Lucene search
K
PentestpartnersMost viewed

506 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2022/09/02 5:18 a.m.22 views

When disclosure goes wrong. People

My experience of vulnerability disclosure is that it is rarely as easy or simple as it could be. I had hoped that bug bounty programmes and vulnerability disclosure programmes VDPs would help matters. Broadly that doesn’t seem to be the case, often for unexpected reasons. It’s not all bad though...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/09 5:9 a.m.22 views

Constrained environment breakout. .NET Assembly exfiltration via Internet Options

It’s not uncommon for developers to find that they need to help their end users. For starter, the business requirements for software can be highly convoluted and technical. Working with banking systems, insurance firms, actuarial services etc, most developers aren’t going to understand the proces...

0.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/23 5:43 a.m.22 views

Commercial Air Transport EFB Regulation

Introduction The Electronic Flight Bag EFB is a device pilots use to gather information. This includes viewing airport charts ground and in-flight, calculating take-off and landing performance, as well as multiple other uses as detailed in our other EFB blog posts. EFB regulation is, in a word,...

6.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/14 5:23 a.m.22 views

EFB Tampering. Approach and Landing Performance Part 1

Approach and Landing Performance Part 1: Introduction and Landing Distance Calculations Click here for part 2 TL;DR Approach and landing performance applications perform calculations to provide critical performance data to pilots e.g. speed / flap settings on approach Modifying any one of these...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/10 6:3 a.m.22 views

EFB Tampering. The Human Factor

Like most people, pilots want to expedite things and generally make their work easier. A common conception about aviation is that its a leading industry with technology at its forefront. While this is generally true some of the systems in use today are rather dated to put it mildly. A great examp...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/06/30 10:55 a.m.22 views

What an IoT assurance scheme could look like

We’ve seen our fair share of vulnerable smart devices over recent years, our blog is littered with examples. We have already commented on the DCMS Secure by Design initiative, it’s a great initiative as is, however, we do want to see it evolve and become more rigorous over time. This should not b...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/05/18 8:3 a.m.22 views

Penetration Testing Requirements for GDPR

We get lots of people asking us what it is they need to have tested as a requirement for GDPR Compliance, so I've put this together to provide some clarity. This post is NOT a definitive guide to the General Data Protection Regulations. It is however, helpful, real world advice about what you...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/27 6:31 a.m.21 views

BEC-ware the Phish (part 3): Detect and Prevent Incidents in M365

TL;DR Take lessons learned from investigation, such as reviewing how emails evaded existing phishing controls to update anti-malware policies. Configure Defender for Office and Defender for Cloud Apps threat and alert policies to prevent and detect email-based attacks. Don’t rely on out-of-the-bo...

6.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/05/24 5:52 a.m.21 views

UK PSTI? You’ll need a Vulnerability Disclosure Program!

If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act. One of the three mandatory areas is that you have a vulnerability disclosure program VDP In the supporting materials for the Act,...

7.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/01/02 6:32 a.m.21 views

Helping a mobile malware fraud victim

Back at the start of October, we had a call from the BBC asking if we could help unpick a fraud. The victim had been defrauded of £12,000 through a rogue bank transfer and mentioned that her Android mobile phone had been behaving oddly. Of course we would help; who wouldn’t be up for the...

6.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/08/05 5:39 a.m.21 views

Maritime regulation. All Hands-on Deck!

TL;DR The regulation from the IMO has changed, you need to do more about cyber security. Key things to focus on: Start asking questions of your supply chain, of your own IT and OT teams Assess the security configuration per vessel – each are different Use Critical National Infrastructure controls...

