Bishop Fox
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at …
AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse …
CloudFoxable: Open-source AWS penetration testing playground
CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to …
Bishop Fox expands social engineering adversarial emulation services
Bishop Fox has expanded its social engineering testing services, which are an integral part of the company’s Red Team portfolio. In contrast to narrow and rudimentary security …
Red teaming can be the ground truth for CISOs and execs
This year, against the backdrop of attacks on everyone from healthcare institutions and schools to financial services organizations, as well as the introduction of legislation …
The most frequently reported vulnerability types and severities
Bishop Fox collected and analyzed publicly disclosed reports from January to July 2022 to better understand the most frequently reported vulnerability types, the …
Bishop Fox appoints Patty Wright as SVP and GM of consulting
Bishop Fox announced the appointment of accomplished industry executive, Patty Wright, as senior vice president and general manager of consulting. Wright brings a wealth of …
How micro-segmentation creates an uphill battle for intruders
The past few years have seen a major shift in security strategies from looking outward for external threats to detecting and defending against adversaries that have already …
Red teaming: Why a forward offense is the best defense
Companies are under constant threat. Opportunistic attackers scan the internet for weak points, motivated attackers target specific organizations for susceptibility to a scam …
Is your perimeter inventory leaving you exposed? Why it’s time to switch from IP to DNS
Historically, security teams and tools have used IP addresses to define their targets and scopes. But in a world where applications and networks are increasingly cloud-hosted …
Bishop Fox raises $25 million to grow its research capabilities and security testing services
Bishop Fox, the largest private professional services firm focused on offensive security testing, announced that it closed $25 million in Series A funding from ForgePoint …
October Patch Tuesday: 61 bugs and one zero-day fixed
For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The …