Pen Test Partners

443 posts

Pen Test Partners banner
Pen Test Partners

Pen Test Partners

@PenTestPartners

Pen Test Partners / PTP provides cyber security services to a huge variety of industries and organisations. [email protected].

Katılım Eylül 2010
464 Takip Edilen8.6K Takipçiler
Pen Test Partners
Pen Test Partners@PenTestPartners·
There has been plenty of chat online about people taking Flipper Zeros on planes. Numerous airlines have asked about the potential risks too. There have also been reports of Flippers being confiscated at airports, which has added to the confusion and consternation for legitimate security pros taking them in hand baggage. In our latest blog post, @TheKenMunroShow dispels these concerns by reviewing the technical capabilities of the Flipper in relation to flight systems. 📌 pentestpartners.com/security-blog/… #aviationsecurity #cybersecurity #flipperzero #aviationcybersecurity
Pen Test Partners tweet media
English
4
9
44
7K
Pen Test Partners
Pen Test Partners@PenTestPartners·
EN 303 645 is a great baseline for IoT security. But a baseline is not the same as a secure product. In our latest blog post, @Blackf3ll looks at what EN 303 645 helps with, and what can still be missed when products are assessed against it. We often find issues in EN 303 645-aligned testing. Some are simple to fix. Others come from early design decisions that are much harder to change later. For example, a product may appear to handle secure storage properly, while still exposing sensitive data through firmware, debug interfaces, external flash, or supporting apps. At that point, it is not just a storage issue. It is a product architecture issue. The standard gives teams a strong place to start. Threat modelling and testing show whether the product actually holds up. 📌Read here: pentestpartners.com/security-blog/… #iotsecurity #en303645 #cybersecurity
Pen Test Partners tweet media
English
1
1
1
298
Pen Test Partners
Pen Test Partners@PenTestPartners·
Rust binaries can make string recovery awkward during reverse engineering. Unlike simple C-style strings, Rust strings may be stored as a pointer and length pair, with the string data sitting separately. That means normal string extraction can miss context or return messy output, especially when the tool does not recover the references cleanly. Our @tautology0 walks through the problem, shows how the strings were recovered from the ELF sections, and shares the script and Ghidra plugin he built to make Rust string extraction easier. 📌 pentestpartners.com/security-blog/… #ReverseEngineering #RustLang #Ghidra #ELF #BinaryAnalysis #CyberSecurity
Pen Test Partners tweet media
English
1
7
29
1.7K
Pen Test Partners
Pen Test Partners@PenTestPartners·
A copy button can be enough. ClickFix, CrashFix, InstallFix and FileFix all rely on the same basic idea. Get the user to do the first step for the attacker. The page might look like a CAPTCHA, a browser repair prompt or an installer. But once the command runs, the name of the lure matters less than what happens next. Our @jwdfir walks through the artefacts defenders should be looking for after the paste, from PowerShell and user-writable path execution to temp files, persistence, staging activity and follow-on network connections. By the time Digital Forensics and Incident Response teams are called in, the landing page may already be gone. The lure looks simple. The consequences usually aren't. 📌Read here: pentestpartners.com/security-blog/… #ClickFix #DFIR #IncidentResponse #Infostealer #CyberSecurity
Pen Test Partners tweet media
English
0
3
4
797
Pen Test Partners
Pen Test Partners@PenTestPartners·
We recently wrote about a config issue with the Shelly Gen 4 Wi-Fi switch. While our Alan Monie was poking around, he kept looking at how Bluetooth is handled across Shelly's modern device range and found another one. The Shelly Wall Display ships with Bluetooth enabled and RPC exposed over it. On most Shelly devices you can disable RPC independently of Bluetooth. On the Wall Display, you can't it's all or nothing. Why does that matter? The Wall Display's built-in temperature sensor overreads because it generates its own heat, skewing the readings. Shelly's fix was to bundle a separate Bluetooth temperature sensor instead. So, to use a feature Shelly advertised and sold the device on, Bluetooth has to stay on. And if Bluetooth is on, RPC is exposed. Anyone within Bluetooth range could connect to the device unauthenticated, reconfigure it, and pivot onto the home network. Shelly have addressed it in firmware 2.6.2, which is now in the stable branch. If you have a Wall Display, update now. If you don't use the bundled Bluetooth temperature sensor, you can just disable Bluetooth entirely in Settings. 📌Read here: pentestpartners.com/security-blog/… #IoTSecurity #BluetoothSecurity #SmartHomeSecurity #CyberSecurity
Pen Test Partners tweet media
English
0
4
5
730
Pen Test Partners
Pen Test Partners@PenTestPartners·
⏳ Two weeks to go until PTP Cyber Fest 2026. Day one starts with a scenario no organisation wants to face, but every organisation needs to be ready for. Our Ken Munro and Joseph Williams will be joined by Nick Holland from @Shoosmiths on our DFIR Panel, looking behind the scenes during a ransomware incident. The panel will cover the technical investigation, legal considerations, and the key decisions organisations need to make under pressure. 📍 The Fox Pub 📅 Tuesday 2nd and Wednesday 3rd June 🔗 View the full agenda and register for free here: events.rantcommunity.com/CyberFest2026#/ #CyberFest2026 #DFIR #Ransomware #IncidentResponse #PenTestPartners #RANTCommunity
