Mastodawn

Ghidra is free, extensible, and helpful for reverse engineering firmware, but its learning curve is steep...

In this blog post, Adam Bromiley shares tips and tricks that make firmware reversing less painful, from finding the load address and interrupt vector table, through to defining a proper memory map and making better use of strings, scripts, LLMs, and more.

It's a guide built from real research projects and a lot of hours spent in front of Ghidra’s UI.

📌Read here: https://www.pentestpartners.com/security-blog/taming-the-dragon-reverse-engineering-firmware-with-ghidra/

#ReverseEngineering #FirmwareSecurity #Ghidra #HardwareHacking #CyberSecurity

Pen Test Partners Dec 22

Our Ross Donald took a look at Eurostar’s public AI chatbot and found four security issues, including guardrail bypass, prompt injection, weak conversation binding, and HTML injection.

The chatbot UI suggested strong controls, but server side enforcement was incomplete. By modifying chat history and IDs, it was possible to influence model behaviour and extract internal details.

This research shows that familiar web and API security failures still apply, even when an LLM sits in the middle.

📌 https://www.pentestpartners.com/security-blog/eurostar-ai-vulnerability-when-a-chatbot-goes-off-the-rails/

#CyberSecurity #AIsecurity #LLM #ApplicationSecurity #AI #Chatbot #Eurostar

Pen Test Partners Dec 4

We often find built-in Windows defences disabled or misconfigured during assessments. Those same controls can help stop credential theft, boot-level malware, and memory attacks when properly configured.

In our latest blog post, Nicole walks through five Windows security features you should be using, explains what they do, why they matter, and how to check them on your systems.

📌https://www.pentestpartners.com/security-blog/the-built-in-windows-security-features-you-should-be-using/

#windowssecurity #incidentresponse #endpointsecurity #cybersecurity #dfir

Pen Test Partners Nov 27

Android app testers and security engineers spend a lot of time dealing with Activities. The attack surface may look small, but a poorly configured Activities can expose data or let other apps do things they shouldn't. In this blog post, David Lodge explains how exported and debug Activities, weak WebView settings, and missing window security flags can pose security concerns.

📌 https://www.pentestpartners.com/security-blog/android-activities-101/

#androidsecurity #cybersecurity #appsec #mobile #pentesting #infosec #securitytesting

Pen Test Partners Nov 25

Cloud compliance dashboards, CNAPP, and CSPM can all show green, but they don't show your entire attack surface.

The issue is not with the dashboards, but with the blind spots that lie outside their view, such as leaked developer personal access tokens or overprivileged pipelines that do not appear as non-compliant.

In this blog post, Joe Durbin looks at those gaps around tokens, pipelines, and third-party build services. He explains how human-led configuration reviews and custom threat actor simulations work alongside provider tools to show and test your actual attack surface.

📌https://www.pentestpartners.com/security-blog/beyond-cloud-compliance-dashboards-whats-next/

#cloudsecurity #cloudnative #devsecops #cnapp #cspm #cybersecurity

Pen Test Partners Nov 18

Misconfigured Kubernetes clusters are still one of the easiest ways attackers get in.

In this blog post, Craig Dowey breaks down the common Kubernetes misconfigurations we see in testing and shows how to lock down access, harden workloads, and enforce pod security admission across namespaces.

📌 Read here: https://www.pentestpartners.com/security-blog/common-kubernetes-misconfigurations-and-how-to-avoid-them/

#kubernetes #cloudsecurity #devsecops #containers #cybersecurity

Pen Test Partners Nov 13

The real-time yield data from connected farm machinery could give attackers an early look at crop outputs before the market does, creating opportunities to manipulate or profit from commodity futures.

Such an attack is a real risk due to the various weaknesses in on-vehicle hardware, telematics units, and ag cloud APIs. Securing these systems will protect both farmers and the markets.

📌Read the blog post here:https://www.pentestpartners.com/security-blog/exploiting-agtech-connectivity-to-corner-the-grain-market/

#cybersecurity #agtech #iotsecurity #marketabuse #pentesting #connecteddevices

Pen Test Partners Nov 11

Finding your path into DFIR can be tough, but the community makes all the difference.

Our Joseph Williams shares his journey into Digital Forensics and Incident Response, with practical guidance for anyone looking to follow a similar route.

📌Read here to start your journey: https://www.pentestpartners.com/security-blog/finding-your-path-into-dfir/

#DFIR #DigitalForensics #IncidentResponse #CyberSecurity #InfoSec #CareerDevelopment

Pen Test Partners Nov 4, 2025

The bar for CHECK testers is higher now. Charterships, tighter reporting reviews, and further guidance are now written into the scheme.

In this blog post, Lewis Cradduck explains what the new requirements mean for CHECK team leaders and members, how UK Cyber Security Council titles map to roles, and what changes NCSC has made in the scheme.

📌Read here: https://www.pentestpartners.com/security-blog/what-testers-need-to-know-about-the-changes-to-the-check-scheme/

#CHECK #NCSC #penetrationtesting #cybersecurity #UKCSC #Chartership

Pen Test Partners Oct 23, 2025

Exposing your home lab to the internet can open a path into your personal accounts and even your work assets.

In our latest blog post, Morgan Davis shows how to cut that risk with low-cost controls you can apply today, no enterprise tools needed. It teaches security thinking to help you reduce your attack surface and more.

📌 Read the guide here: https://www.pentestpartners.com/security-blog/hardening-your-home-lab/

#cybersecurity #homelab #selfhosting #dockersecurity #linuxsecurity #infosec