Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Internal vs. External Network Penetration Testing: What IT Professionals Need to Know

As an IT professional, you know that cybersecurity threats are evolving every day. Hackers are finding new ways to infiltrate networks, steal data and disrupt operations. Bad actors often accomplish their goals by exploiting vulnerabilities, and they’re picking up the pace. The Verizon Data Breach Investigations Report 2024 highlighted a 180% rise in attacks that exploit vulnerabilities. One of the most effective ways to stay ahead of these threats?

NIS2 is Here: Frequent Penetration Testing is the New Standard

With sophisticated cyberattacks getting more frequent every day, and regulations around data privacy tightening, businesses across Europe are facing a big challenge: How do you keep your network safe, stay ahead of threats and make sure you're compliant with the latest regulations? Enter the NIS2 Directive — a step up for cybersecurity that demands organizations be ready to face any cyber storm that comes their way.

The Golden Age of Automated Pentesting for MSPs

The cyber threat landscape is constantly shifting, making it harder for MSPs to deliver top-notch security services while growing revenue. But thanks to advances in automation, MSPs now have the tools to offer scalable, efficient, and profitable cybersecurity services like never before—especially with penetration testing.

Network Pentesting - Your Cybersecurity Secret Weapon

In today’s challenging economy, no company can afford to fall victim to cybersecurity trouble like a cyberattack or data breach. Companies can invest in a wide array of cybersecurity solutions to help safeguard their networks and data, but how can they be sure that they’re making the right security choices? Even with a solid investment in cybersecurity, a company could still have dangerous vulnerabilities that cybercriminals can exploit. Enter penetration testing.

vPenTest Received 9 Badges in Fall 2023 from G2

Welcome to a new era of network penetration testing powered by vPenTest, an award-winning solution from Vonahi Security. vPenTest is changing the game, making regular penetration testing easy, affordable and highly effective for organizations of all sizes. That’s why vPenTest has been recognized as a top pentesting tool by G2.

#1 Best Pitch for Smoking Hot Tech

On July 21st, Vonahi Security won 1st place against 7 other innovative companies in Channel Program’s monthly Pitch Event. Each company had exactly 7-minutes to pitch their product or service to the channel. Over 450 MSP attendees feasted their eyes on some hot new tech. At the end of each pitch, attendees had about two minutes to fill out a survey and vote for their favorite pitch.

SrClient DLL Hijacking: a Windows Server 2012 0-day that won't be patched

I recently discovered that all versions of Windows Server 2012 (but not Server 2012 R2) are affected by a DLL hijacking vulnerability that can be exploited for privilege escalation. Moreover, the flaw can be triggered by a regular user and does not require a system reboot. Sounds like a pretty big deal, right? Well, not according to Microsoft, unfortunately.

What's in a (re)name: RCE Hunting in CMSs via Unrestricted File Upload

During a recent bug hunting binge I discovered my first two vulnerabilities that could be exploited to achieve remote code execution (RCE). No bragging rights were earned though, because finding and exploiting these issues was incredibly straightforward. I’m not humble bragging here (I wish). In fact, the issue underlying both vulnerabilities, which each affect a different content management system (CMS), is very basic and was literally the second thing I checked for.