Pen Test Partners tweet media
English
0
1
4
293
Pen Test Partners
Pen Test Partners@PenTestPartners·
OT pen test findings need a different kind of context. A finding may be technically correct, but if the recommendation does not fit the environment, it will get pushed aside. Not because OT engineers are ignoring security, but because replacing equipment can be unrealistic, costly, or simply disproportionate to the actual impact. Do that too often and the important findings get lost. In our latest blog post, @cybergibbons explains why useful OT reporting needs more than a raw CVSS score. It needs context around impact, practical remediation, and longer-term strategy. He also breaks down common misconceptions in OT reporting and shows where recommendations often become impractical. A good OT report should not just tell plant teams what is wrong. It should help them work out what matters, what can be fixed now, and what needs to be planned properly. 📌 pentestpartners.com/security-blog/… #OTSecurity #ICSSecurity #CyberSecurity
Pen Test Partners tweet media
English
0
0
1
351
Pen Test Partners
Pen Test Partners@PenTestPartners·
AI in DFIR has a confidence problem. In our latest blog post, @jwdfir looks at why investigator judgement matters so much. He covers how easy it is to latch onto the wrong thing early in an investigation, why context is what turns artefacts into evidence, and what it actually takes to build a clear picture of what happened. He also puts AI to the test. Using event logs from a real DFIR challenge, he shows how an LLM produced a confident answer that still got key parts wrong. That is the risk. AI can assist in DFIR, but a confident answer is not the same as a correct one. 📌Read here: pentestpartners.com/security-blog/… #DigitalForensics #IncidentResponse #CyberSecurity #AI
Pen Test Partners tweet media
English
0
4
5
535
Pen Test Partners
Pen Test Partners@PenTestPartners·
There is a widely held belief that OT is too fragile to pen test. That simply connecting a laptop to an OT network will take down everything. This belief is wrong. Or, more accurately, it is a massive oversimplification of a much more nuanced reality. In our latest blog post, @cybergibbons breaks that down properly. Some OT devices are sensitive. Everyone serious in this space knows that. But that does not mean the whole environment is untouchable. The real job is knowing what can be assessed safely, when to stop, and how to work through a network in stages without creating risk. That is the difference between reckless testing and a competent approach to OT testing. 📌Read here: pentestpartners.com/security-blog/… #OperationalTechnology #OTSecurity #ICSsecurity #PenTesting #CyberSecurity
Pen Test Partners tweet media
English
0
2
3
890
Pen Test Partners
Pen Test Partners@PenTestPartners·
If you work in EU financial services, it is time to explore DORA. DORA was introduced because financial services now rely heavily on shared ICT platforms, outsourced providers, and complex digital dependencies. Regulators want financial entities to prove they can keep operating through disruption, not just document policies and hope they hold up. That is the real shift DORA brings... Resilience has to work in practice. It also raises the bar for supplier oversight, contractual control, and evidence that recovery processes hold up under pressure. 📌Read our breakdown here: pentestpartners.com/security-blog/… #DORA #OperationalResilience #FinancialServices #CyberSecurity #ThirdPartyRisk
Pen Test Partners tweet media
English
0
0
1
210
Pen Test Partners
Pen Test Partners@PenTestPartners·
Cloud environments are dynamic by nature. New services appear, teams change, applications scale, and permissions evolve over time. That makes IAM difficult to manage well, and when it is too permissive, attackers do not need public exposure or a complex exploit to get further in. Control plane access can be enough to modify the rules around sensitive resources and work around the protections already in place. In this blog post, we look at an Azure assessment where managed identity abuse let us modify the firewall rules protecting an Azure Key Vault, add our own IP address to the allowlist, and dump secrets. It also covers the IAM issues we see most often in cloud assessments, along with quick wins to reduce IAM risk. 📌 pentestpartners.com/security-blog/… #CloudSecurity #IAM #AzureSecurity #AWS #GCP #CyberSecurity
Pen Test Partners tweet media
English
0
0
1
249
Pen Test Partners
Pen Test Partners@PenTestPartners·
Ghidra is free, extensible, and helpful for reverse engineering firmware, but its learning curve is steep... In this blog post, Adam Bromiley (@OPSEC_failed) shares tips and tricks that make firmware reversing less painful, from finding the load address and interrupt vector table, through to defining a proper memory map and making better use of strings, scripts, LLMs, and more. It's a guide built from real research projects and a lot of hours spent in front of Ghidra’s UI. 📌Read here: pentestpartners.com/security-blog/… #ReverseEngineering #FirmwareSecurity #Ghidra #HardwareHacking #CyberSecurity
Pen Test Partners tweet media
English
1
4
17
1.2K
Pen Test Partners
Pen Test Partners@PenTestPartners·
