Bishop Fox News & Articles

Dark Reading - h2c Smuggling: A New 'Devastating' Kind of HTTP Request

Intigriti - Bug Bytes: HTTP Request Smuggling Via HTTP/2

Hackaday - Security This Week: Racoons in My TLS, Bypassing Frontends, and Obscurity

Security Magazine - 5 Minutes With Daniel Wood

PortSwigger - Zamzar Springs to Action to Quickly Resolve Web Security Flaws in API

Dark Reading - 7 Ways to Keep Your Remote Workforce Safe

CSO - Smogcloud

Threatpost - High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

SecurityWeek - Potentially Serious Vulnerability Found in Popular WYSIWYG Editor TinyMCE

PortSwigger - TinyMCE Suffers Big XSS Flaw

The CyberWire - Newsletter: Is This IoT App Safe to Drink?

Security Boulevard - 12 Hot Takes on How Red Teaming Takes Pen Testing to the Next Level

Built In Phoenix - 8 Phoenix Cybersecurity Companies to Know

The CyberWire - Newsletter: An Updated Guide to Do-It-Yourself Network Segmentation

Dark Reading - Block/Allow: The Changing Face of Hacker Linguistics

Dark Reading - 8 Cybersecurity Themes to Expect at Black Hat USA 2020

Podcast: Robot Downsizing - How the Ultimate Security Solution is Human

Ankur Chowdhary Interviewed by Security Weekly

Kelly Albrink Interviewed Regarding Shadow IT

PortSwigger - Librehealth Medical Records App Exposes Sensitive Patient Data

Dark Reading - Vulns in Open Source EHR Puts Patient Health Data at Risk

Security Boulevard - A Look at PAN-OS Versions with a Bit of R

TechRadar - Zoom CEO Sets Out What's Next for Privacy and Security

Computer Weekly - Zoom Making Progress on Cyber Security and Privacy, Says CEO

TechBeacon - Cloud Misconfigurations and Security: 5 Ways to Avoid Your Next Fail

PortSwigger - DigDash Fixes SSRF Flaw

Bishop Fox Named "Top Company to Work for in Arizona" for Seventh Consecutive Year

The Register - Connectwise Issues a Slightly Scary, but Unusually Significant Security Advisory

Dark Reading - 7 Must-Haves for a Rockin' Red Team

The CyberWire - Quantifying the Impact of Micro-Segmentation Report Highlighted

Dark Reading - Bishop Fox, Illumio Share Microsegmentation Research Findings

Security Boulevard - Illumio and Bishop Fox Release First-of-its-kind Test Report

PortSwigger - RMIScout: New Hacking Tool Brute-forces Java RMI Servers for Vulnerabilities

Bishop Fox and Illumio Demonstrate the Efficacy of Micro-segmentation

Bleeping Computer - Amtrak Resets User Passwords After Guest Rewards Data Breach

The CyberWire - Security Lessons From Hacker-Themed Board Games

Bishop Fox Wins Most Pioneering Offensive Security Firm 2020

ZDNet - Zoom to Revamp Bug Bounty Program, Bring in More Security Experts

Luta Security and Zoom

Wall Street Journal - Zoom Hires Security Heavyweights to Fix Flaws

PortSwigger - Latest Web Hacking Tools Q1 2020

PortSwigger - Twisted Programming Framework Stung by Request Smuggling Vulnerabilities

Dark Reading - Vulnerability Researchers Focus on Zoom App's Security

PortSwigger - GadgetProbe and Bug Bounties

Risky Business Information Security Podcast #574 - GadgetProbe

Pentester Land Newsletter - How To Write Like It’s Your Job

Mashable - Major Domain Name Bug Allowed Hackers to Register Malicious Domains

SecurityWeek - A Zero-Day Homograph Domain Name Attack

Breaking Badness Podcast - The Human Element with Brianne Hughes

Security Boulevard - Researcher Discovers Zero Day Vulnerability Using Homoglyph Characters

