Call: 020 3095 0500
Twitter Linked In YouTube
Securing your business, together

More about Pen Test Partners ▾

Wildcard SSL certificates, not good value any more, my Heartbleeds

Posted on Tuesday, April 15th, 2014 by Ken Munro.

Wildcard SSL certificates make for much less hassle and cost when administering your HTTPS services. Why would you need individual certs for every box when one will do? Buying a certificate for *.company.com is so much cheaper than buying one each for: owa.company.com sslvpn.company.com www.company.com criticalrevenuegeneratingwebapp.company.com etc. And you only have one to renew, one […] Read More


Security vs the community: you’re doing it right!

Posted on Monday, April 14th, 2014 by Pedro Venda.

So the Heartbleed vulnerability was disclosed on the 7th April as has been extensively discussed on our blog and pretty much all around the Internet. I’m pretty sure every sysadmin was into their elbows with placing support calls, patching and rebooting stuff, contacting security people and deciding what to do with services that could not […] Read More


Heartbleed in the wild, the call of duty

Posted on Monday, April 14th, 2014 by David Lodge.

Oh look, it’s yet another blog post about the Heartbleed vulnerability, yeah we know it’s bad and we should patch stuff as soon as possible. Well, not exactly, what I thought I’d demonstrate is a real world exploit of the vulnerability that I came across. The bug itself is a simple example of memory leakage […] Read More


<< Older posts