator.

  View insight: All my Intune users could become Local Administrators and it's a Feature?

• Microsoft GovTech presentation - Azure Security Faux Pas

  18th March 2021

  Blaise St-Laurent presented to the Microsoft GovTech forum on the 18th of March 2021 on the various mistakes, misconfigurations and missteps that ZX Security has seen in the last 2 years’ Azure security reviews.

  View insight: Microsoft GovTech presentation - Azure Security Faux Pas

2020

• AWSUG Presentation - AWS Security Faux Pas

  4th November 2020

  Blaise St-Laurent presented to the Aotearoa AWS Users Group on Tuesday the 10th of November 2020 on the various mistakes, misconfigurations and missteps that ZX Security has seen in the last 2 years’ AWS security reviews.

  View insight: AWSUG Presentation - AWS Security Faux Pas

2019

• Service Workers

  8th August 2019

  Claudio Contin was interviewed by the Daily Swig regarding his research into registering malicious service workers.

  View insight: Service Workers