Outpost 24

Karlskrona, Sweden
2001
Jul 18, 2022   |  By Fotios Liatsis
Social engineering is the art of manipulating people, so that they give up confidential information or perform an action you ask them to do. Read and learn first hand how modern phishing works to trick victims into giving up their credentials, bank information or computer access to secretly install malicious software. Adversaries use social engineering tactics because it is often easier and quicker to exploit human nature than to hack their way in.
Jul 13, 2022   |  By Outpost 24
Outpost24 announces it has partnered with Vitruvian Partners to power the Company's next phase of growth.
During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.
Jun 13, 2022   |  By Jose Miguel Esparza
Ransomware is the biggest cyber threat to businesses. First burst onto the scene in 1989, it has evolved significantly over the past few years from widespread attacks to highly targeted ransomware-as-a-service (RaaS) operations affecting organizations of all sizes and sectors. This article takes a look at the evolution of the ransomware ecosystem – what it looks like today, and how it has changed over time.
Jun 8, 2022   |  By Outpost 24
Jester stealer is an information stealer that has been around since mid-July 2021. Originally sold by the Russian speaking threat group "Jester_Stealer", in several underground forums and Telegram channels, they operate under a Malware-as-a-Service (MaaS) model and present themselves as a group of programmers. Here we delved into the Jester stealer functionalities with a code-level analysis and highlight the possible link between Jester stealer and the new breed of Eternity stealer.
May 27, 2022   |  By Anthony Ippolito, Security Consultant
This blog describes the attack path we have uncovered during a recent penetration test of a web application, coupled with a back-end infrastructure assessment. Throughout we introduce different attack techniques and tools that can be used to attack the underlying infrastructure and APIs of a web application.
In our latest credit card fraud investigation blog our threat intelligence analysts investigate the current card shop ecosystem, from active shops and the return of Rescator as well as other recently shuttered card shops and credit card fraud to look out for. Methodology Credit Card Fraud Investigation: Active Card Shops Credit Card Fraud Investigation: Inactive Card Shops Conclusions
May 17, 2022   |  By Blueliv
Ransomware continues to be a prevalent threat to almost every modern industry after a sudden renaissance at the beginning of the COVID-19 pandemic as threat actors sought to capitalize on overwhelmed organizations and their suddenly vulnerable employees. It poses a particular danger to companies that hold sensitive data and house valuable assets, or those that could impact countless other industries and organizations should their critical operations be taken offline.
May 10, 2022   |  By Outpost 24
Corporate credential theft is a targeted effort and makes FTSE 100 companies credentials particularly attractive to cybercriminals with accelerated digital transformation (BYOD and hybrid working). Once an attacker gets hold of stolen user credentials and passwords, they can sell the credentials in the cybercrime underground or use them to compromise an organization’s network, bypassing security measures and threaten the credibility and integrity of the institution.
May 2, 2022   |  By Blueliv
The first few months of 2022 have brought with them plenty of breaches and vulnerabilities for threat experts to sink their teeth into; in March alone, Microsoft has patched 71 CVEs, two of which, CVE-2022-22006 and CVE-2022-24501, were deemed critical–but more on those later. Meanwhile, cloud-based software company Okta has suffered a cyber-attack, believed to be at the hands of threat actor “Lapsus$”, which has put thousands of its 15,000 customers on high alert.
Mar 24, 2022   |  By Outpost 24
Ransomware has continued to grow in maturity throughout the first half of 2021. As businesses struggle to understand yet another major attack that hit the Kaseya supply chain, organizations are beginning to realize data backups and cyber insurance alone won’t save them.
Dec 14, 2021   |  By Outpost 24
The sheer volume of vulnerabilities security professionals have to deal with everyday poses a significant challenge to resource and time to patch. Learn how to narrow down high risk CVEs by focusing on exploit availability and threat context beyond CVSS.
Aug 13, 2021   |  By Outpost 24
Demands for cybersecurity are growing. Are you providing the solutions customers seek and need to improve their security competence and prevent data breach? Find out how to differentiate from local competitors by partnering with Outpost24.
Jul 15, 2021   |  By Outpost 24
Added links in Outpost24 Scale DAST tool to Secure Code Warrior for findings with a CWE. Where an Appsec finding is linked to a CWE we have introduced direct links to Secure Code Warrior eLearning training platform. This gives users the ability to understand what the vulnerability is and more importantly how to address these findings within their development process. Customers do not have to be customers of Secure Code Warrior (SCW) to enjoy the learning modules presented, though customers who are SCW customers may get further insights as well as tracking scores and other metrics.