0.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/10/05 5:23 a.m.21 views

How to build a password cracking rig during a worldwide chip shortage

… and keep a domain password auditing service online. Making money on GPUs, the hard way… At PTP we had a fairly decent GPU password cracking box called Titan. It used 4×1080 GPUs and had an NTLM hash rate of around 180GH/s. Several years ago I realised that the box was sitting idle much of the...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/03/10 10:27 a.m.21 views

9 things to consider when staff work from home unexpectedly

Many businesses are reviewing and updating their response plans currently. Some might consider closing offices. This may be an appropriate response, but have you considered the effect on employees that have never worked from home before? Security considerations can be quite different, as working ...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/05/01 6:36 a.m.21 views

UK Government gets serious about consumer IoT security. Legislation on the way

The Digital Minister Margot James today announced a concrete mandate for dealing with the slew of insecure IoT dross that has plagued consumers over the last few years. The aim is simple, to ensure that the millions of household items that are connected to the internet are better protected from...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/01/02 9:35 a.m.21 views

Hacking the Echo echo echo

Smart home assistant. Not-so-smart TV Amazon Echo is considered pretty secure in the security community. Remote exploitation is a pipe dream, requiring months of research to stand any chance. But what about using other devices in the home to exploit it instead? Working on a smart Samsung TV and a...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/03 11:55 a.m.21 views

Hacking the Bitfi Part 3: The device with no storage

TL;DR? Here’s proof that the Bitfi has storage and that it’s been rooted. -The Bitfi boots at 20 seconds. We’re not disclosing the method yet, as there is plenty more work to be done here. If you’ve been keeping an eye on Twitter, no doubt you’ve seen the unravelling mess that is the security of...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/04/17 3:51 p.m.21 views

‘Hacking’ the Nespresso Prodigio and Jura E8 coffee machines

You’ll probably know by now that I have a particular interest in the security of IoT coffee machines and tea kettles. Sometimes security is so poor that we have to laugh. Such simple security issues. Now, when I’m feeling lazy and possibly a bit hung over, I really can’t be bothered to make coffe...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/10/24 5:14 a.m.20 views

Using Volatility for advanced memory forensics

TL;DR Memory forensics enhances investigations by analysing volatile data in RAM unavailable in disk forensics. Key insights from memory include running processes , network connections , encryption keys , and user activity , vital for real-time investigations. Smaller memory images 4-32 GB offer...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/08/01 5:46 a.m.20 views

Bootloaders explained

TL;DR Modern computers have a program that starts the operating system, known as a bootloader Bootloaders can be communicated with to access storage and sometimes RAM directly They are all individual to the chipset in use. Bootloaders explained In its simplest form, a bootloader is a low-level...

8.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/02/07 6:57 a.m.20 views

Ski & bike helmets protect your head, not location or voice

TL;DR Livall smart ski and bike helmet app leaks the wearers real time position Group audio chat allows snooping on conversations Both issues are due to missing authorisation Bike app affects 1 million users, ski app affects a few thousand users Fixed by the vendor, but after we had to call on a...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/10/31 6:28 a.m.20 views

FDA medical IoT cyber device compliance. FD&C 524b

TL;DR FD&C 524b is new FDA legislation for medical cyber device compliance Introduced on March 30th 2023 it is now a firm requirement as of October 1st 2023 It demands provision of complex evidence that manufacturers take security seriously Medical cyber device market There are over 10,000 medica...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/10/03 5:23 a.m.20 views

Call centres. Outbound call verification

TL;DR: Stop asking customers to verify themselves Reduce friction and annoyance Empower your staff to be more effective Develop an alternative model that works best for you I’m sure we’ve all experienced authenticating ourselves when calling a company. You have a hopefully trusted contact number,...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/09/27 5:29 a.m.20 views

Which security framework? All of them, in the SCF

TL;DR: All roads lead to Rome. There are plenty of ways to meet your security requirements ISO 27001 is not everything. There, I said it What is the Secure Controls Framework SCF? Why you should consider SCF on your journey to security excellence PTP has a myriad of customers coming for help to...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/08/14 5:47 a.m.20 views

Scorpion CBS show. Plane hack

Having got on a bit of a roll with dismantling plane hacking in the media with the MH370 documentary critique, it’s probably time to tear apart the pilot episode of Scorpion from 2014. Here’s a link to the relevant part of the show: Why? It’s clearly just an entertainment show, so why bother...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/03/17 6:17 a.m.20 views

