Lucene search
K
PentestpartnersMost viewed

506 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2022/07/15 5:7 a.m.17 views

EFB ePIL. Pinching passenger PII from pilots

TL;DR The Passenger Information List PIL is often now available on EFBs and crew devices. It stores information such as passenger names, seat numbers, and customer services information. Digital versions of the PIL enable crew to offer more bespoke customer service Information on a PIL is differen...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/29 5:55 a.m.16 views

Fire detection system been pwned? You’re not going to sea

TL;DR Hardcoded SSH and VNC credentials found on Consilium Salwico CS5000 panels SSH access allows OS-level interaction, and VNC access gives UI control It may be possible to disable the fire detection system Attempts to disclose vulnerability to Consilium multiple times since 2022 Consilium...

9.3CVSS9.6AI score0.00716EPSS
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/01 5:29 a.m.16 views

The remote desktop puzzle. DFIR techniques for dealing with RDP Bitmap Cache

TL;DR How RDP Bitmap Cache can reveal user activity No RDP logs? How can we reconstruct RDP activity? How cached tiles can uncover insider threats Introduction A lot of people are aware of RDP and what its functions are. It’s known for providing remote access and making life easier for...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/04/23 5:19 a.m.16 views

Unallocated space analysis

TL;DR Unallocated space retains remnants of deleted files, metadata, logs, caches, and other artefacts. This is useful if a user attempts to cover their tracks, delete files, reformat drives, or use anti-forensic tools. These remnants can help reconstruct user actions exposing data exfiltration...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/14 6:18 a.m.16 views

New mandatory USCG cyber regulations. What you need to know

TL;DR US Coast Guard introduces mandatory new Marine Transportation System cybersecurity requirements They take effect on July 16, 2025, and training must begin by July 17, 2025 US flagged large commercial vessels affected Cybersecurity Officers CySO need to be appointed Penetration testing of...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/10/30 6:59 a.m.16 views

Testing the security of CCTV systems

TL;DR CCTV is often overlooked; ‘shadow tech’ whose security isn’t as carefully reviewed as core IT assets It is often a responsibility for facilities managers who may have little experience of cyber security Security of the hardware and software of some CCTV camera brands is sorely lacking A...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/09/19 5:12 a.m.16 views

Proroute H685 4G router vulnerabilities

TL;DR Two vulnerabilities on the Proroute H685t-w 4G Router Authenticated command injection is possible through the admin interface Reflected Cross Site-Scripting is possible through the admin interface Patch any routers to revision 3.2.335 or higher Vulnerability 1: Command Injection on Proroute...

9.8CVSS9AI score0.02023EPSS
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/02/15 6:43 a.m.16 views

QR Phishing. Fact or Fiction?

October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing QR Code phishing and how new AI powered email gateways can potentially block these attacks. What’s the attack? To understand the attack you need understand the challenge that the attacke...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/08/02 5:12 a.m.16 views

Have you been compromised?

Imagine the scenario… A nation state recruits an asset / spy at age 18. Their education and living expenses are fully funded, all with the aim of getting them a job at a target organisation. All goes to plan, on paper they’re a good fit and they get a low profile graduate role in the company. Lif...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/07/19 5:33 a.m.16 views

Exposed Gits: 10 Years on

Nearly 10 years ago my colleague wrote a cracking post on exposed Git repositories. 10 years is a long time in cyber security, but you’d be surprised how many things you thought should have gone extinct that haven’t. A prime example is a recent finding of a handful of exposed .git repositories. A...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/31 5:4 a.m.16 views

Your cloud? My cloud now

A true story on taking over a client’s Azure tenant via a successful phish. TL;DR A tempting phish got lots of users to disclose their passwords, and a lack of training resulted in the victims accepting the Microsoft push-based multi-factor authentication. This resulted in gaining access to Slack...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/19 6:31 a.m.16 views

SkyFail. 6 million routers left exposed

Sky broadband had a significant security flaw in around 6 million of their customer routers that would allow remote compromise of home networks. When informed about it, they took nearly 18 months to fully fix the problem. TL;DR Around 6 million Sky routers were vulnerable to a DNS rebinding...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/09 6:8 a.m.16 views

