Imagine your organization's digital fortress - now picture a thousand hidden doors, each a potential entry point for cyber threats. In the world of cybersecurity, these doors are known as 'external attack surface vulnerabilities' and understanding them is the first step to locking them down. External attack surface vulnerabilities are...

During a recent customer engagement, I came across an instance of a rather rare vulnerability class called HTTP request smuggling. Over the course of several grueling days of exploit development, I was eventually able to abuse this vulnerability to trigger a response queue desynchronization, allowing me to capture other users’...

How does phishing-as-a-service (PhaaS) really work, and can it really bypass MFA? Here, we will walk you through the user interface of a PhaaS platform, and how its users can quickly build their own attacks using the built-in attack models and templates (and bypass MFA). For a layered approach, beyond...

As the threat landscape evolves, so must the methods and tools to safeguard critical digital assets. Traditional vulnerability management programs that were once considered the gold standard are starting to show limitations in their ability to address complex cyber risks, leaving teams to manually triage long lists of potential vulnerabilities....

About this talk You can't stop the expansion of your external attack surface, but you can identify unknown assets and their vulnerabilities to mitigate the security risk. External attack surfaces expand due to modern software development practices, mergers and acquisitions, the adoption of multi-cloud strategies and much more. Many organizations...

About this talk As enterprises increasingly migrate towards cloud ecosystems, we find ourselves navigating a hybrid realm, where servers span both sides of the cloud, and clients must seamlessly function across these domains. However, this new frontier presents a challenge that cybercriminals are exploiting, making it imperative for businesses to...

Dark AI tools are software applications that use artificial intelligence for malicious purposes, such as hacking, phishing, and spreading disinformation. These tools can automate and enhance cyberattacks, making them more sophisticated and harder to detect. Threat actors are constantly looking for new ways or paths to achieve their goals, and...

An emerging cybersecurity solution space with its own definition has been coined in recent years: Attack Surface Management or ASM. Gartner, Forrester and other industry analysts have described the term in recent reports, adding the word ‘external’ to indicate the outside-in perspective of these solutions. The term External Attack Surface...

How can you take a proactive approach to your organization’s cybersecurity strategy? Scoping the threat landscape and having a solid incident response plan is a good start. But you also need to continuously seek out vulnerabilities and weaknesses to remediate or mitigate. These vulnerabilities and weaknesses aren’t just limited to...

Website Terms of Use  Introduction  Outpost24 is committed to protecting your privacy rights. By accessing and using the Outpost24 website, www.outpost24.com (“the Site”), you agree to these Terms of Use. The Terms of Use describe how personal information (“Personal Information” shall have the meaning set out in Regulation (EU) 2016/679 of 27...