Topics
Recent
Emulating Cryptomining Attacks: A Deep Dive into Resource Draining with GPU Programming
Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ...
Aligning Security Testing with IT Infrastructure Changes
With 73% of organizations tweaking their IT setups every quarter, it’s concerning that only 40% are aligning their security checks accordingly. This f...
Meeting the DORA Mandate: Approaching ICT Risk Management with Pentera
The countdown to January 2025 is on, and for financial institutions in Europe, the Digital Operational Resilience Act (DORA) isn’t just another regula...
Identity Breaches in 2024 – An Ounce of Hygiene is Worth a Pound of Technology
Identity is a key to open a door
Who are you? Yes, you reading. Who are you?
There’s probably a lot of ways you can answer that question, and that...
The Kubernetes Attack Surface
Do you remember the days when cyber security was easy? That never happened. But even though it was hard, we knew what we needed to do; which user perm...
Blueprint for Success: Implementing a CTEM Operation
The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to t...
Surviving LockBit Lessons from a Ransomware Attack
On April 13, 2023, we were hit hard. The University of Health Sciences and Pharmacy (UHSP) faced a serious adversary: The notorious LockBit ransomware...
Return of the RCE: Addressing the regreSSHion Vulnerability – CVE-2024-6387
A Regrettable Resurgence
On July 1, 2024, the Qualys Threat Research Unit (TRU) published their discovery of an unauthenticated remote code executio...
Zero footprint attacks: 3 steps to bypass EDR with reflective loading
EDR (Endpoint Detection and Response) evasion techniques are becoming increasingly common amongst attackers as they evolve their strategies to bypass ...
Begin your security validation journey
Request a demo
Explore
Fundamentals of Cloud Security Stress Testing
“Defenders think in lists, attackers think in graphs” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those...
Verizon’s 2024 Data Breach Investigations Report: Key insights
The 2024 Data Breach Investigations Report (DBIR) is out, providing an in-depth look at the latest trends in cybersecurity. This year's findings revea...
Pentera’s 2024 report reveals hundreds of security events per week, highlighting the criticality of continuous validation
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half....
Managing the Financial Industry’s Attack Surface
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobil...
Tackling Cloud Security Challenges
As much as we love the cloud, we fear it as well.
We love it because cloud computing services of Amazon, Azure, and Google have transformed operati...
Next-Gen Cloud Security Solutions
Cloud computing has fundamentally changed how we operate. It's efficient and scalable, but it's not without some problems. Security is the biggest. As...
Protecting Against Ivanti Zero-Day Vulnerabilities
Ivanti Ground Zero
On January 10, 2024, Ivanti disclosed two vulnerabilities, CVE-2023-46805 and CVE-2024-21887, impacting its Ivanti Connect Secur...
4 steps to knowing your exploitable attack surface
According to Cisco's latest cybersecurity reports, 19% of organizations had over 100,000 daily security alerts in 2023, a significant increase from ...
How to attack and protect WebLogic server
WebLogic is a popular enterprise middleware tool that orchestrates the interaction between backend systems and frontend clients. This makes it a val...