Speculative plan can run code on runners and expose cloud credentials. Learn how tokens are abused and how to lock it down ...

Pen Test Partners provides cyber security consulting and testing to a huge variety of industries and organisations. With offices in the US and UK, we're never too far away.

TL;DR Before you start First off, before we start Bluetooth hacking can be confusing, there are lots of references to tools that are a bit outdated, scripts that don’t run, and more. The actual ...

Explore Pen Test Partners' Security Blog for expert insights into penetration testing, IoT vulnerabilities, red teaming strategies.

We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user ...

Many organisations are turning to virtualisation of apps and desktops. This often involves virtualisation platforms such as Citrix to deliver these services. Get your configuration or lock-down wrong ...

TL;DR Introduction SharePoint is a Microsoft platform that enables collaborative working and information sharing. This done with team sites. They work like regular intranet pages with graphics and ...

LPC-NG or Less Paper Cockpit – Next Generation is an electronic flight bag (EFB) application offered by Navblue, a part of Airbus. It’s used for calculating engine thrust requirements (perf) on ...

Security Blog Vulnerability Disclosure A broken marriage. Abusing mixed vendor Kerberos stacks Ceri Coburn 25 Aug 2023 14 Min Read ...

Pen Testing as a Service (PTaaS) PTaaS augments a point in time manual test by allowing you to call off short periods of testing time to focus on the changes made.

TL;DR Restricted View allows users to read files, but not copy, download or print them Attackers will look for ways to circumvent these controls Traditional workarounds include manual transcription, ...