Hacker News
- Social engineering dos and don'ts https://www.pentestpartners.com/security-blog/social-engineering-dos-and-donts/ 19 comments
- Breaking Samsung Firmware, or Turning Your S8/S9/S10 into a DIY “Proxmark” https://www.pentestpartners.com/security-blog/breaking-samsung-firmware-or-turning-your-s8-s9-s10-into-a-diy-proxmark/ 24 comments
- Pen Testing Ships. A year in review https://www.pentestpartners.com/security-blog/pen-testing-ships-a-year-in-review/ 23 comments
- Warning as 4G Hotspots Are Hacked https://www.pentestpartners.com/security-blog/reverse-engineering-4g-hotspots-for-fun-bugs-and-net-financial-loss/ 21 comments
- ‘eyeDisk’ USB drive secured with iris recognition reveals password in plain text https://www.pentestpartners.com/security-blog/eyedisk-hacking-the-unhackable-again/ 22 comments
- Hacking an assault tank...a Nerf one https://www.pentestpartners.com/security-blog/hacking-an-assault-tank-a-nerf-one/ 12 comments
- Cracking the Tapplock Smart Lock https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ 20 comments
- If you aren't soldering, you probably aren't testing IoT thoroughly https://www.pentestpartners.com/security-blog/if-you-arent-soldering-you-probably-arent-testing-iot-thoroughly/ 17 comments
- NoT: Taking the ‘Internet’ Out of IoT https://www.pentestpartners.com/security-blog/not-taking-the-internet-out-of-iot/ 13 comments
- Sinking container ships by hacking load plan software https://www.pentestpartners.com/security-blog/sinking-container-ships-by-hacking-load-plan-software/ 50 comments
- Screwdriving: Locating and exploiting smart adult toys https://www.pentestpartners.com/security-blog/screwdriving-locating-and-exploiting-smart-adult-toys/ 2 comments
- Vulnerable Wi-Fi dildo camera endoscope https://www.pentestpartners.com/blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/ 2 comments
- Backdoor in DVR firmware sends CCTV camera snapshots to email address in China https://www.pentestpartners.com/blog/pwning-cctv-cameras/ 52 comments
- Hackers Can Steal Gmail Credentials from Samsung Smart Fridges http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/ 3 comments
Lobsters
- Smart male chastity lock cock-up https://www.pentestpartners.com/security-blog/smart-male-chastity-lock-cock-up/ 78 comments hardware , security
- Totally Pwning the Tapplock Smart Lock https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ 12 comments security
- Breaking Out of Citrix and other Restricted Desktop Environments https://www.pentestpartners.com/security-blog/breaking-out-of-citrix-and-other-restricted-desktop-environments/ 2 comments security , windows
- Vulnerable Wi-Fi dildo camera endoscope. Yes really https://www.pentestpartners.com/blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/ 6 comments hardware , security
- Reverse Engineering a 5g 'Bioshield' https://www.pentestpartners.com/security-blog/reverse-engineering-a-5g-bioshield/ 24 comments netsec
- Reverse Engineering a 5g 'Bioshield' https://www.pentestpartners.com/security-blog/reverse-engineering-a-5g-bioshield/ 15 comments netsec
- Group sex app leaks locations, pics and personal details. Identifies users in White House and Supreme Court https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/ 59 comments programming
- Group sex app leaks locations, pics and personal details. Identifies users in White House and Supreme Court https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/ 35 comments privacy
- Group sex app leaks locations, pics and personal details. Identifies users in White House and Supreme Court https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/ 231 comments programming
- Group sex app leaks locations, pics and personal details. Identifies users in White House and Supreme Court https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/ 2402 comments technology
- 3 million vehicles can be unlocked remotely via trivially discovered web API vulnerability https://www.pentestpartners.com/security-blog/gone-in-six-seconds-exploiting-car-alarms/ 37 comments programming
- 3 million vehicles can be unlocked remotely via trivially discovered web API vulnerability https://www.pentestpartners.com/security-blog/gone-in-six-seconds-exploiting-car-alarms/ 78 comments netsec
- Tracking 20,000 skiers and listening to their walkie talkie chats! https://www.pentestpartners.com/security-blog/hacking-ski-helmet-audio/ 18 comments netsec
- Want entropy? Don't use a floating ADC input https://www.pentestpartners.com/security-blog/want-entropy-dont-use-a-floating-adc-input/ 11 comments electronics
- Unlocking a smart padlock using MD5... and that's it https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ 15 comments crypto
- “Let’s broadcast the key over Bluetooth. Oh, and use HTTP, no one will know” — the creators of the Tapplock, probably. https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ 434 comments programming
- Unlocking a smart padlock using MD5... and that's it https://www.pentestpartners.com/security-blog/totally-pwning-the-tapplock-smart-lock/ 142 comments netsec
- Z-Shave - a downgrade attack against the latest Z-Wave security standard https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/ 11 comments netsec
- Data exfil using pixel colour values, demo over RDP https://www.pentestpartners.com/security-blog/exfiltration-by-encoding-data-in-pixel-colour-values/ 18 comments netsec
- This time, the holes are in the dildo - WiFi enabled sex toy, full of vulnerabilities https://www.pentestpartners.com/blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/ 2 comments technology
- A WiFi camera dildo with fixed PSK and command injection https://www.pentestpartners.com/blog/vulnerable-wi-fi-dildo-camera-endoscope-yes-really/ 20 comments netsec
- Rooting a Samsung IP camera with a series of small vulnerabilities https://www.pentestpartners.com/blog/samsungs-smart-camera-a-tale-of-iot-network-security/ 65 comments netsec
- Jamming, replaying and brute-forcing the Yale HSA6400 home alarm https://www.pentestpartners.com/blog/alarm-systems-alarmingly-insecure-oh-the-irony/ 3 comments netsec
- Mitsubishi PHEV hybrid theft alarm only protected by a short, simple WPA2 PSK https://www.pentestpartners.com/blog/hacking-the-mitsubishi-outlander-phev-hybrid-suv/ 53 comments netsec
- A less conventional route to domain admin - via iSCSI and Lansweeper https://www.pentestpartners.com/blog/an-interesting-route-to-domain-admin-iscsi/ 5 comments netsec
- Pwning CCTV cameras https://www.pentestpartners.com/blog/pwning-cctv-cameras/ 50 comments netsec