Bishop Fox Blog

The COVID-19 news has many more office workers in the United States working remotely as we all adhere to the social distancing recommendations put forth to reduce the spread of …

Read Story

We recently covered the most up-to-date list of OWASP Top 10 vulnerabilities. In subsequent future posts, we’ll be discussing some of those more prominent vulnerabilities in a little more depth …

Read Story

In late 2019, a new critical-severity vulnerability began to threaten widely used Citrix appliances. While the security community explored the issue and businesses scrambled to learn if they were exposed, …

Read Story

For the past three years, the Bishop Fox engineering team has been tackling a number of emerging challenges in the offensive space and developing technology that amplifies their security capabilities …

Read Story

2019 (like so many years before it) has been full of noteworthy CVE releases from both independent researchers and organizations. As we end this year and start a new one, …

Read Story

In 2018, Spencer Gietzen identified 21 methods across various AWS services that could lead to privilege escalation. Since then, I’ve often referred to Spencer’s article during engagements as I look …

Read Story

From the perspective of working at a security consultancy, a few of the things that we are grateful for this holiday season are: copious supplies of cold brew coffee, hacking …

Read Story

In honor of today being the spookiest day of the year, we decided to share some especially scary stories from the cybersecurity crypt. Some of these stories reflect the work …

Read Story

A spellcheck dictionary built from the word list of our Cybersecurity Style Guide. Download it on GitHub now. Default spellcheck dictionaries do not include the niche technical terms that most …

Read Story

Subscribe by Email