Time based username enumeration

Back in the day, it used to be easy to enumerate email addresses from forgotten password forms. Differences in the response made it easy to check if accounts existed. After that, you could brute force the password if there weren’t lockouts in place, or if there were, you could lockout a lot of us...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/09/28 5:9 a.m.16 views

Securing mobile devices. A timely reminder

While home working might now be the norm for some, more and more people are going back to their place of work on a more regular basis. If you’re commuting again or if you’re responsible for securing your people’s devices it’s a good idea to revisit and review your security admin for mobile device...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/05/21 6:54 a.m.16 views

Smart lighting security

Smart lighting systems create great opportunity for improved efficiency, cost savings and easy management. The long lifespan and low power requirement of LED luminaires and lamps means that it’s worth investing in replacing older fluorescent and incandescent lighting. RJ45 connections delivering...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/03/03 9:51 a.m.16 views

From Minecraft to Metasploit. Game hacking could start your cyber security career

Human beings are curious. Give a computer game to a kid and it’s only a matter of time before they get bored with the constraints of the gameplay and start trying novel things. This is encouraged by a lot of game developers by hiding Easter eggs in hard to reach locations. Once the confines have...

7.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/05/31 1:17 p.m.16 views

Don’t get burnt on pay day. How to buy IoT gadgets sensibly

As it’s the end of the month, and pay day for many, I thought some timely advice would be helpful for people itching to spend their money on IoT gadgets. It’s not all bad. While many manufacturers happily continue to fill shelves with dross, we know plenty of responsible companies whose products...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/05/08 12:34 p.m.16 views

Hacking train passenger Wi-Fi

After speaking about Wi-Fi security at a rail industry conference last week, it struck me that very insecure passenger networks are making their way on to trains. So, here’s a quick check list for making sure your pax Wi-Fi network is secure. Similar checks could be applied to your guest network ...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/04/15 5:20 a.m.15 views

Not everything in a data leak is real

TL;DR Data breaches make the headlines usually because of the sheer volume of data Research shows that often the volume of data is falsely inflated How forensics experts can spot it Introduction When a data breach hits the news, it's usually all about the numbers: millions of names, emails, and...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/04/03 5:0 a.m.15 views

Preparing for the EU Radio Equipment Directive security requirements

TL;DR UK & EU IoT vendors have more security regulation coming in Applies to all wireless devices Comes into force 1st August 2025 It may be absorbed into the Cyber Resilience Act From 1st August 2025, mandatory cybersecurity requirements come into effect under the EU’s Radio Equipment Directive...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/07/24 5:26 a.m.15 views

Leave the World Behind, or don’t

I watched Leave the World Behind on Netflix recently. I was intrigued as the trailers showed an oil tanker crashing on to a beach. It was implied that it had been hacked and someone had taken control of it. Shipping security is something we know quite a bit about, having been asked to hack a larg...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/05/17 5:0 a.m.15 views

Impacts on ICS from the updated Cyber Assessment Framework (CAF)

NCSC has released an update of the Cyber Assessment Framework CAF. The CAF represents where the rubber hits the road for the UK’s NIS regulations. TL;DR The NCSC CAF has been updated to version 3.2. There has been a material change to three aspects of the CAF. The changes are broadly sensible and...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/03/14 6:50 a.m.15 views

Navigating the perilous waters of conference invitations

TL:DR Being asked to speak at events is great …except when it looks like a scam or a phishing attempt This is walkthrough of my experience If you think it’s a scam, it probably is Its a typical Sunday evening, and as Im gearing up for the week ahead and an interesting email lands in my inbox. The...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/01/02 6:47 a.m.15 views

Helping a banking fraud victim

A few months ago an elderly friend of a friend asked for some help. They had been scammed and had £10K stolen. Was there anything I could do to help? This wasn’t going to be a pleasant task: recovering monies stolen as a result of banking fraud is all but impossible. I was going to have to explai...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/05/16 5:3 a.m.16 views

It’s always DNS, here’s why…

Introduction Theres an old adage in network and Internet support: When something breaks in any network "it was DNS". Sadly its usually true. …or at least it is when you have certain timeouts, or when a company you used to work for moves from the stable Unix based DNS to a Windows based one and th...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/02/07 6:26 a.m.15 views