Some blog posts refuse to die. This is one of them. Back in May 2014, we published a guide on breaking out of Citrix and other restricted desktop environments. People have kept finding it, using it, and sending it around. So our Kieran Larking updated it with the newer breakout paths we see on modern Windows 10 and Windows 11 builds. Some old tricks no longer work. Others still do, just through different doors. The updated post pulls the techniques into one place and focuses on how people actually get out today. Bluetooth file transfer is one example of a newer angle that can matter on a physical endpoint. Dialog boxes and file pickers still get you to places they should not. From there, the practical pivots tend to be into whatever is still exposed, like PowerShell, Task Scheduler, Task Manager, and modern browser behaviour. It is less about one magic shortcut and more about chaining small gaps. If you run Citrix, VDI, or any restricted desktop setup, this is a useful checklist for hardening and for validating that your lockdown does what you think it does. 📌 pentestpartners.com/security-blog/… #RedTeam #PenTesting #CyberSecurity
Pen Test Partners tweet media
English
0
2
5
433
Pen Test Partners
Pen Test Partners@PenTestPartners·
EV batteries are becoming grid infrastructure. That brings real benefits for balancing short term peaks and troughs on the grid, but it also increases the impact of charger security failures. Our earlier EV charger research showed how compromised connected chargers could be switched on and off at scale to create disruptive spikes in demand. With bidirectional charging, the risk grows because chargers can switch between charging and discharging, which increases the power swing per device and creates a new impact for owners by remotely draining vehicle batteries. @TheKenMunroShow points out that as vehicle to home and vehicle to grid charging moves closer to wider rollout, secure design, secure defaults, and proper vulnerability handling need to be built in from the start. 📌Read here: pentestpartners.com/security-blog/… #Cybersecurity #EVCharging #SmartGrid #IoTSecurity #EnergySecurity
English
0
2
3
339
Pen Test Partners
Pen Test Partners@PenTestPartners·
Ken Munro spoke at CISO 360 Americas in New York last week. His talk focused on discovering shadow tech. That means finding the smart devices in your buildings that can create back doors into an organisation. He also joined the “Quantum ready, AI resilient” panel on balancing innovation with trust, resilience, and human agency, alongside Rachael Sherman and Sounil Yu. #CISO360 #Cybersecurity #CyberResilience
Pen Test Partners tweet mediaPen Test Partners tweet mediaPen Test Partners tweet mediaPen Test Partners tweet media
English
0
0
1
198
Pen Test Partners
Pen Test Partners@PenTestPartners·
@AlanMonie found that Shelly Gen 4 smart switches keep their default, open Wi-Fi access point enabled even after you join them to your home network. Anyone nearby can connect and trigger whatever the device controls. That includes garage doors, gates, lights, sprinklers and more... It also gives an attacker a foothold inside your network. From a compromised Gen 4 device, it is possible to ‘pivot’ and control other Shelly devices on the internal network, and in some cases send traffic to non Shelly devices too. The other problem is scale. These default Shelly SSIDs can be discovered and geolocated using wigle.net, which makes targeting much easier. Shelly initially engaged in disclosure and said firmware 1.8.0 would address it, then went quiet. After 120 plus days, we have published so owners can take action. The DIY fix is simple, but only if you know the access point is still on. 📌pentestpartners.com/security-blog/… #iotsecurity #smarthome #wifisecurity #physicalsecurity #vulnerabilitydisclosure #pentesting
English
1
1
9
705
Pen Test Partners
Pen Test Partners@PenTestPartners·
Covert recording devices are cheap, easy to buy, and easy to use. That is what makes them risky. Tom Roberts bought an off the shelf audio bug for proof of concept work and found a concerning surprise. Several recordings were already on the device! The real risk is not a skilled attacker. It is everyday misuse, driven by frustration, curiosity, or spite. 📌 pentestpartners.com/security-blog/… #socialengineering #covertrecording #surveillance #infosec #cybersecurity
Pen Test Partners tweet media
English
0
0
1
350
Pen Test Partners
Pen Test Partners@PenTestPartners·
Ignoring the dodgy CGI, the l33t speak, and the questionable acting, our @TheKenMunroShow picks apart how much of Hackers (1995) would hold up in the real world today, and what we can learn from it. Some of it is nonsense. Some of it is surprisingly plausible. The most believable parts are the usually the least cinematic. Thirty years on, some of the security mistakes are still showing up. 📌pentestpartners.com/security-blog/… #cybersecurity #hackers #hackthegibson #otsecurity #HACKTHEPLANET
Pen Test Partners tweet media
English
0
0
1
226
Pen Test Partners
Pen Test Partners@PenTestPartners·
The EU Cyber Resilience Act applies to organisations that build, sell, import or distribute products with digital elements into the EU. That includes software, firmware, connected devices and embedded systems. It sets mandatory security requirements across the product lifecycle, covering secure defaults, vulnerability handling and update processes. From September 2026, reporting and vulnerability handling obligations apply. Full compliance is required by December 2027 for products to remain on the EU market. We break down what this means in practice and how teams should prepare. 📌pentestpartners.com/security-blog/… #CyberResilienceAct #ProductSecurity #EUCompliance #CyberSecurity #SecureByDesign
Pen Test Partners tweet media
English
1
0
4
289