Bishop Fox Blog

A space dedicated to sharing our thoughts on the latest cybersecurity news, trends, and threats


Subscribe to Blog via Email

Popular Posts:

A Guide to AWS S3 Buckets Security

Download our corresponding how-to guide here

The Threat of Poor AWS S3 Buckets Security

If your organization uses Amazon Web Services (AWS), it is extremely important to understand AWS S3 buckets security. Configuring your S3 buckets the right way can mean the difference between business as usual and nearly catastrophic data leaks. If you’ve noticed in the past few years, AWS S3 data leaks are not uncommon – and it’s fairly probable that your organization is not immune to them. They have affected high-profile organizations like Verizon, Accenture, and several others in recent memory.

WPA3 Is a Major Missed Opportunity: Here's Why

Recently, the Wi-Fi Alliance officially announced details for the WPA3 security standard, which includes a brand-new protocol: the “Enhanced Open” network. While this new technology will represent an improvement to how open networks are done today, I believe that it’s a missed opportunity to offer some real security in one of the most common Wi-Fi use-cases.

Burp, Collaborate, and Listen: A Pentester Reviews the Latest Burp Suite Addition

Portswigger is back with a brand new invention

The newest addition to the much beloved Burp Suite, Collaborator, allows penetration testers to observe external resource interactions in their targets, especially those triggered through blind injection. It works by hosting an instance that listens for and reports HTTP and DNS requests to the Burp application.