Seeing Pentera set a new standard for Enterprise-scale security validation with the launch of Pentera 7 brings me a great deal of satisfaction as a fu...
Misconfiguring just one word in Kubernetes can expose your AWS environment to the internet, putting your data and applications at serious risk. Kubern...
I've been in security research for quite a while now, so I've had more than a few opportunities to guide researchers during their security research en...
If you’re looking for ways to automate and streamline your security validation operations, the Pentera API is a powerful tool to have in your arsenal....
For many contractors, navigating the complexities of CMMC compliance presents significant challenges. The Cybersecurity Maturity Model Certification (...
Ransomware isn’t just a security issue; it’s a business problem that’s grown too big to ignore. What started as floppy-disk attacks back in the 1980s ...
In a fast-evolving threat landscape, traditional Breach and Attack Simulation (BAS) tools are limited. Built based on predefined scenarios, they’re gr...
There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. How is that? Well, if you were the a...
Virtual private networks (VPNs) have become widely used by enterprises for secure remote network access to protect sensitive data. This critical role ...
Data breaches are more costly than ever, averaging USD 4.88 million in 2024—a 10% rise. This spike is largely due to increased expenses related to los...
Introduction
Our latest research from Pentera Labs uncovers high-severity Fortinet vulnerability CVE-2024-47574, exposing risks in FortiClient's use ...
Advanced Persistent Threats (APTs) are like the Sith Lords of the cyber world—stealthy, relentless, and always lurking in the shadows. Mentioning them...
In this blog, we explore how attackers can exploit a limitation in Active Directory (AD) Security Identifiers (SIDs) to lock users out of the domain w...