Estamos muy agradecimos por recibir el día de ayer un reconocimiento en la feria
#MDTalent
en
@Ruta_N
por nuestro enfoque en internacionalización y búsqueda de clientes por fuera de Colombia. Recibió nuestro CTO Rafael Alvarez.
#WeHackYourSoftware
Today's a very special day for Fluid Attacks. April 9th marks the 20th anniversary of the first step in this amazing journey. We're proud of our accomplishments, victories, memories and failures. To many more years of hacking the world!🎉
#WeHackYourSoftware
We're ready to meet you at Fintech Nexus USA at Javits Center NYC. Visit us at booth 513 and let's chat about our Continuous Hacking Solution.
#fintech
#fintechnexus
#wehackyoursoftware
Our company in Colombia is part of more than 1,000 businesses in the country providing technology solutions to markets all over the world. These companies generate more than 120k jobs.
Today we celebrate 🎉 each of them for their contribution to society.
#LaClaveEsElSoftware
Este lunes 10 de Agosto 📅 acompáñanos en el IV Congreso de Informática Forense & Ciberseguridad de República Dominicana en la charla ¿Cómo desarrollar productos con velocidad sin sacrificar la seguridad?
#Pentest
#EthicalHacking
#SecurityTesting
#PruebasDeSeguridad
Our Research Team discovered a vulnerability in CyberArk Identity. It exposes the response header that contains predictable value ranges that can be used for user enumeration. ID CVE-2022-22700, dubbed “Porter.” More:
#CVE
#zeroday
We're ready to celebrate 200 years of diplomatic relations between the United States and Colombia in Washington D.C. Our chairman and co-founder, Mauricio Gomez, represents Fluid Attacks on this special occasion.
#WeHackYourSoftware
#cybersecurity
#appsec
#redteam
#pentest
Our research team found a critical vulnerability in Badaso v2.6.3. An unauthenticated remote attacker can execute arbitrary code remotely on the server. ID
#CVE
-2022-41705, dubbed “Headhunterz.” Exploit:
#WeHackYourSoftware
#zeroday
#redteam
#devsecops
#Blog
📝| The implementation of
#DevSecOps
requires a radical transformation in the ways of thinking and acting concerning security and how it's integrated into the software development and delivery processes. Read more 🔗
#WeHackYourSoftware
#cybersecurity
Thank you
@fluidattacks
for joining the Foundation as a Corporate Member! We are excited to have your support and look forward to working with you and your team.
#owasp
#appsec
#corpmember
#MeetupLatam
📢 Los invitamos a nuestro primer meetup del año: ¿Cómo superar Burp Suite Certified Practitioner (Examen de Práctica en Vivo)? Miércoles 19 de Enero, presentado por Andrés Roldán.
Link de registro 👉🏻🔗
#meetup
#latam
#cybersecurity
It's trainning day at Fluid Attacks! Today, we had part of our hacking team reviewing our good practices that allow us to deliver daily value to our clients.
#cybersecurity
#redteam
#wehackyoursoftware
The
#OSCP
exam is one of the hardest certifications out there for pentesters. Many people take this exam to test their
#pentesting
skills, but most of them don’t pass it on the first attempt. Here are some tips to practice before taking the test.
#CyberSecurity
#EthicalHacking
👨🏻💻
#Webinar
📢 We'll show you how the development and management teams approach remediation based on the type of tested system and severity of vulnerabilities.
Register here for English Version:
Register here for Spanish Version:
#LATAM
| Los invitamos a la charla ¿Cómo Desarrollar Productos con Velocidad sin Sacrificar la Seguridad?
#ITNOWLive
de
@revistaitnow
, este 20 de agosto a las 3:00 p.m. (GMT-5) / 2:00 p.m. (GMT-6). Registro completamente gratuito➡️
#CyberSecurity
Our research team found a
#zeroday
vulnerability in the
#Android
private messenger app Session v1.13.0. It allows an attacker with physical access to the victim's device to bypass the app's fingerprint lock. ID
#CVE
-2022-1955, dubbed “Tempest.” Exploit:
"And the award for Best Cybersecurity and Fraud Management Provider goes to...Fluid Attacks!"
We are happy to be recognized by Bancolombia as the best provider in the Cybersecurity category.
#wehackyoursoftware
#cybersecurity
#redteam
Nos encontramos en el Business Deck del MDE Tech Fest 2022 en donde contamos cómo nació Fluid Attacks, de dónde venimos, nuestra filosofía y cómo nuestra solución de Hacking Continuo ayuda a asegurar los sistemas de nuestros clientes
#WeHackYourSoftware
Nos encontramos en el II Congreso Internacional de
#Ciberseguridad
y Prevención de Fraudes en Panamá. Los invitamos a visitar nuestro booth para que conozcan más sobre nosotros y nuestra solución de Hacking Continuo Integral. Estamos ubicados en el Stand N° 6.
