Outpost 24

A Pen Tester's Guide to Content Security Policy

Jan 10, 2023 By Jimmy Bergqvist In Outpost 24

In this article, we’ll look at Content Security Policy through the eyes of a penetration tester. We will outline the advantages of CSP, explain why you should have it on your site, and share some common misconfigurations that can be exploited, along with the relevant bypass scenarios. What is Content Security Policy?

Read Post

Outpost 24

Read more about A Pen Tester's Guide to Content Security Policy

2023 Cybersecurity Predictions

Dec 13, 2022 By Outpost 24 In Outpost 24

In light of the numerous large-scale cyberattacks witnessed in the last year, 2023 promises to be an exciting time for cybersecurity. Outpost24 experts share their thoughts on what we can expect in the new year, and how to best prepare against new threats.

Read Post

Outpost 24

Read more about 2023 Cybersecurity Predictions

ISO 27002 puts Threat Intelligence center stage

Dec 2, 2022 By Outpost 24 In Outpost 24

The updated ISO 27002 adds 11 new controls spanning a range of security services, including the addition of threat intelligence control 5.7. The ISO 27000 series is an industry standard that has long defined and dictated base-level requirements for organizations’ information security management systems (ISMS). Through more than a dozen standards, the framework helps organizations demonstrate management commitment to their ISMS as they regularly review and improve their systems and procedures.

Read Post

Outpost 24

Read more about ISO 27002 puts Threat Intelligence center stage

Threat Actor of the Month - Sodinokibi

Nov 16, 2022 By Outpost 24 In Outpost 24

Meet "Sodinokibi" this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat

Read Post

Outpost 24

Read more about Threat Actor of the Month - Sodinokibi

Pentesting as a Service for Web Applications

Nov 3, 2022 By Outpost 24 In Outpost 24

Penetration testing is an effective way to detect flaws in your application before they turn into a serious threat, helping you better understand the applications attack surface. But in the always-on economy there comes a problem - traditional pen testing delivery takes weeks to set up and the results are point in time, which leaves critical application vulnerabilities exposed longer than it should - given the average time for a threat actor to weaponize a new vulnerability is only 7 days.

View Video

Outpost 24

Read more about Pentesting as a Service for Web Applications

CVE-2022-3602 and CVE-2022-3786: OpenSSL vulnerabilities affecting almost every organization

Oct 31, 2022 By Outpost 24 In Outpost 24

A critical vulnerability was discovered in current versions of OpenSSL affecting almost every organization. A fix is now out. Learn more about the vulnerabilities and what to do if you have been impacted.

Read Post

Outpost 24

Read more about CVE-2022-3602 and CVE-2022-3786: OpenSSL vulnerabilities affecting almost every organization

Threat Actor of the Month - Guacamaya

Oct 17, 2022 By Outpost 24 In Outpost 24

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America

Read Post

Outpost 24

Read more about Threat Actor of the Month - Guacamaya

Outpost24 supports TIBER-EU for threat intelligence-based ethical red-teaming

Oct 17, 2022 By Victor Acin, Labs Manager at Blueliv In Outpost 24

TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their cyber resilience. Thanks to its threat intelligence offering, Outpost24 is well-positioned to create attack scenarios in line with the TIBER-EU framework.

Read Post

Outpost 24

Read more about Outpost24 supports TIBER-EU for threat intelligence-based ethical red-teaming

Introducing GraceWrapper, TA505's sophisticated post-exploitation enabler

Oct 12, 2022 By David Catalán In Outpost 24

Since its inception almost a decade ago and the MirrorBlast campaign, the threat actor group known as TA505 has continued to plague the financial, retail and restaurant sectors.

Read Post

Outpost 24

Read more about Introducing GraceWrapper, TA505's sophisticated post-exploitation enabler

Threat Actor of the Month - Shathak

Sep 19, 2022 By Outpost 24 In Outpost 24

Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia

Read Post

Outpost 24

Read more about Threat Actor of the Month - Shathak

Subscribe to Outpost 24

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Outpost 24

A Pen Tester's Guide to Content Security Policy

2023 Cybersecurity Predictions

ISO 27002 puts Threat Intelligence center stage

Threat Actor of the Month - Sodinokibi

Pentesting as a Service for Web Applications

CVE-2022-3602 and CVE-2022-3786: OpenSSL vulnerabilities affecting almost every organization

Threat Actor of the Month - Guacamaya

Outpost24 supports TIBER-EU for threat intelligence-based ethical red-teaming

Introducing GraceWrapper, TA505's sophisticated post-exploitation enabler

Threat Actor of the Month - Shathak

Monthly Archive

Follow Us