What is BAS 2.0 and Why You Need It
In a fast-evolving threat landscape, traditional Breach and Attack Simulation (BAS) tools are limited. Built based on predefined scenarios, they’re gr...

How to Prioritize Vulnerabilities Effectively

There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. How is that? Well, if you were the a...

How DTCC Upgraded their SOC into a Cyber Threat Fusion Center

By Shawn Baird, Associate Director, Offensive Security and Tactics, DTCC Based on a session given at PenteraCon 2024 When the speed and complexity...

Forti-fied? Logging blind spot revealed in FortiClient VPN

Virtual private networks (VPNs) have become widely used by enterprises for secure remote network access to protect sensitive data. This critical role ...

What’s Behind the Rising Costs of Data Breaches?

Data breaches are more costly than ever, averaging USD 4.88 million in 2024—a 10% rise. This spike is largely due to increased expenses related to los...

Two New Zero-Day Vulnerabilities Uncovered in FortiClient VPN

Introduction Our latest research from Pentera Labs uncovers high-severity Fortinet vulnerability CVE-2024-47574, exposing risks in FortiClient's use ...
2024 State of Pentesting Survey
Download

APT Attacks: The Sith Lords of the Cyber World

Advanced Persistent Threats (APTs) are like the Sith Lords of the cyber world—stealthy, relentless, and always lurking in the shadows. Mentioning them...

How Attackers Can Achieve a DoS Attack in Microsoft Active Directory

In this blog, we explore how attackers can exploit a limitation in Active Directory (AD) Security Identifiers (SIDs) to lock users out of the domain w...

Continuous Security Validation Against AI-Driven Threats – A Field CISO’s Insights

Despite substantial investments in cybersecurity, breaches keep happening—especially as AI changes the game for attackers and defenders alike. AI-driv...
Begin your security validation journey
Request a demo
Book your demo now >
Preventing DHCP Spoofing Attacks
DHCP is an essential Windows networking protocol and a favorite among network admins. Let’s go over the basics of DHCP allocation and review common ...

Understanding VMware vCenter Privilege Escalation

Executive summary Pentera’s research team ‘Pentera Labs’ discovered a vulnerability in VMware’s vCenter Server program. The affected VMware s...

Understanding Ransomware Insider Threats

The trope of the burglar comparison in cybersecurity is more than overused. But when we talk about the damage of a break-in, it’s not just picking t...

Exploring the PrintNightmare Vulnerability

Greenpeace recently took credit for the PrintNightmare exploitation. Warning that if the world does not shift to paperless immediately, further deva...
Strategies to Ensure Ransomware Readiness
If this question is keeping you up at night, you are certainly not alone. The threat is tangibly real and immediate, with ransomware damages project...

Understanding Top Exploited Vulnerabilities

There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. Why is that? Well, if you were the...

Welcome to Pentera’s Next Phase of Security

Today we embark on a new journey. One that will have even a bigger impact on our customers, as we continue to contend with the ever-evolving threat ...

Must-Have Features for Security Validation Tools

With an expanded remote workforce and a rise in cyber-attacks over the past year, validating organizational resilience is top of the enterprise agen...
The Buyer's Guide to Security Validation
Download

Key Lessons from the Top 5 Cyber Attacks of 2020

Remote working is often cited as one of the top reasons for the rise in cyber-crime in 2020, but it’s far from the only growing challenge for today’...