#WeHackYourSoftware
Nos encontramos con
@guatefintech
en nuestra charla Rompiendo Build: Hábitos
#DevSecOps
. En Fluid Attacks ayudamos a nuestros clientes a gestionar sus riesgos de
#ciberseguridad
, asegurando que los sistemas que son críticos para sus operaciones sean seguros para sus usuarios.
Our research team found a
#zeroday
vulnerability in Keep My Notes v1.80.147. It allows an attacker with physical access to the victim's device to bypass the application's password/pin lock. ID
#CVE
-2022-1716, dubbed “Tyler.” Exploit:
#WeHackYourSoftware
Asiste a la charla
#OSINT
: Herramientas para hackers que todos podemos usar, presentada por Andrés Roldán en el
#DOJOConf2022
, este sábado 30 de julio a la 1:30 p.m. hora Panamá. Para más información y registro, da click aquí 🔗
#WeHackYourSoftware
En este
#meetup
, conocerás todos los detalles del Black Hat 2022, tips para aprovechar al máximo el evento, y nuestras charlas favoritas. Además compararemos el
#BlackHat
con otros grandes eventos de ciberseguridad. Regístrate aquí 🔗
#WeHackYourSoftware
Acompáñennos en el panel Retos y Oportunidades Para la Protección de la Información en la Era Del Trabajo Remoto en el
#CLAB2021
en donde nuestro chairman y co-founder, Mauricio Gómez, será panelista. Link de registro: 🔗
#WeHackYourSoftware
@felabanonline
Our Research Team discovered a zero-day vulnerability in Exponent CMS. An authenticated non-admin user can inject persistent JavaScript code and compromise the session of an admin user. ID CVE-2022-23049, dubbed “Cobain.” More:
#CVE
#zeroday
Our research team found a high severity
#zeroday
in Joplin. An attacker can abuse this app’s improper validation of the schema/protocol of existing links in .md files to achieve RCE. ID
#CVE
-2022-40277, dubbed “Skrillex.” Exploit:
#WeHackYourSoftware
We've got your back!
If you are currently a client of Fluid Attacks on the Machine or Squad plans, you can rest easy. Our technology can report to you which of your systems are using vulnerable versions of Log4j.
#log4j
#cve
#java
#cybersecurity
#wehackyoursoftware
Fluid Attacks is authorized by the
#CVE
Program as first
#CNA
(CVE Numbering Authority) in Latin America and will operate within the category of Vulnerability Researchers. Currently, there are 168 organizations in 28 countries around the world acting as CNAs.
#WeHackYourSoftware
Even though the
#OSCP
exam is really important, the
#OSCE
exam, an advanced
#PenetrationTesting
certification focused on exploit development is kind of the next step for
#pentesters
who achieve the OSCP certification. Here some tips to help you pass the exam.
*music by
@icons_8
#MeetupLatam
📢 Los invitamos a nuestro meetup del mes de abril: ¿Cómo certificarse
#PNTP
(Practical Network Penetration Tester)? Miércoles, 20 de abril, por
@andresroldan
, Offensive Team Leader de Fluid Attacks.
Link de registro 👉🏻🔗
#WeHackYourSoftware
Did you know that 77% of our continuous hacking projects have vulnerabilities with high or critical severity?
Check our State of Attacks Report 2020 and gain more insights about vulnerability management. 🔗
#hacking
#devsecops
#pentest
#devops
#pentest
#MeetupLatam
📢 Los invitamos a nuestro meetup del mes de abril: ¿Cómo certificarse
#PNTP
(Practical Network Penetration Tester)? Miércoles, 20 de abril, por
@andresroldan
, Offensive Team Leader de Fluid Attacks. Link de registro 👉🏻🔗
#WeHackYourSoftware
Our Research Team discovered a zero-day vulnerability in PartKeepr that results in SSRF. As a CNA, we assigned the ID CVE-2022-22702 and dubbed it “Joplin” in honor of the talented Janis Joplin. Read the details here: .
#CVE
#cybersecurity
#zeroday
We were at the Arsenal tool demos during Black Hat 2022 USA for a demonstration of Makes, an open-source, production-ready framework for building CI/CD pipelines and application environments. Check out Makes 🔗 🦄
#WeHackYourSoftware
#blackhatUSA2022
Estamos listos en el congreso Cybersecurity, Financial & Government, edición Ecuador. Visítanos en el stand
#2
para conocer más sobre cómo nuestra solución de Hacking Continuo puede ayudar a la seguridad de los sistemas de tu compañía
#WeHackYourSoftware
Our research team found a medium-severity vulnerability in Rushbet v2022.23.1-b490616d. A remote attacker can steal customer accounts through a malicious application. ID
#CVE
-2022-4235, dubbed “Miller.” More:
#WeHackYourSoftware
#cybersecurity
#pentest
A group of academics from Northeastern University and KU Leuven has disclosed a design flaw in the IEEE 802.11
#WiFi
protocol standard, impacting a wide range of devices running
#Linux
,
#FreeBSD
,
#Android
, and
#iOS
. Read more 🔗
#WeHackYourSoftware