Offensive
Security Blog

Advisory

Security Advisory: Immuta Version 2.8.2

Nov 4, 2020

Four vulnerabilities were identified within Immuta including XSS, content injection, insufficient authorization controls and improper session management.

By Chris Davis

Industry

Cheating at Online Video Games and What It Can Teach Us About AppSec (Part 2)

Nov 2, 2020

Dan Petro examines more methods of how cheating at video games applies to appsec, including having a computer or bot automate technically demanding tasks.

By Dan Petro

Industry

Cheating at Online Video Games and What It Can Teach Us About AppSec (Part 1)

Oct 29, 2020

Dan Petro examines some classic examples of online video game cheats and explores the lessons these cheats reveal in relation to application security.

By Dan Petro

Advisory

Winston Privacy Version 1.5.4

Oct 27, 2020

Advisory on nine vulnerabilities in the Winston Privacy VPN version 1.5.4 including critical risk command injection & high risk cross-site request forgery.

By Chris Davis

Industry

Accidentally Secure Is Not Secure: A Case of Three Stooges Syndrome

Oct 20, 2020

During pen testing, components or features vulnerable to serious issues that aren't yet exploitable can become major problems after ordinary code changes.

By Dan Petro

Industry

Bishop Fox Fights for Election Security

Oct 14, 2020

Vincent Liu was a technical expert in a case involving the State of Georgia election and digital voting machine security (Curling v. Raffensperger).

By Bishop Fox

Industry

How to Keep Your Organization Safe From Social Engineering

Oct 13, 2020

Daniel Wood reviews mistakes organizations make with social engineering and how to mitigate risks with better security controls, training, and processes.

By Daniel Wood

Industry

Defining the Scope of Your Pen Test

Oct 6, 2020

A guide through the decisions that need to be made when planning a penetration test including defining the targets, boundaries, and depth of an assessment.

By Jake Miller

Industry

When Automation Isn’t Enough: The True Impact of Human Expertise on Your Perimeter

Sep 30, 2020

Ori Zigindere highlights the need for human experts to conduct a thorough analysis of seemingly minor attack surface issues scanners often miss.

By Ori Zigindere

Technical Research

Design Considerations for Secure GraphQL APIs

Sep 28, 2020

Discusses security risks and bugs to GraphQL deployments and migrations and covers high-risk authorization vulnerabilities and less familiar SSRF issues.

By Jake Miller

Industry

More Important Than a TPS Report: Designing a Realistic CTF for DEF CON Safe Mode

Sep 22, 2020

Barrett Darnell discusses how the DEF CON Red Team Village The Office themed Capture the Flag competition and Continuous Attack Surface Testing are similar

By Barrett Darnell

Technical Research

Design Considerations for Secure Cloud Deployment

Sep 15, 2020

Guidance on how to design a secure cloud deployment including reducing attack surface, simplifying maintenance, and ways to catch mistakes in the future.

By Jake Miller

Technical Research

h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)

Sep 8, 2020

Demonstrating how upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections can allow a bypass of edge-proxy access controls.

By Jake Miller

Culture

Music to Hack To: A Bishop Fox Mixtape

Sep 3, 2020

Security consultants' favorite hacking music playlists that help them stay in the zone during engagements including classical, synthwave, and soundtracks.

By Britt Kemp

Advisory

Zamzar API Advisory

Aug 27, 2020

A high risk vulnerability allowing for server side forgery request (SSRF) and local file inclusion as the root user was found in the Zamzar API.

By Chris Flanagan

Industry

What Makes a Good Penetration Test?

Aug 25, 2020

Jake Miller highlights how to evaluate a penetration test for quality, including clear and actionable deliverables, remediation recommendations, and more.

By Jake Miller

Industry

20 Tips on How to Make the Most of Your Pen Test

Aug 19, 2020

Jake Miller shares guidance about how to get the most value from pen testing consulting services for companies at every stage of security program maturity.

By Jake Miller

Industry

8 Recommended Talks From DEF CON 28

Aug 18, 2020

Eight recommended talks from DEF CON 28 aka DEF CON Safe Mode, on infosec topics. Speakers include: Ankur Chowdhary, Daniel Miessler, Sean Metcalf and more

By Britt Kemp

Advisory

TinyMCE, Version 5.2.1 Advisory

Aug 12, 2020

Bishop Fox advisory on TinyMCE application in version 5.2.1. One high risk cross-site scripting vulnerability was found in the application.

By George Steketee, Chris Davis

Industry

Is This IoT App Safe to Drink?

Aug 11, 2020

Sound policies to legislate the of Internet of Things (IoT) can help government and industry regulate and improve IoT product security and transparency.

By Brianne Hughes

Industry

A Look Forward to the DEF CON Red Team Village CTF

Aug 5, 2020

CTF at 2020 DEFCON Red Team Village will be on a corporate Windows Active Directory environment that allows red teamers to improve security testing skills.

By Barrett Darnell

Industry

Are You Giving Out Cheat Codes if You Whitelist Pen Testers?

Jul 29, 2020

Have specific goals for a pen test to determine whether or not to whitelist (or safelist). Whitelisting IP addresses helps pen testers access a network.

By Brianne Hughes

Industry

An Updated Guide to Do-It-Yourself Network Segmentation

Jul 23, 2020

Bishop Fox's updated guide to do-it-yourself network segmentation shows how to practically and inexpensively ensure network security for home or business .

By Matt Keeley

Advisory

LibreHealth Version 2.0.0

Jul 14, 2020

Bishop Fox advisory on five vulnerabilities in LibreHealth application 2.0.0 including SQL injection, cross-site scripting and cross-site request forgery.

By Chris Davis