Adam Bromiley

💡 Have you heard about the new cybersecurity rules coming for wireless devices? From August 1, 2025, any wireless device sold in the EU will need to meet stricter cybersecurity requirements under the Radio Equipment Directive (RED). The idea is to make sure these devices are more secure—protecting networks, personal data, and helping to prevent fraud. And it’s not just the EU. The UK has similar requirements under its version of RED, through the Radio Equipment Regulations 2017. We’ve broken down what this means and how to get ready in our latest blog post: pentestpartners.com/security-blog/… #RadioEquipmentDirective #Cybersecurity #EURegulations #UKRegulations

Say, for example, you were in Hyderabad and wanted to see the Monkey Menace (wild monkeys in cities doing naughty things), where would you go? Asking for a friend.

The best ICS testing results don’t come from a single approach. Onsite testing has to be risk-averse, and lab testing can uncover deeper vulnerabilities. The key? A combined approach…   OT environments don't stand up to regular IT pen testing. Any pen tester that doesn't fully understand that could easily destroy systems and take out critical infrastructure.   By strategically selecting devices for lab testing based on onsite insights, you get the best of both worlds without unnecessary risk or cost.   In our latest blog, Head of Hardware @cybergibbons explains how this method finds hidden threats in ICS networks: pentestpartners.com/security-blog/… #icssecurity #cybersec #otsecurity #pentesting #threatdetection #scada #networksecurity #cyberthreats

@cybergibbons not posting this on company time is the real loss 😔

@cybergibbons hard. 😼

@OPSEC_failed Inimitable: something so bad that no one even wants to imitate it.

Build a team, they said. It would be fun, they said. A meme about me created by the inimitable @OPSEC_failed

Every year we bring our people from across the UK, US, and Europe together for PTPCON, our annual Christmas event. This year’s venue was something truly special... the legendary Concorde. Set beneath the iconic supersonic jet, our team delivered presentations on a variety of topics— from hacking outer space to the challenges of securing nuclear power plants. It was a day full of innovative ideas and collaboration, reminding us of what makes PTP special—our amazing people, shared knowledge, and ambition. Shout out to Shelley Booker for organizing this year's PTPCON! And... Who’s that taking the captain’s seat in Concorde’s cockpit? 👀 #PTPCON24 #TeamPTP #Innovation #Collaboration #CyberSecurity #EventHighlights #ConcordeExperience #YearInReview

Looking to secure your home with smart home security?🏡🔒Our latest blog compares four popular manufacturers and their products, focusing on locks, cameras, and doorbells. We discuss known historic weaknesses and provide advice on best practices to help ensure the safety of your home and data. Read the full guide for our advice to protect your smart home ➡ pentestpartners.com/security-blog/… 📌 Key Insights: Ring: Offers end-to-end encryption (though not enabled by default) and automatic updates. Despite past issues, Ring's commitment to security has made it a strong choice for smart home protection. Yale: Known for robust security with automatic updates and optional end-to-end encryption. However, multi-factor authentication (MFA) isn't available, so strong, unique passwords are essential. Swann: Unique for local storage options, providing more privacy. However, manual firmware updates are required, meaning security can depend on user diligence. SimpliSafe: Offers 24/7 monitoring but lacks true end-to-end encryption, raising some privacy concerns. New accounts have MFA enabled by default, which is a plus. #SmartHomeSecurity #CyberSecurity #HomeProtection #TechAdvice

🚨 Blog Post Alert: Hardware Hacking! This blog goes over reversing firmware and stripped binaries. Exploring how Ghidra's BSim plugin is transforming the identification and annotation of functions from known libraries. 👉pentestpartners.com/security-blog/…

@Blackf3ll this sounds horrific (i will definitely be trying it)

@OPSEC_failed up your egg game with some coronation egg at once.

#PTPCyberFest has begun. We’re at The Fox ExCel pub today & tomorrow. Swing by for all things cyber

Otto sees all 👀 @PenTestPartners

Please welcome @PenTestPartners as silver sponsors this year! Thank you very much for your support 🫶

We're running a maritime cyber event at London Docklands, June 20-22. Find out what we can all learn from maritime cyber. Maybe try your hand at docking a ship in a fun & relaxing space away from the big show. Register here events.rantcommunity.com/PTP-TheSafeHar… #maritimecyber

Building Management Systems bring new risks to businesses with no previous experience of securing Operational Technology. Great BMS security advice from our @Blackf3ll - All Your building are belong to us pentestpartners.com/security-blog/… #SecureOT

Netflix's "MH370: The Plane That Disappeared" documentary had our @TheKenMunroShow shouting at the screen. Taking control of a plane from the EE bay with a laptop?! - Netflix MH370: The plane that wasn’t hacked pentestpartners.com/security-blog/… #AviationCyber

A tale of Google dorks finding subdomain takeovers plus why having a security.txt & a responsive security team are good news all round. London Councils & pirate books. Google dorking for subdomain takeovers. Thanks to our @OPSEC_failed pentestpartners.com/security-blog/… #cybersecuritytips

@jameslyne @SANSEMEA @SecureImpactLtd Definitely, the variety of challenges was great! Trying to reverse the filesystem’s encryption algorithm was tough but very fun. And the dance dance revolution challenge took me hours to get my script precise enough but it was so satisfying once I hit the final move! 😋

@OPSEC_failed @SANSEMEA @SecureImpactLtd Amazing! Well done, did you enjoy it? Any favourite bits? :)

It took me a few days but I finally completed the @SANSEMEA #CyberThreat22 hackable badge and unlocked the superuser mode. Awesome little device from @SecureImpactLtd and very fun challenges!

An open redirect on the official website for the United Kingdom's Department for Environment, Food & Rural Affairs (DEFRA) was abused to direct visitors to fake OnlyFans adult dating sites. bleepingcomputer.com/news/security/…