DPD package sniffing

TL;DR An unauthenticated API call was identified in DPD Group’s public API that could allow a user with a valid package ID to, with some basic OSINT, discover the package’s destination postcode and thus obtain all details about the package. DPD Group were prompt in the triage and resolution of th...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/29 6:12 a.m.15 views

A masterclass in responding to vulnerability disclosure: The Buddi app and tracker

The Buddi tracker is used for tracking elderly and vulnerable people. It’s a GPS/GSM-based clip-on device that reports wearer position to an app via a platform. It means that the wearer can easily be found by their carer or the emergency services, should they become lost and unable to make their...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/11 6:50 a.m.15 views

Hijacking smart luggage

When is a vulnerability not a vulnerability? I’m not sure this counts as a vuln per-se, but some easily-fixed and simple manufacturer mistakes result in trivial hijack of…. yes… your smart luggage. The Airwheel SR5 is the first smart luggage that we’ve seen. It can automatically follow the owner...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/08/18 8:0 a.m.15 views

Breaking Samsung firmware, or turning your S8/S9/S10 into a DIY “Proxmark”

This post is a companion to the DEF CON 28 video available here Breaking the Firmware of Samsung’s NFC Chips Recently I have been looking into how to push the capabilities of my old smartphones beyond what you could traditionally do just by rooting it. Smartphones contain huge amounts of hardware...

7.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/12/10 11:56 a.m.15 views

Xmas Light Security Improves… a bit

We've looked at smart Xmas lights before; whilst they were vulnerable, there was no consequence to the hack other than making them flash in a different order! In 2018 we looked at the all-new Twinkly smart festive lights. We found a number of security issues, reported them to the vendor and to a...

6.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/06/13 6:35 a.m.15 views

Totally Pwning the Tapplock Smart Lock

TL;DR – How to open a Tapplock over BLE in under two seconds: Totally Pwning the Tapplock Smart Lock A couple of weekends ago, a YouTuber called JerryRigEverything posted a teardown of a “smart” padlock, called the Tapplock. He discovered that, using a sticky GoPro mount, he could remove the back...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/05/03 1:52 p.m.15 views

Man Climbs Severn Bridge. Your office is twice as easy and half as scary

So you think no one would ever sneak into your business? Think Again. The man who climbed the Severn Bridge and broke into the Big Brother house seems to have method to his madness. Here’s why. When I describe Social Engineering to some I get a common response: “Yeah, but who would ever do that i...

6.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/13 5:30 a.m.14 views

New cybersecurity rules for smart heat pump manufacturers

TL;DR Smart heat pumps face new UK cybersecurity rules Must meet ETSI EN 303 645 under the Smart Secure Electricity Systems programme Applies to most domestic heat devices up to 45 kW Compliance deadline expected to be late 2026 / early 2027 Aims to protect consumers, data, and the national grid...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/04/29 5:24 a.m.14 views

Hiding behind a password

What do your passwords say about you? It’s surprisingly personal. User generated passwords can reveal more than you might expect, including frustration, humour, and even how someone feels about their job. My password manager database has over 350 entries. I have chosen or generated all of them wi...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/13 6:47 a.m.14 views

PCI DSS v4.0 Evidence and documentation requirements checklist

TL;DR PCI DSS is complex and challenging Review the 12 top level controls Arm yourself with this checklist to help you navigate it Introduction PCI DSS v4.0 is challenging for a number of reasons: increased complexity, future-dated requirements, high costs and resource demands, vendor management...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/07 6:11 a.m.14 views

ICS testing best results. Hint: Blend your approach

TL;DR Onsite ICS testing is risk averse Laboratory ICS device testing uncovers more A blended approach is key How that works Demonstrable benefits Introduction For safety’s sake onsite ICS testing adopts a risk averse approach, even if scheduled during downtime or a maintenance period. It’s vital...

8.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/01/13 6:8 a.m.14 views

Tackling AI threats. Advanced DFIR methods and tools for deepfake detection

TL; DR AI-generated documents, videos and more pose significant challenges for DFIR DFIR teams can harness innovative detection strategies and tooling Digital fingerprinting and watermarking, AI-powered and behavioural analyses Hardware-based forensics and image-specific forensic techniques...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/12/11 6:40 a.m.14 views

How easily access cards can be cloned and why your PACS might be vulnerable

TL;DR Access cards can be cloned There are practical measures to make card cloning difficult Practical guidance on how these systems work and why you should make sure they’re configured right What is a physical access control system? A physical access control system, or PACS, is the system that...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/12 6:7 a.m.14 views

Did security gaps at Antwerp port enable drug smuggling operations?