Carbon reduction at PTP

Introduction I’ve been a bit of an eco-warrior since I got my first electric car in 2015, and I’ve been on a personal mission since then to reduce my carbon footprint. I realised I could do more for the environment if I could get Pen Test Partners PTP on board with some carbon reduction ideas too...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/09/28 5:28 a.m.20 views

Attacking Encrypted HTTP Communications

TL;DR The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers. Introduction Different embedded devices have their own take on...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/06/28 5:47 a.m.20 views

CMC Electronics EFB breakout vulnerability

We’ve been finding vulnerabilities in electronic flight bags for a few years now. Disclosure response from the vendors involved has varied from excellent to radio silence. In every case we have tried extremely hard to engage with the vendors involved, even where we were ignored. We asked friendly...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/25 5:42 a.m.20 views

747 Hackathon

As is probably clear from our blog and public talks aviation cyber security is an area of huge interest to us. Some of us are also light aircraft pilots, so the crossover of two of our loves makes for some fascinating research. Over the last few years we’ve managed to get access to several...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/12/15 7:16 a.m.20 views

Gumtree – leaking your data and not really listening

Sometimes finding vulnerabilities is as simple as… just looking. TL;DR 1. Gumtree is a UK-based site where users can advertise items for sale. 2. It leaked the PII of sellers to other users of the site within the HTML source of the adverts. Email address, postcode, GPS location, and the seller’s...

6.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/27 5:17 a.m.19 views

Our capabilities. A story about what we can achieve

Introduction Over the years we have been fortunate to have been called upon to help with some challenging investigations. iPhone prize scams, ransomware attacks that weren't, aiding the Steele Dossier case, and even a fraudulent €14 million transfer. Here we've picked out the most interesting one...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/18 6:31 a.m.19 views

Watch where you point that cred! Part 1

TL;DR Poorly protected authentication requests from privileged automated tasks e.g. vulnerability scanners, health checks could be intercepted by rogue authentication servers planted in the internal network. Weak authentication methods, overly broad privileges and scopes, as well as poor network...

8.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/01/28 6:59 a.m.19 views

How Garmin watches reveal your personal data, and what you can do

TL;DR A walk-through of obtaining sensitive data from a Garmin watch using forensic techniques How digital forensics on a Garmin watch helped solve a double murder case A comparison of Garmin's privacy with other brands including Fitbit, Apple, and Samsung Understand the security and privacy...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/09/18 5:17 a.m.19 views

Cyber threats to shipping explained

TL;DR Modern vessels are becoming increasingly connected. While it is unlikely that hackers could fully control a container ship remotely, they may be able to disrupt systems such as the Power Management System PMS, leading to blackouts and associated loss of propulsion and steering. Although...

7.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/01/04 6:59 a.m.19 views

RAID Technology and the importance of disk encryption in data security

Introduction Recently we were engaged by a client experiencing a potential data leak incident. Amidst their expansion, they were constructing a new data centre. Due to pressing business needs, they accelerated the setup of part of their infrastructure. This urgency led to them setting up a Domain...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/12/07 6:45 a.m.19 views

Navigate FDA 524b to get your medical cyber device to market

With amendment 524b officially enacted, medical devices across the United States and the globe are living under some new rules and procedures. You’re not alone if you are finding these new regulations a bit complex. Changes to business practices – particularly ones that involve millions of...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/08/22 5:24 a.m.19 views

The most hated man on the internet. Lessons to learn

A while ago I was scouring Netflix and stumbled across the 2022 The most hated man on the internet docuseries. What’s that all about then? The show is about Hunter Moore and his isanyoneup.com website Wikipedia article, where abhorrent people uploaded naked / pornographic images, intended to sham...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/23 7:51 a.m.19 views

Password policy guidance

Why do we need strong passwords? Passwords are stored by using a one-way hashing algorithm to generate a representation of the original password on a securely designed system. Authentication mechanisms then compare the calculated hash of an entered password with the stored hash value to determine...

