TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...

Explore Pen Test Partners' Security Blog for expert insights into penetration testing, IoT vulnerabilities, red teaming strategies.

Pen Test Partners provides cyber security consulting and testing to a huge variety of industries and organisations. With offices in the US and UK, we're never too far away.

The behind-the-scenes, real stories you don’t get everyday. From accidental career pivots to hard-won promotions, these ...

Ken Munro will be presenting: All at sea. Thought your OT / IT infrastructure was complex? Try doing it on a cruise ship. Cruise ships are possibly the most complex collection of systems that you’ll ...

TL;DR Introduction The Content Security Policy (CSP) is a layer of security for web applications that helps detect and stop ...

Malice, Mistakes & Misunderstandings: The Insider Threat Spectrum (PG) “Tough conversations. Home truths. Real self-reflection. This isn’t just another talk — it’s an immersive, provocative session ...

TL;DR Introduction SharePoint is a Microsoft platform that enables collaborative working and information sharing. This done with team sites. They work like regular intranet pages with graphics and ...

Identify and remediate vulnerabilities across your networks, applications, and systems with Pen Test Partners' comprehensive penetration testing services, including API, web, mobile, and ...

Key relay attacks against keyless entry vehicles are well known. Many 3 rd party car alarm vendors market themselves as solutions to this. We have shown that fitting these alarms can make your vehicle ...

TL;DR The CyberGhost VPN client suffers from an elevation of privilege vulnerability and is filed under CVE-2023-30237. A specially crafted JSON payload sent to the CyberGhost RPC service can lead to ...