Byte by Byte: My Path into Cyber

  AI ‑ Native Malware: The Emerging Reality Behind Adaptive Cyber Threats As AI becomes woven into everyday tools and workflows, the cyber threat landscape is evolving alongside it. One of the most significant shifts is the emergence of AI ‑ native malware malicious software that doesn ’ t just use AI during development but actively integrates AI models into its runtime behaviour. This isn’t science fiction anymore. While we’re not facing a fully autonomous “Skynet” scenario, recent discoveries show that adaptive, AI ‑ driven malware is already operating in the wild. The question is no longer if AI ‑ native malware will exist, but how quickly it will mature and what that means for defenders.   What Makes Malware “AI ‑ Native ” ? AI ‑ Assisted Malware Traditional malware created with help from AI tools such as LLMs. Attackers may use AI to: • Write phishing content • Generate exploit code • Speed up reconnaissance But the malware itself behaves conventionall...

  I’ve not posted here in a long time, due to having some issues in my personal life, but that has also given me chance to take stock of my situation and going forward, my lab is going to be focused on the practical side of the CySA+ exam from COMPTIA, I’ll be writing about using my home lab with tools such as NESSUS, Wireshark, NMAP, and for a SIEM I will be looking to broaden my cloud knowledge and looking into Azure and Microsoft Sentinel. I will continue to write about breaches and attacks that pique my interest. With the first one of those coming in the next couple of days, on the subject of AI native malware.

It’s been a long time since I posted to this blog, I’ve had some personal issues that I needed to resolve and unfortunately this had to take a back seat for a while. But that said here is a new post regarding the ongoing issues at JLR.   The Impact of the Cyber Incident   Since late August, the UK’s largest car manufacturer has been grappling with a cyber incident that’s triggered a global production shutdown. The company’s IT systems are offline, its plants are silent, and tens of thousands of vehicles are stuck in limbo. What’s missing? Answers. The disruption began when unusual activity was first suspected in the company’s systems towards the end of August 2025, prompting an internal escalation and reports of outages by staff on 31 August. By 2 September, the company confirmed a “cyber incident” and halted all operations worldwide, affecting manufacturing plants in Solihull, Halewood, and Wolverhampton, as well as facilities overseas in China, India, and Slovakia....

  How Local Governments Became the New Frontline in Cybersecurity In recent years, the digital environment for regional councils across the United Kingdom has dramatically shifted, transforming from a relatively quiet administrative arena into a high-stakes battleground. This change has been underscored by a staggering 388% surge in cyber data breaches among UK local governments over the past three years. With over 12,700 incidents logged across just 24 metropolitan councils, it is clear that local authorities are struggling to keep pace with the escalating frequency and sophistication of cyber threats ( The experiences and impacts of ransomware attacks on individuals and organisations ). The Hardest Hit: Regional Targets Among the most severely affected are councils in Sheffield, Manchester, Portsmouth, and Wakefield. Sheffield City Council, for instance, has reported 1,512 breaches including 26 significant cyber security incidents since 2022. Each incident is more than a nu...

  Recently, I took a significant step in upgrading my home lab by installing a second mini PC: the BOSGAME P3 Lite Mini PC, powered by a Ryzen 7 6800H processor complimenting the mini PC I already have a GMKtec M7 AMD Ryzen 7 Gaming Mini PC 6850H. Alongside this, I added a TP-Link TL-SG608E Managed 8-Port Gigabit Network Switch, promising both increased computing power and enhanced networking capabilities. After physically connecting and configuring the new equipment, I was inspired to create a more enterprise-like environment. My specific goal was to deploy Active Directory on a virtual machine hosted by the new mini PC, allowing me to explore Windows Server administration hands-on and experiment with real-world domain scenarios such as group policy management, user authentication, and network segmentation. The managed switch opened opportunities to simulate advanced network topologies, including VLANs and bandwidth management. Meanwhile, the mini-PC’s robust Ryzen processor a...