logo.png
GET GDPR READY

Foregenix Blog

Zacharias Pigadas

Recent Posts

Zacharias Pigadas

Purple Teaming, here's what you need to know.

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More
Zacharias Pigadas

Supply Chain Attacks: A Closer Look

,09/01/18 09:11

 

 

Cybersecurity is beginning to take it's rightful place at the forefront of business operations, but hackers are constantly searching for work arounds. They're constantly looking for weak links to increase their chance of breaching secure targets. That's where supply chain attacks come in. 

We, as Foregenix and as a security community, have seen our fair amount of breaches publicised the last year or so. Many of them are your run-of-the-mill breach where software is out-of-date, which provides an avenue for attackers within your infrastructure; or a phishing email that is sent to a list of potential targets to act upon it. We have also seen an increase in a certain category of attacks called a supply chain attack. But, what is a supply chain attack and why should you care?

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

Insider, penetration testing, Hack

,25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Zacharias Pigadas

Getting The Most Out Of Your Web Application Penetration Test

The purpose of this post is to help clients better prepare, digest and act upon the results of a web application penetration test.

Read More
Zacharias Pigadas

How Your Cyber Security Efforts Can Turn Into Security Nightmares

A short (and fairly common) story of how quick and dirty initiatives to deal with security weaknesses can actually land you an ordeal of problems and eventually get your systems compromised.

Read More

Zacharias Pigadas

Recent Posts

Zacharias Pigadas

Purple Teaming, here's what you need to know.

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More
Zacharias Pigadas

Supply Chain Attacks: A Closer Look

,09/01/18 09:11

 

 

Cybersecurity is beginning to take it's rightful place at the forefront of business operations, but hackers are constantly searching for work arounds. They're constantly looking for weak links to increase their chance of breaching secure targets. That's where supply chain attacks come in. 

We, as Foregenix and as a security community, have seen our fair amount of breaches publicised the last year or so. Many of them are your run-of-the-mill breach where software is out-of-date, which provides an avenue for attackers within your infrastructure; or a phishing email that is sent to a list of potential targets to act upon it. We have also seen an increase in a certain category of attacks called a supply chain attack. But, what is a supply chain attack and why should you care?

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

Insider, penetration testing, Hack

,25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Zacharias Pigadas

Getting The Most Out Of Your Web Application Penetration Test

The purpose of this post is to help clients better prepare, digest and act upon the results of a web application penetration test.

Read More
Zacharias Pigadas

How Your Cyber Security Efforts Can Turn Into Security Nightmares

A short (and fairly common) story of how quick and dirty initiatives to deal with security weaknesses can actually land you an ordeal of problems and eventually get your systems compromised.

Read More

Cyber Security Insights

Paul Taylor
21/05/18 09:14

Foregenix Identify Multiple Dell EMC RecoverPoint Zero-Day Vulnerabilities

Foregenix is disclosing six vulnerabilities which were identified in Dell EMC RecoverPoint products during a recent engagement. In the course of the ...

Read More

Andrew McKenna
17/05/18 14:26

Risk & Privacy: What are the board level considerations?

Problem: You’re on the board of a business and want to verify the business is implementing appropriate measures to adhere to security and privacy ...

Read More

Benjamin Hosack
16/05/18 12:30

New Services to Secure Blockchain & Cryptocurrency

Foregenix is proud to announce the launch of its Blockchain & Cryptocurrency Security Practice. Building upon years of experience in the Payment Card ...

Read More

Jake Dennys
14/05/18 15:42

Foregenix Take Best Security at The Techies 2018!

The Techie Awards 2018 are a Business Exchange initiative, created to celebrate the innovation and entrepreneurship of the IT community in Swindon & ...

Read More

David Kirkpatrick
02/05/18 14:22

Know Your Attack Surfaces

During our engagements, we sometimes find customers have difficulty in determining what hosts they own and if they are live on the Internet. This can ...

Read More