Jun 1, 2021   |  By Outpost 24
We don’t think it’s fair that businesses are targets of cybercriminals. That's why we’ve created the most complete security assessment platform to help our customers tighten their 'full stack' security exposure before their business can be disrupted.
May 14, 2021   |  By Outpost 24
As zero trust moves higher up on the CISOs security agenda we’re hosting a webinar to discuss the pros and cons of adopting this new approach and how it can impact your team’s ability to remain agile, whilst protecting your business. As a recent study demonstrates, 34% of security breaches involved insiders in 2019 meaning CISOs are becoming more likely to consider zero trust and it should come as no surprise that many organizations are now eager to adopt a zero-trust security policy.
May 13, 2021   |  By Outpost 24
Join Outpost24 and 360 Trust Services experts to learn how you can tackle the growing cybersecurity threats, and secure your high availability operations and satisfied customers. Save your spot for a comprehensive webinar, as we will be presenting the latest security products and services offerings, based on 20 years’ experience and accumulated expertise in cybersecurity, from vulnerability management, risk prioritization to driving a remediation culture.
Feb 3, 2021   |  By Outpost 24
Introduction to Pwn Pulse wireless network assessment
Feb 3, 2021   |  By Outpost 24
Connecting to Pwn Pulse Wireless threat detection solution
Feb 3, 2021   |  By Outpost 24
Starting wireless threat detection with Pwn Pulse
Oct 9, 2020   |  By Outpost 24
More and more companies choose to migrate to a Cloud infrastructure to take advantage of new resources, an elastic storage power and agile deployment, nevertheless IT professionals are not always trained to secure these new technologies. Like traditional infrastructures, a public Cloud infrastructure services requires the implementation of security measures and controls by their users. Enterprises must adapt their security policy to these new technologies to reap the Cloud benefits without increasing their cyberattacks exposure area.
Oct 9, 2020   |  By Outpost 24
Web app attacks remain the #1 vector exploited in successful breaches. With agile development, apps run the risk of creating new vulnerabilities or perpetuating old ones on a weekly, daily, even hourly basis, security and risk managers need to step up a programmatic response. Fortunately there's a new, collaborative model for Appsec that organizations can operate in a mostly automated manner. Download our useful DevOps guide and learn how best to operationalize security testing in an agile process.
Oct 1, 2020   |  By Outpost 24
We surveyed over 200 security professionals at the 2020 RSA conference to delve deeper into the dangers of rogue access points and understand how security professionals are tackling wireless security. Our data highlights their main concerns and the key trends from IT and network security professionals on the wireless security frontline. Key findings in the 2020 Internet of Evil Things report: Download the 2020 IoET Report to uncover valuable wireless security insights to help protect your organization's network airspace in the future.
Oct 1, 2020   |  By Outpost 24
Cloud is the new fact of life for providing enterprise IT services. However, security professionals are left feeling unclear about the complexities surrounding cloud, shared responsibility and understanding where the cloud provider security tools from AWS, Azure and Google Cloud Platform are falling short.
Sep 1, 2020   |  By Outpost 24
Are you struggling to triage through tons of findings to identify the greatest threats and patch more effectively? You are not alone! With speed being the biggest challenge to effectively patch, this whitepaper looks at how existing prioritization works with CVSS scoring and how a risk based approach with machine learning can be applied to align corporate risk appetite and drive better decision making for optimal efficiency.

Effortlessly automate identification of web application, network infrastructure, wireless and cloud vulnerabilities with a risk based approach for fast remediation.

Over 2,000 customers worldwide trust Outpost24 to assess their devices, networks, applications, cloud and container environments and report compliance status. We serve leading organizations across a wide range of segments including financial services, government, healthcare, retail, telecommunications, technology, and manufacturing.

Full stack security scanning and penetration testing:

  • Single Platform, Total Coverage: Servers, endpoints, devices, switches, apps, clouds and containers. We got you covered in a single UI with risk based insights.
  • Developed by Ethical Hackers: It takes a hacker to stop a hacker. We built years of ethical hacking experience into our products and services for best vulnerabitity results.
  • Continuous Security Testing: Our tools work around the clock to automate scans and orchestrate security controls to protect you on a continual basis.

Complete vulnerability and security assessment.