![Pen Test Partners | Penetration Testing & Cyber Security](https://i1.feedspot.com/4475489.jpg?t=1612013873)
Pen Test Partners | Penetration Testing & Cyber Security
889 FOLLOWERS
Pen Test Partners is a partnership of high-end penetration testers, cherry picked for their wealth of knowledge.
Pen Test Partners | Penetration Testing & Cyber Security
2w ago
If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act.
One of the three mandatory areas is that you have a vulnerability disclosure program (VDP)
In the supporting materials for the Act, the description is as follows:
Information on how to report security issues
The manufacturer must provide information on how to report to them security issues about their product. The manufacturer must also provide information on the timescales within which an acknowledgment of the recei ..read more
Pen Test Partners | Penetration Testing & Cyber Security
1M ago
NCSC has released an update of the Cyber Assessment Framework (CAF). The CAF represents where the rubber hits the road for the UK’s NIS regulations.
TL;DR
The NCSC CAF has been updated to version 3.2.
There has been a material change to three aspects of the CAF.
The changes are broadly sensible and will improve the cyber security of companies covered by NIS.
They may create challenges in some areas, such as with legacy technologies, and make it harder for some companies to achieve the required standard.
What is the CAF?
The CAF defines cyber security objectives and principles that companies ..read more
Pen Test Partners | Penetration Testing & Cyber Security
1M ago
TL;DR
Malware toolkit specifically designed for attacking ICS
Modular and framework based
Main features are enumeration, Modbus comms, and HTTP interactions
Operational Technology (OT) network breaches are often due to connected Windows devices
Off-network compromise assessments give a strategic view of OT and IT security postures
Pipedream, tooling created by the CHERNOVITE hacking group, has sparked serious concern in the cybersecurity world. It has the ability to target industrial control systems (ICS) without relying on conventional attack methods, such as ..read more
Pen Test Partners | Penetration Testing & Cyber Security
1M ago
TL;DR
LUCKY13 is more an attack than a vulnerability
LUCKY13 was patched over a decade ago … so it’s really unlikely that your server is vulnerable now
It’s an implementation issue
Disabling CBC ciphers is still a good idea … but not because of susceptibility to LUCKY13
There is no material risk in this issue
Accurate remote detection is rarely possible
Introduction
It’s been a while since I wrote a “Vulnerabilities that (mostly) aren’t” post, but a recent discussion in our pen testing teams brought about a change in how we’re reporting LUCKY13 (and potentially other TLS vulnerabilities), l ..read more
Pen Test Partners | Penetration Testing & Cyber Security
1M ago
TL;DR
Even though MFA is effective it is one security control amongst many
Even if MFA is in use, check its configuration
Consider unexpected patterns of use, such as people logging in from Linux or macOS
Make sure you log and can react to out-of-band behaviour
Introduction
On a recent Red Team engagement we got Domain Admin privileges on the on-premises Active Directory (AD) network. But we had not yet gained access to their cloud estate, which was hosted in Azure. Our level of access to on-prem AD gave us access to a large number of resources, many containing sensitive data. But it did no ..read more
Pen Test Partners | Penetration Testing & Cyber Security
3M ago
TL:DR
Being asked to speak at events is great
…except when it looks like a scam or a phishing attempt
This is walkthrough of my experience
If you think it’s a scam, it probably is
It’s a typical Sunday evening, and as I’m gearing up for the week ahead and an interesting email lands in my inbox. The message? An invitation to speak at a prestigious event in Spain on a subject I hold dear, with the added bonus of covered expenses. Colour me thrilled ¡España, aquí vengo!
“Your insights and experiences would greatly enrich our conference agenda and contribute to the learning and engagement of ou ..read more
Pen Test Partners | Penetration Testing & Cyber Security
3M ago
TL;DR
Attackers can use Microsoft native SSH client to forward out internal network traffic
Windows native SSH is common
The attack only needs minimal set-up and commands
Quicker and more cost effective for an attacker than using C2 infrastructure
Reduces likelihood of Blue team detection
Introduction
Lately I was involved in an assumed compromise project where stealth and simplicity was required, reducing the opportunity to use a sophisticated C2 infrastructure. We did note that the built-in Windows SSH client could make this simpler for us.
A simple SSH Split Tunnelling attack is not a ne ..read more
Pen Test Partners | Penetration Testing & Cyber Security
4M ago
TL;DR
PSTI: The UK Product Security and Telecommunications Infrastructure (Product Security) Act
Regulations effective from 29 April 2024
Assess how, where, why, and when you may be affected
Review supply chain and in-house teams for compliance readiness
Specific obligations for manufacturers, importers, and distributors
Use the PSTI Act and its regulations as your compliance blueprint
Implement robust due diligence in system acquisitions
Prepare for potential cybersecurity incidents with rigorous testing and validation
Don’t overlook the importance of comprehensive training
Regulatory evol ..read more
Pen Test Partners | Penetration Testing & Cyber Security
4M ago
American consumers have two clear yet vastly differing choices when it comes to banking. Many opt for a large-sized national or regional bank. Folks select this option for a variety of reasons, typically due to the vast services and ease of use these powerhouses provide. Roughly 60% of Americans count themselves as customers of these large-scale institutions.
Others choose to conduct their banking business differently – and more locally – via credit unions. According to the NCUA (National Credit Union Administration), there are over 4,500 credit unions with over 136 million members nationally ..read more
Pen Test Partners | Penetration Testing & Cyber Security
4M ago
October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks.
What’s the attack?
To understand the attack you need understand the challenge that the attacker faces. Currently, most initial access attempts are carried out with social engineering, commonly phishing. Why is that?
Well, it looks like people have finally got good at patching. According to the 2022 Verizon data breach incident report only 5% of data breaches investigated by them ..read more