TL;DR Why hack shipping? For profit. Criminals have been proven to have hacked port systems to bypass security and facilitate drug smuggling. Evidence of hacking? Rarely reported, but cases like MSC and Glencore’s cobalt theft and the incidents at the Port of Antwerp below provide real examples...

7.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/01/24 6:35 a.m.14 views

OSINT your OT suppliers

There is much talk about supply chain security and reviewing your suppliers for cyber security. But how much information do they intentionally and unintentionally leak about your organisation online? We see this particularly in the industrial controls sector as its cyber security maturity is...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/07/12 5:38 a.m.14 views

Scanning for security.txt files

Introduction RFC 9116 was written by E. Foudil and Y. Shafranovich and left draft status in April 2022. This RFC formally defines the unofficial security.txt file that has been an unofficial standard for many years, initially created back in 2017 and documented at . The security.txt file provides...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/08 6:36 a.m.14 views

Limiting your exposure to location data resellers

Location data is valuable, just ask Huq Industries, who make a living out of selling your location information, then found that the apps they bought it from hadn’t asked the end users permission to have it! Naughty! The organisations they sell it to use it for better marketing, to get a better...

6.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/26 6:49 a.m.13 views

A dive into the Rockchip Bootloader

TL;DR Rockchip has a structured sequence of bootloaders. Using various plugs can allow access to the MCU’s RAM and storage. There are many utilities to allow reading of information from the MCU. Use this guide to access and reverse engineer bootloaders. Introduction Rockchip are a Chinese company...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/11 6:32 a.m.13 views

PCI DSS. Where to start?

TL;DR Determine your role: Merchant or service provider Determine your level and requirements Identify your validation method: SAQ or RoC Use the PCI website Introduction The Payment Card Industry Data Security Standard, or PCI DSS, outlines essential requirements for protecting both you and your...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/19 6:5 a.m.13 views

How we helped expose a £12 million rental scam

TL;DR We helped Channel 4 with trying to track down rental scammers. We are not the police so we could only take it so far and any proving guilt or innocence would be a police matter. We saw organised approaches and elaborate setups. A lot of technical and money laundering techniques were needed...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/06 6:46 a.m.13 views

You lost your iPhone, but it’s locked. That’s fine, right?

TL;DR Default iOS configuration leaves your locked device vulnerable Ensure your emergency contacts are set. Use ‘FindMy’ to track / wipe lost devices. Take regular backups. Consider turning off the lock screen message previews. Introduction Picture this: you've lost your iPhone. Luckily, it's...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/11/05 6:35 a.m.13 views

Maritime lawyers assemble!

Maritime cyber insurance has been playing catch-up with maritime cyber security for a while now. It was all pretty good until the availability of cheap VSAT meant that ships became constantly connected. Vessels were mostly not connected at sea, other than Fleet Broadband connections, rarely used...

7.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/10/15 5:28 a.m.13 views

BEC-ware the phish (part 1). Investigating incidents in M365

TL;DR Review the key artefacts to ensure the best possible telemetry is available in the case of a Business Email Compromise BEC. Keep an eye on data retention, where necessary export or forward data for investigations longer than 30 days. Verify and enable Unified Audit Logging, its free and giv...

8.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/09/12 5:16 a.m.13 views

Living off the land, GPO style

TL;DR The ability to edit Group Policy Object GPOs from non-domain joined computers using the native Group Policy editor has been on my list for a long time. This blog post takes a deep dive into what steps were taken to find out why domain joined machines are needed in the first place and what...

7.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/09/10 5:15 a.m.13 views

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

Introduction This guide covers the security of smart home security products from Ring, Yale, Swann, and SimpliSafe. Whether you're looking to monitor your property remotely, enhance your home's security, or see who’s at the front door, this guide will provide you with valuable insights. We have...

7AI score
Exploits0
Total number of security vulnerabilities506