BleepingComputer - Zero-Day Bug Allowed Attackers to Register Malicious Domains

PortSwigger - GadgetProbe: New Tool Simplifies the Exploitation of Java Deserialization Vulnerabilities

Dark Reading - What Your Company Needs to Know About Hardware Supply Chain Security

MSSP Alert - Bishop Fox Unveils Continuous Testing Managed Security Service

Yahoo Finance - Bishop Fox Introduces First-of-its-Kind Continuous Attack Surface Testing Managed Security Service

SecurityWeek - RSA Conference 2020: Product Announcement Summary

Bishop Fox Wins Three 16th Annual Info Security Products Guide Awards

Bishop Fox Wins Three Cyber Defense Magazine InfoSec Awards for 2020

Bishop Fox Introduces First-of-its-Kind Continuous Attack Surface Testing Managed Security Service

Vinnie Liu Wins a Cybersecurity Professional of the Year Award

Pentester Land Newsletter - Dufflebag

Business of Tech Podcast - Huntress Labs Discusses Disclosures

Channele2e - ConnectWise Control: Bishop Fox and ConnectWise Perspectives

Channel Futures - Wake-Up Call: What the ConnectWise Control Security Vulnerabilities Mean

Lawrence Systems - Video: ConnectWise Control Disclosure by Bishop Fox

TIME - Should You Reconsider Using WhatsApp After the Jeff Bezos Hack?

Tech Decisions - ConnectWise Works To Resolve Vulnerabilities Identified By Testing Firm

The CyberWire - ConnectWise Adivisory Coverage

CRN - ConnectWise Control Security Issues Are Tip of Iceberg

DarkReading - Eight Flaws in MSP Software Highlight Potential Ransomware Vector

Huntress Labs - Validating the Bishop Fox Findings in ConnectWise Control

CRN - ConnectWise Exploit: 20 Questions For A Security Researcher

CRN - ConnectWise Control Security Vulnerabilities Are ‘Severe'

Ars Technica - Inside TASBot’s effort to control the Nintendo Switch

SecurityWeek - High Risk Vulnerabilities Addressed in Big Monitoring Fabric

PortSwigger - High Risk Vulnerabilities Found in Network Traffic Monitoring Tool

Vice - Hackers Discuss the 'Mr. Robot' Series Finale

PortSwigger - Telerik UI for ASP.NET AJAX Vulnerable to RCE Attacks

Dark Reading - Get Organized Like a Villain

CSO - You Just Got Hacked…By a Drone?

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 8: ‘Request Timeout’

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 7: ‘Proxy Authentication Required’

Popular Mechanics - How SMS Works and Why You Shouldn't Use It

Bishop Fox Acquires SoNeMo Technologies; Founder Joins Barcelona Office

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 5: 'Method Not Allowed'

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 4: 'File Not Found'

I Programmer - Cyber.dic - Spellchecking For Tech Terms and Acronyms

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 3: 'Forbidden'

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 2: 'Payment Required'

Bishop Fox Wins Acquisition International's Best Penetration Testing Specialists Award

Vice - A Roundtable of Hackers Dissects 'Mr. Robot' Season 4 Episode 1

Duo Security - How to Monitor GitHub for Secrets

Business Insider - Bishop Fox Wins "Web Filtering and Control Solution of the Year" Award

Bishop Fox Wins “Web Filtering and Control Solution of the Year” Award

Dark Reading - 6 Best Practices for Performing Physical Penetration Tests

Ed Leichtnam Joins Bishop Fox as Associate VP of Project Management

Jamie Fiedrich Joins Bishop Fox as VP of IT Operations

AZ Big Media - Jackie Todd and Mark Pavlick Join Bishop Fox

Mark Pavlick Joins Bishop Fox as Head of Sales

Help Net Security - Red Teaming: Why a Forward Offense is the Best Defense

Consulting.us - Bishop Fox Appoints Two Associate VPs

MSSP Alert - Bishop Fox Discovers Medical Equipment Vulnerability

Bishop Fox Researchers Discover High-Risk Vulnerability in OpenEMR

Business Insider - Jackie Todd Joins Bishop Fox as Assciate VP of Resource Management

