​  CVE-2021-21972 In the first case, the less critical vulnerability CVE-2021-21973 is a Server-Side Request Forgery that can lead to information disclosure due to improper validation of URLs in a plugin. Some actors can take advantage of this if they have network access to port 443 by a POST request. This kind of vulnerability also...

In this blog, Outpost24 analysts investigate the current card shop ecosystem, from active shops that may grow in the vacuum left by Joker’s Stash’s withdrawal as well as other recently shuttered card shops. Introduction On February 15, 2021, after nearly 6.5 years in business, the prolific card shop Joker’s Stash...

2021 has barely begun and we have already witnessed what appears to be the biggest compilation of breached credentials in our lifetime. The Compilation of Many Breaches (COMB) was recently made available via an online forum, as broken by CyberNews, and contains over 3.2 billion credentials built up of unique pairs...

Earlier this week a website presumably owned by the actors behind the SolarWinds breach surfaced, claiming to be selling data obtained using the SolarWinds backdoor. The site, using the domain solarleaks.net, displays only a PGP signed message, in which the actors share links to download the stolen information, which has...

Sweepatic, an Outpost24 product, now detects tracking cookies that are set without any user consent. Prevent a fine and address violations of the EU GDPR regulation now! Based on a list of known marketing and analytics cookies, Outpost24's EASM platform Sweepatic now detects tracking cookies that are set without any user consent....

Outpost24’s SaaS platform is well positioned to meet the surge of demand in cloud-based cybersecurity offerings, as companies adapt to remote working and cost saving measures. London, 16 December 2020 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announce the closing of a new funding round for SEK 200 million...

Introduction Threat Actors make use of packers when distributing their malware as they remain an effective way to evade detection and to make them more difficult to analyze. Manual analysis can defeat these protections and help to develop tools that allow the unpacking of the malware. To develop these tools,...

New web application security study found US retailers had a larger attack surface, while EU retailers run more outdated services. London, U.K. – 10 November 2020 - Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of the 2020 Web Application Security for Retail & E-commerce Report,...

Sweepatic, an Outpost24 brand, is included in the ECSO Cybersecurity Market Radar. The European Cyber Security Organisation (ECSO) has released the ECSO Cybersecurity Market Radar. The Radar provides information on cybersecurity products and services based on a unique market-oriented taxonomy and the size of the companies. The five designated capabilities...

The prestigious CREST accreditation confirms Outpost24’s place as a trusted provider with elite standards in web application penetration testing London, UK – September 14,  2020 – Outpost24, an innovator for full stack cyber security assessment, announced today it has been officially awarded the prestigious CREST accreditation as a penetration testing...