Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Have you noticed it’s never “Hey, someone got by a firewall” or “WOW, they bypassed the network security”? No. It’s always about the Device. It’s the same for hackers because everything else is just a means to an end, and that end is your Device! Imagine, late at night, driving around the Amusement Park security gate, then busting open the locked gated fence. These actions are necessary to get to the big score, the Rides! Yaaahoo!

Do you know bot attacks are turning from bad to worse? Legacy defenses are showing their age. We gear up for this year’s cybersecurity awareness month with the new challenger – sophisticated bad bots.

This is an event & online exclusive video for you to meet our very own hacker here at Pentest People. In this video, we showcase our very own hacker, exclusively shown at one of our Concorde partner events this year.

Recently, Bulletproof’s pen testers participated in the Hack the Box Business CTF 2022 competition. This was a global InfoSec contest that pitted cyber security teams against one another in a series of hacking challenges, based on real-world vulnerabilities. There were 8 categories which included challenges of varying skill levels for teams to apply their hacking expertise to ‘capture the flag’.

Mandiant has reported an instance in which a group of North Korean hackers tainted the PuTTY SSH client through a malicious ISO package.

You’ve probably watched at least one movie or TV show where a hacker sneaks into someone’s house, finds a computer, and then guesses the password on the first try. They then declare, “I’m in!” before downloading reams of sensitive data.

San Francisco-based dYdX, a widely used decentralized crypto exchange with roughly $1 billion in daily trades, has had its NPM account hacked in a software supply chain attack that was likely aimed at gaining access to the company’s production systems. The company, founded by ex-Coinbase and Uber engineer Antonio Juliano, dYdX has raised a total of $87 million in funding over 4 rounds and is backed by some powerhouse investors, including Paradigm, a16z, and Polychain. Here is what we know.

From making contactless payments on mobile payment apps and viewing paperless menus to contact tracing Covid-19 cases, QR (Quick Response) codes are everywhere and in popular usage. This ubiquity and convenience have also made QR codes popular and lucrative targets for cybercriminals who leverage malicious QR codes to illegally gain access to confidential information, spread malware, or steal money.

Ever heard of pretexting? And no, we’re not talking about when you first carefully draft a risky text message before sending it! Pretexting is a sneaky and highly effective form of social engineering that attackers use to dupe people into sharing their personal information.