Jackie Todd Joins Bishop Fox as Associate VP of Resource Management

GrowthList - 20 Cyber Security Startups You Should Get To Know

DigitalMunition - Joe Sechman Joins Bishop Fox as Associate VP of Product Research and Development

ZigDiggity Featured in Bug Bytes

Joe Sechman Joins Bishop Fox as Associate VP of Product Research and Development

TechBeacon - Weaponized Machine-Learning Tool Adds Punch to Pen Testing

Enterprise IT News - Tales of the Leaky Cloud

TechCrunch - What Security Pros Need to Know from Black Hat and Def Con 2019

Security Boulevard - Amazon EBS Snapshots Exposed Leaking Sensitive Data, Security Analyst Reveals at Def Con 27

The Register - Study Probes the *Other* AWS Data Exposure Trap

TechCrunch - Hundreds of Exposed Amazon Cloud Backups Found Leaking Sensitive Data

Axios - Counter-Drone Defenses

Wall Street Journal - Capital One Breach Casts Shadow Over Cloud Security

Bishop Fox Introduces New Open-Source Hacking Tool for Testing ZigBee Networks at 2019 Black Hat Arsenal

Bishop Fox Introduces New AI-Based, Open Source Pentesting Tool at 2019 Black Hat Arsenal

Bishop Fox Uncovers Security Flaws in Mass Transit Mobile Apps

Bishop Fox Researchers Discover High-Risk Vulnerability in InterSystems Application

Kevin Brooks, CPA Joins Bishop Fox as Vice President of Finance

Ars Technica - BGP Event Sends European Mobile Traffic Through China Telecom

Bishop Fox Named a "Top Company to Work for" for Sixth Year in a Row

Steve Huffman Joins Bishop Fox Board of Directors

Help Net Security - Why It’s Time to Switch From IP to DNS

The CyberWire - Daily Briefing: May 22, 2019

Daniel Wood Joins Bishop Fox as Associate Vice President of Consulting

Insec World To Be Settled In Chengdu Permanently

Bill Carroll Joins Bishop Fox as Chief Operating Officer

The Cyberwire – Daily Briefing: May 1, 2019

Bishop Fox Sponsors Summercon 2019

Ken Green Joins Bishop Fox as Vice President of Product Management

Channelomics - Bishop Fox Adds Managed Security Leader

The Cyberwire - Daily Briefing: April 18, 2019

Jon Rose Joins Bishop Fox as Vice President of Managed Security Services

Crunchbase News - Investors Are Betting Early On Cybersecurity Startups

SC Magazine - The Bug Hall of Shame

Hackaday - WOPR: Security Loses Some of Its Obscurity

Back End News - Kaspersky Lab Teams Up with Cybersecurity Pros

ForgePoint Capital Promotes Will Lin to Partner

STE - How the Media Industry Can Achieve Security Success

Hackaday - First WOPR Summit Finds the Winning Move

SqR00t - Twist & Shout: Ferris Bueller’s Guide to Abuse Domain Permutations

Pulse 2.0 - Phoenix-Based Security Testing Company Bishop Fox Secures $25 Million

Nanalyze - What is Ethical Hacking? A Look at 3 Types of Startups

Help Net Security - Bishop Fox Raises $25 Million

AiThority - Bishop Fox Raises $25 Million from ForgePoint Capital to Accelerate Growth of Security Testing Services and Expansion of Research Initiatives

Phoenix Business Journal - Tempe Cybersecurity Firm Raises $25M

InvestSize - U.S. Bishop Fox Lands $25 Mln In Series A Round From ForgePoint Capital

