Dude! It's just a printer! 4/21/22 6:08 PM A few months ago, during an internal infrastructure penetration test, the network printers played a... READ MORE
Categories Cybersecurity (95) Web Security (79) Website Security (54) Magento (52) PCI, PA-DSS and P2PE (46) Forensics and Incident Response (40) Malware (28) Penetration Testing (23) eCommerce (22) Foregenix (21) Indicators of compromise (20) Hack (16) Vulnerability (16) News (15) GDPR (13) Web Scan (11) Compliance (10) Encryption (7) Fraud (7) DFIR (4) Travel Agents (4) WAF (4) Insider (3) JavaScript (3) SSF (3) Serengeti (3) website security scanner (3) Cryptocurrency (2) Ransomware (2) Blockchain (1) CVE-2021-26411 (1) Crypto-mining (1) Firewall (1) Foxsocket backdoor (1) MITRE Techniques (1) PCI SSF (1) PCI SSF Secure Software Standard (1) PrintNightmare (1) Purple Fox (1) SMB (1) SWIFT (1) The Queens Awards (1) WPAD (1) WebScan (1) escalation exploits (1) software security (1) SEE ALL
Foregenix’s Global Penetration Testing Practice Achieves CREST Accreditation 10/8/20 11:22 AM MARLBOROUGH, UK -- Foregenix, a top cybersecurity player in the Payments and Banking industry, is... READ MORE
Amazon GuardDuty Security Review 9/2/20 9:15 AM Recently, Foregenix worked with Amazon Web Services to do a security review of the GuardDuty... READ MORE
Using DNS as an out-of-band command output retrieval channel 6/4/20 10:02 AM Setting the scene A fair amount of the work we do in the Foregenix Penetration Testing team is, in... READ MORE
Detection Lab for Pentesters 4/15/20 10:00 AM Detection Lab, designed and maintained by Chris Long, is a collection of Vagrant and Packer... READ MORE
Introducing RETURNINGPATIENT 4/9/20 10:00 AM In our previous post, Red Teaming: Command and Control protocols, we performed a very brief... READ MORE
Red Teaming: Command and Control protocols 4/7/20 10:00 AM Red teaming, in an information security context, is an adversarial-based offensive activity against... READ MORE
A first look at today’s Command and Control frameworks 4/1/20 10:00 AM In InfoSec history books, 2019 should be called ‘The year of the Post-Exploitation Command and... READ MORE
Kick-starting your internal Purple Team program on a budget 1/30/20 12:00 PM We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's... READ MORE
Testing Problematic Authorisation Tokens With Burp 10/5/18 3:36 PM Every so often a web application comes along where a bit of customization is required in your... READ MORE
Getting to Grips With the Australian Notifiable Data Breaches Scheme 6/19/18 1:48 PM In light of the Notifiable Data Breaches (NDB) scheme which came into effect in Australia on... READ MORE
New Services to Secure Blockchain & Cryptocurrency 5/16/18 12:30 PM Foregenix is proud to announce the launch of its Blockchain & Cryptocurrency Security Practice.... READ MORE