Dude! It's just a printer! 21/04/22 18:08 A few months ago, during an internal infrastructure penetration test, the network printers played a... READ MORE
Categories Cybersecurity (93) Web Security (77) Website Security (50) Magento (48) PCI, PA-DSS and P2PE (43) Forensics and Incident Response (40) Penetration Testing (23) Malware (22) Foregenix (21) Indicators of compromise (19) eCommerce (18) Hack (16) Vulnerability (16) News (15) GDPR (13) Web Scan (10) Compliance (9) Fraud (7) Encryption (6) SSF (4) Travel Agents (4) WAF (4) DFIR (3) Insider (3) JavaScript (3) Serengeti (3) Cryptocurrency (2) Ransomware (2) Blockchain (1) CVE-2021-26411 (1) Crypto-mining (1) Firewall (1) Foxsocket backdoor (1) MITRE Techniques (1) PCI SSF Secure Software Standard (1) PrintNightmare (1) Purple Fox (1) SMB (1) SWIFT (1) The Queens Awards (1) WPAD (1) escalation exploits (1) software security (1) SEE ALL
Foregenix’s Global Penetration Testing Practice Achieves CREST Accreditation 08/10/20 11:22 MARLBOROUGH, UK -- Foregenix, a top cybersecurity player in the Payments and Banking industry, is... READ MORE
Amazon GuardDuty Security Review 02/09/20 09:15 Recently, Foregenix worked with Amazon Web Services to do a security review of the GuardDuty... READ MORE
Using DNS as an out-of-band command output retrieval channel 04/06/20 10:02 Setting the scene A fair amount of the work we do in the Foregenix Penetration Testing team is, in... READ MORE
Detection Lab for Pentesters 15/04/20 10:00 Detection Lab, designed and maintained by Chris Long, is a collection of Vagrant and Packer... READ MORE
Introducing RETURNINGPATIENT 09/04/20 10:00 In our previous post, Red Teaming: Command and Control protocols, we performed a very brief... READ MORE
Red Teaming: Command and Control protocols 07/04/20 10:00 Red teaming, in an information security context, is an adversarial-based offensive activity against... READ MORE
A first look at today’s Command and Control frameworks 01/04/20 10:00 In InfoSec history books, 2019 should be called ‘The year of the Post-Exploitation Command and... READ MORE
Kick-starting your internal Purple Team program on a budget 30/01/20 12:00 We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's... READ MORE
Testing Problematic Authorisation Tokens With Burp 05/10/18 15:36 Every so often a web application comes along where a bit of customization is required in your... READ MORE
Getting to Grips With the Australian Notifiable Data Breaches Scheme 19/06/18 13:48 In light of the Notifiable Data Breaches (NDB) scheme which came into effect in Australia on... READ MORE
New Services to Secure Blockchain & Cryptocurrency 16/05/18 12:30 Foregenix is proud to announce the launch of its Blockchain & Cryptocurrency Security Practice.... READ MORE