FinSMEs - Bishop Fox Raises $25M in Series A Funding

VatorNews - Daily Funding Roundup - February 26th, 2019

Dark Reading - Bishop Fox Raises $25 Million from ForgePoint Capital to Accelerate Growth of Security Testing Services and Expansion of Research Initiatives

CityBizList - Bishop Fox Raises $25 Million from ForgePoint Capital

Fortune - Term Sheet, February 26

PE Hub - Bishop Fox Lands $25 mln Series A

Bishop Fox Raises $25 Million From Forgepoint Capital

Hackaday - Would You Like to Play a Game? WOPR Summit Is This Weekend

Cyware - Critical Vulnerabilities Spotted in the Amtrak Mobile Application

PC Magazine - Beef Up Security and Performance With Network Segmentation

NPR - Shutdown Makes Government Websites More Vulnerable to Hackers, Experts Say

WOPR Summit - Ham Hacks: Breaking Into Software Defined Radio

Vox - Marriott's Data Breach May Be the Biggest in History

Gizmodo - Dual UPnP-Chromecast Exploit Allows Hacker to Hijack Devices

Techradar - Chromecast PewDiePie Hack Exposes Long-Standing Unpatched Bug

The Hacker News - Thousands of Google Chromecast Devices Hijacked to Promote PewDiePie

TechCrunch - Google Sat on a Chromecast Bug For Years

Intigriti - The Best Write-Ups 2018 Brought Us

Dark Reading - Bringing Compliance into the SecDevOps Process

The Wall Street Journal - Marriott's Starwood Missed Chance to Detect Huge Data Breach Years Earlier

Threatpost - Google's G Suite, Search and Analytics Taken Down in Hijacking

The Register - Google, why was your web traffic hijacked, routed through China, Russia?

The Register - Yahoo! $50m! hack! damages! bill!

University of Advancing Technology - My Path to Security

SpecterOps - Open Source Intelligence Gathering

University of Advancing Technology - How To Get A Job Panel

The Arizona Mirror - Are Arizona Elections Safe From Hackers?

Phoenix Business Journal - Cybersecurity Experts Invited to Free Conference in Mesa

Arizona Republic - Fun Kids' Events Around Phoenix in September: CactusCon Kids

Arizona Republic - Mesa Event to Focus on Computer Basics, Internet Security

Forbes - Is Your Company Ready for a Bug Bounty Program?

Wickr & Bishop Fox Report on Customer Security Promises

Threatpost - Bishop Fox on Device Threats and Layered Security

Alexa Blog - Security Best Practices for Cloud-Connected Products with Alexa Built-In

2018 Pwnie Awards - Nomination for Best Client-Side Bug

AZ Cyber Talent - Cybersecurity Internships in Arizona

CSO - Duty of Care: Why [and How] Law Firms Should Up Their Security Game

Silent Break Security - ESPKey + Long Range RFID Reader = A New Tastic Thief

Peerlyst - SearchDiggity Tool - An easy way to Search Google, Bing and Shodan

Security Boulevard - Best Practices for Using Security Groups in AWS

Threatpost - Navigating an Uncharted Future, Bug Bounty Hunters Seek Safe Harbors

Dark Reading Virtual Event - Why Cybercriminals Attack

The Daily Swig - Formula Injection Heads Server-Side

AZCentral - Top Companies to Work for in Arizona

Bishop Fox Named a "Top Company to Work" for Fifth Consecutive Year

PR Web - ioTium Partners with Bishop Fox for IIoT Infrastructure Security

Chicago Manual of Style - Brianne Hughes Talks About The Cybersecurity Style Guide

Naked Security - Half a Million Pacemakers Need a Security Patch

Threatpost - A Look Inside: Bug Bounties and Pen Testing

Computer Business Review - Heart Implants Recalled Over Hack Fears