Blog

Rogue Device Spotlight: Reaver Pro II

29.Jan.2020

Pwnie Express, an Outpost24 company

Created by Reaver Systems, the Reaver Pro II is a WiFi penetration testing tool focused on networks with insecure WEP and WPA2 implementations. Requiring minimal configuration, and capable of being controlled entirely through a straightforward web interface, the Reaver Pro II is advertised as one of the easiest methods available to identify and breach vulnerable WiFi networks.

Rogue Device Spotlight: MiniPwner

29.Jan.2020

Pwnie Express, an Outpost24 company

Originally created in 2012 by security researcher Kevin Bong, the MiniPwner leverages the incredibly flexible OpenWRT project to turn cheap consumer wireless routers into highly capable penetration testing devices. The initial iteration of the project was little more than stock OpenWRT running on the immensely popular TPLink MR703N, but that was enough to get the ball rolling, and the project has been steadily evolving since.

Website Security: Magecart and credit card skimming

14.Jan.2020

Simon Roe

Online payment skimming operations run by Magecart criminals continue to intensify and develop, reportedly compromising more than 2 million websites with the most infamous attack involving the breach of British Airways in 2018. Where credit card data of nearly 400,000 BA customers were compromised and resulted in a hefty fine of $230million and the moment the world stood up to take note of this new and dominant threat.

Rogue Access Point: The Ghostly Attack Surface That You Are Missing

17.Dec.2019

Gaining visibility of the wireless airspace is something many organizations and security teams have struggled due to the volume and capabilities being restricted to network teams. However, as we see reports of successful wireless attacks increasing, annual pen testing of wireless for compliance will become redundant.

Cyber Security in 2020 and beyond

04.Dec.2019

Outpost24 product managers

As digital transformation continues to take hold, enterprises across industries are under mainstream pressure to tighten their cyber defense as they evolve to cloud and become more application centric. Despite many boards boosting security resources and increasing spend in 2019, more than 3,800 data breaches have hit organizations with dire consequence. In the spirit of the holiday season we have compiled a list of 2020 predictions from our in-house security experts on the key trends and threats that should be high on any CISO’s agenda to deliver greater cyber hygiene and multi-layered defense.

Why shifting left will be key to securing your business in 2020

21.Nov.2019

Charlie Eriksen, CTO Adversary

Increasingly, boardrooms are starting to recognize a simple fact: Being hacked is a question of if, not when. It’s no secret that most companies have experienced some type of data breach, often without their own knowledge. This all adds up to estimates that a cyber-attack occurs every 39 seconds, if you believe such statistics. That puts huge pressure on organizations to decrease the likelihood of not only adding to this statistic, but also fulfilling their data privacy duty they have towards their users, employees and customers.

Outpost24 is named a Challenger in the Forrester Wave™: Vulnerability Risk Management, Q4 2019

07.Nov.2019

John Stock, Network Security Manager Outpost24

Outpost24 recognized among Vulnerability Risk Management vendors by analyst

Tools of the trade: PiPlant, dropping it like it’s hot

23.Oct.2019

Hugo van den Toorn, Manager Offensive Security at Outpost24

In this blog I will share why we use hardware implants for our Red teaming and physical penetration tests, how they work and how we make them.

Top 10 Cloud security myths infographic

19.Sep.2019

Sergio Loureiro, Cloud Security Director

Check out our interactive infographic of the top 10 cloud security myths and common misconceptions.

Cloud security: an inconvenient truth about IT transformation

10.Sep.2019

By Sergio Loureiro, Product Manager Outpost24

While the idea of a Shared Responsibility Model is conceptually understood, organizations taking advantage of the transformative power of public cloud platforms continue to come short practically, of the implementation of basic security controls, giving hackers a one-way ticket to their critical assets and data.