Pen Test Partners – WindowsTechs.com

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)

Posted on February 21, 2024 by Zeljka Zorz

VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities haven… Continue reading VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)→

Male Chastity Device Comes with Massive Security Flaws

Posted on October 6, 2020 by Tara Seals

Smart sex toy vulnerable to hacks, researchers say — which could expose users’ most sensitive bits (of data) to cybercriminals. Continue reading Male Chastity Device Comes with Massive Security Flaws→

Use an NVIDIA GPU? Check whether you need security updates

Posted on October 1, 2020 by Zeljka Zorz

NVIDIA has released security updates for the NVIDIA GPU Display Driver and the NVIDIA Virtual GPU Manager that fix a variety of serious vulnerabilities. The driver security update should be implemented by users of the company’s desktop, workstati… Continue reading Use an NVIDIA GPU? Check whether you need security updates→

Known Citrix Workspace Bug Open to New Attack

Posted on September 22, 2020 by Tara Seals

Windows MSI files provide an opening for attackers even though the bug was mostly patched in July. Continue reading Known Citrix Workspace Bug Open to New Attack→

A SonicWall cloud bug exposed corporate networks to hackers

Posted on September 2, 2020 by Zack Whittaker

A newly discovered bug in a cloud system used to manage SonicWall firewalls could have allowed hackers to break into thousands of corporate networks. Enterprise firewalls and virtual private network appliances are vital gatekeepers tasked with protecting corporate networks from hackers and cyberattacks while still letting in employees working from home during the pandemic. Even […] Continue reading A SonicWall cloud bug exposed corporate networks to hackers→

GDPR Compliance Site Leaks Git Data, Passwords

Posted on April 27, 2020 by Lindsey O'Donnell

Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules. Continue reading GDPR Compliance Site Leaks Git Data, Passwords→

Your Smart Christmas Lights Are Safer Than They Were Last Year

Posted on December 12, 2019 by Elizabeth Montalbano

Manufacturers of the Twinkly IoT-connected lights slightly boosted security by switching out the Wi-Fi module, according to Pen Test Partners. Continue reading Your Smart Christmas Lights Are Safer Than They Were Last Year→

Pen testers find mystery black box connected to ship’s engines

Posted on October 17, 2019 by John E Dunn

It had an Ethernet connection to the ship LAN but was also connected to a Windows console on the bridge which was so bright at night the crew had covered it up. The assumption had been that it was meant to be there. Continue reading Pen testers find mystery black box connected to ship’s engines→

On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels

Posted on October 15, 2019 by Tara Seals

Unknown, vulnerable systems are present in nearly every ship environment that researchers have pen-tested. Continue reading On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels→

On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels

Posted on October 15, 2019 by Tara Seals

Unknown, vulnerable systems are present in nearly every ship environment that researchers have pen-tested. Continue reading On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels→