Forward Networks is a winner in the 2022 Business Insights Excellence in Customer Service Awards. We are over the moon — because our customers are our top priority. Our platform addresses unprecedented network complexity by collecting configuration and state data for all devices in the network and indexing it in a vendor-agnostic way.

Included by Gartner in 2021 as a major cybersecurity category and an emerging product, the External Attack Surface Management (EASM) term might be new. Still, the idea behind it is nothing new: identifying risks coming from internet-facing assets that an organization may be unaware of. A few companies, including Detectify, have been highlighting the importance of the attack surface and understanding the potential risks of the constantly-changing environment.

In our new tech tales series, we discuss how Synopsys customers use our products and services to uncover security risks in their organization. Synopsys customers span every industry—from small to large enterprises across financial services, automotive, public sector, medical and healthcare, and much more. One thing they all have in common is building trust into their software.

Most organizations employ mobile computing, which utilizes wireless communications for staff members to perform day-to-day tasks with more ease. While some organizations have deployed enterprise security standards on their wireless networks, Trustwave SpiderLabs has observed some organizations deviating from security best practices when it comes to managing a wireless environment leaving these wireless networks as low-hanging fruit for attackers to abuse.

Spoofing attacks are on the rise. What is a spoofing attack, you ask? Essentially, it attempts to gain unauthorised access to systems, devices or networks by masquerading as a valid user. In other words, spoofing attackers try to mimic or copy the behaviour of authorised users to steal information or gain access.

Threats knock on your door all the time. In this research piece, we explore BPFDoor — a backdoor payload specifically crafted for Linux in order to gain re-entry into a previously or actively compromised target environment. This payload has been observed across systems for five years, suggesting that the threat actors responsible for operating the malware have been around for some time and have likely operated undetected in many environments.