What is not online cannot be hacked. In today’s digital landscape, that simple truth is more relevant than ever. As organizations expand their online presence through cloud services and third-party integrations, their attack surface grows with it. Every exposed domain, subdomain, open port, or misconfigured service becomes a potential entry...

“All World Cards” is a new underground card shop created at the end of May 2021. The card shop went quite unnoticed until it caught the attention of the cybercriminal underground and the cybersecurity industry on August 2, 2021, by making publicly available one million compromised cards totally free of...

Outpost24, an innovator in full-stack cybersecurity assessment, today announced the acquisition of Blueliv, a leading cyber threat intelligence company in Barcelona, Spain. STOCKHOLM, July 13, 2021 – Outpost24, an innovator in full stack cybersecurity assessment, today announced the acquisition of Blueliv, a leading cyber threat intelligence company in Barcelona, Spain....

Aviva, Prudential and Allianz amongst European insurers with application security issues London 30 June, 2021 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of its 2021 Web Application Security for Insurers Report, which analysed the web applications of the top 10 European insurance providers,...

Initial Access Brokers (IABs) are financially motivated threat actors that profit through the sale of remote access to corporate networks in underground forums, like Exploit, XSS, or Raidforums. The type of accesses offered are mostly Remote Desktop Protocol (RDP), Virtual Private Network (VPN), web shells, and remote access software tools...

Introduction Taurus Stealer, also known as Taurus or Taurus Project, is a C/C++ information stealing malware that has been in the wild since April 2020. The initial attack vector usually starts with a malspam campaign that distributes a malicious attachment, although it has also been seen being delivered by the...

Fast Flux is a technique that was seen for the first time in 2007 - and that is still used today -which allows attackers to resist dismantling, the ability to hide the true command and control servers, phishing sites, malware or clandestine markets, and take on possible countermeasures and censorship....

In the year that we celebrate Outpost24’s twenty-year anniversary, we are delighted to announce the new CEO appointment London, UK - 7 April 2021 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced that its board of directors has appointed Karl Thedéen as its new Chief Executive...

As organizations adopt cloud services, remote work, third-party integrations, and digital transformation initiatives, their IT environments have become increasingly complex—and increasingly visible to attackers. Every exposed web server, misconfigured cloud bucket, forgotten subdomain, or unsecured API becomes a doorway that adversaries can exploit. A 2021 report revealed that 69% of organizations...

According to Verizon's 2025 Data Breach Investigations Report, there has been a 34% rise in attackers exploiting vulnerabilities to gain initial access and cause security breaches in the past year. As a result, enterprise security teams are looking more closely at how security controls can be integrated to DevOps without...