Call: 020 3095 0500
Twitter Linked In YouTube
Securing your business, together

More about Pen Test Partners ▾

Oracle wants you to run vulnerable Java to remove vulnerable versions of Java

Posted on Friday, July 3rd, 2015 by Pedro Venda.

Today Firefox recommended that I should update my Flash and Java plugins. The Java update requires updating the entire Java RE/SE stack, for which a link is kindly provided. So, as both Flash and Java are affected by known vulnerabilities it’s time to patch! While on the Oracle website the Java SE update page recommends […] Read More


Finding wireless kettles with social networks

Posted on Wednesday, July 1st, 2015 by Ken Munro.

One of the flaws with our attack against the iKettle is finding a victim with one to hack. If the kettle is unconfigured, then you might find one through searching the wigle.net database of war drives for the SSID iKettle as detailed in my post here. But that’s fairly lame, as all you can do […] Read More


Abusing software updates. GoPro Studio desktop app: Samsung keyboard app-style fail

Posted on Monday, June 29th, 2015 by Joe Durbin.

Before I get going it needs to be said that this post is not about bashing GoPro. It just so happens that the issue I found was prompted by looking at the GoPro software update process. The issues I found are common in LOADS of other pieces of software as well. Anyway, here goes… (There’s […] Read More


<< Older posts