0.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/16 5:6 a.m.19 views

Got the security controls wrong in OT and maritime? Watch as engineers work around them

Industrial control systems security is slowly improving, partly a result of attention from regulators and lawmakers. However, we often see security controls implemented that don’t take account of the unique challenges that engineers looking after OT environments face. We see controls brought in...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/25 6:7 a.m.19 views

What does the Product Security and Telecommunications Infrastructure bill mean for me?

The UK’s Department for Culture, Media and Sport DCMS introduced a bill to Parliament yesterday. But what does that mean for IoT manufacturers and consumers? First, this bill has been a long time coming. Many people have been lobbying and working hard to create it. Industry and others with vested...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/06/04 8:56 p.m.19 views

Hacking, tracking, stealing and sinking ships

At Infosecurity Europe this year, we demonstrated multiple methods to interrupt the shipping industry, several of which haven’t been demonstrated in public before, to our knowledge. Some of these issues were simply through poor security hygiene on board, but others were linked to the protocols us...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/01/24 6:36 a.m.18 views

Cyber security guidance for small fleet operators

Introduction Cyber threats aren’t just a problem for large shipping organizations, small maritime fleet operators are also at risk. Anything from phishing emails to ransomware attacks, these threats can disrupt operations and compromise critical systems. This post is a guide to help small fleet...

7.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/08/14 5:37 a.m.18 views

Die Hard 2. Or how not to hack airplanes

How could I criticise possibly the best action movie series of all time? Well, it’s to help dispel myths about hacking planes. TV shows and films help set a narrative that is hard to shift around aviation cyber, giving the travelling public a misleading view of their security when flying. So let’...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/28 5:35 a.m.17 views

How to load unsigned or fake-signed apps on iOS

TL;DR Issues commonly arise when clients provide an application which is unsigned or does not meet device requirements. Installing an application can be challenging without a Mac, access to Xcode or if the client is having trouble signing the application manually as this is normally done by the a...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/03/31 5:13 a.m.17 views

Backdoor in the Backplane. Doing IPMI security better

TL;DR IPMI, released by Intel in 1998, is a hardware management interface operating independently of the OS, often using 623/udp. It monitors hardware data e.g., temperature, power and supports remote recovery, integrated into BMCs like HP iLO, Dell DRAC, and others. IPMI vulnerabilities include...

10CVSS8.4AI score0.26016EPSS
Exploits2
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/06/28 12:31 p.m.17 views

Glastonbury ticket hijack vulnerability fixed

The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying information e.g. on Reddit to gather people’s details, use a flaw in the registration process and...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/06/20 5:31 a.m.17 views

HUMINT in a cyber world

TL;DR HUMINT / Human Intelligence is gathered from a person in the location in question. It’s the sort of information we think of in the context of spying. A modern intelligence apparatus is multi-discipline with many different collection methods. HUMINT sources include officers, agents, diplomat...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/03/12 6:58 a.m.17 views

The big play of autonomous vehicles

TL;DR The benefits of autonomous vehicles may not yet be for us consumers There are other areas where autonomy can benefit auto manufacturers and others Having your autonomous car drive you home from the bar may be some way off yet! Car manufacturers and technology startups make a big play of...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/12/22 4:5 a.m.17 views

Socks! Our cyber prediction for 2024

I get pretty bored of reading pointless prediction puff pieces from vendors about what is going to happen next year in cyber. Don’t tell me, it’ll be security issues that their next-gen, xDR, paradigm-shifting, lowest TCO turnkey solution resolves. So here’s what I can guarantee for next year:...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/03/08 6:7 a.m.17 views

Monetising hacking by shorting commodity shipments

I’m continually asked by the maritime industry about the motivations of hackers. “Why would anyone hack us, we operate ships?” It strikes me that many of the public and a lot of maritime businesses still think of the ‘hacker’ as a solo operator in a dark hoodie in a basement of their parents’...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/08/26 5:10 a.m.17 views

Living off the land, AD CS style

Introduction Unless you have been living under a rock for the last year or so, Active Directory Certificate Services AD CS abuse continues to be a hot topic in offensive security, ever since the excellent research released by Will Schroeder @harmj0y and Lee Christensen @tifkin. I, like many, have...

7.6AI score
Exploits0
Total number of security vulnerabilities506