Site Map

Pages

• About Us
• Attack Surface Management Platform (OOC)
• Careers
• Contact us
• Cyber Breach Attack Simulation Services
• Cyber Risk Gap
• Ethical Hacking Services
• Homepage
• Incident Response Services
• Insider Threat detection
• IT Infrastructure Penetration Testing
• Log In
• Newsletter
• Password Strength Testing
• Penetration Testing Services
• Phishing Attack Simulation
• Physical Cyber Attack Services
• Pricing
• Privacy Policy
• Ransomware Attack Simulation
• Red Team Services
• Resources
• Site Map
• Social Cyber Attack Services
• Thank you
• Vulnerability Scanning Services
• Web Application Security Testing

Posts

Blog

• What is endpoint security and why is it important?
• What is Cross-Site Scripting (XSS) and how do you prevent it?
• Multi-Factor Authentication (MFA): what you need to know
• What is a Man-in-the-Middle (MitM) attack?
• What are brute force attacks?
• What is an eavesdropping attack?
• What is DNS and how does it work?
• What is smishing and how do you prevent it?
• What is spear phishing and how do you prevent it?
• Why red team exercises should be included in your company’s supply chain defense strategy
• What is a SQL injection (SQLi) attack and how can you prevent them?
• What is malware and how can you prevent it?
• What is phishing and how can you prevent it?
• AI voice impersonation: voice-based authentication just got owned
• What is a firewall?
• What is ransomware and how do you prevent it?
• What is penetration testing and why is it important?
• What is social engineering in cybersecurity?
• What is ethical hacking?
• Red teaming: everything you need to know
• The risks, impact, and benefits of using AI generated content
• Security fatigue
• XSS – It’s not just “alert(1)”
• Avoiding the Cyber Risk Rollercoaster
• CovertSwarm is now ISO 27001 and ISO 9001 accredited
• ChatGPT in the wrong hands….
• ALERT – Critical Microsoft Outlook bug Actively Exploited
• Simplify your vulnerability management workflow in Jira
• Introducing Will Morrish, CovertSwarm Chief Revenue Officer
• Password cracking: what it is and how it works.
• Enhance team cyber collaboration with our new Slack integration
• Julio Taylor joins CovertSwarm board as Chief Marketing Officer
• Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
• Winners of the CISO Choice Awards ‘Breach & Attack Simulation Service Provider’
• One Hive Member’s insights into how and why our industry should change
• We’re Security Current’s 2022 CISO Choice Awards Finalists!
• FortiOS / FortiProxy / FortiSwitchManager – Authentication Bypass (CVE-2022-40684)
• Critical Zero-Day Vulnerability in Microsoft Exchange
• Unauthenticated Remote Code Execution in Magento 2 and Adobe Commerce Systems (CVE-2022-24086)
• Pentest from your pocket with Flipper Zero
• Critical vulnerability identified in WordPress plugin “BackupBuddy”: (CVE-2022-31474)
• DEF CON 30: what we learned (and how it helps you)
• Working at CovertSwarm: Our First Intern
• Critical RCE in DrayTek Routers (CVE-2022-32548)
• Why a cyber value proposition should be part of your business strategy
• Critical vulnerabilities identified in VMware products (CVE-2022-31656)
• DEF CON 30: what it is and where to find us
• What’s it like to work at CovertSwarm?
• Exploiting Microsoft Windows 11 via Process No-Hollowing
• Working at CovertSwarm: One Hive Member’s Experience
• Continuous offensive security – How does it all work?
• The Tiber EU Framework: What is it and why is it important?
• The Internet of Things: Securing the Hidden Attack Surface of Your Home
• Zero-day vulnerability in Microsoft Office – Follina
• Diary of a Cyber Attacker
• CovertSwarm Inc. launched in North America
• CovertSwarm supports BBC to advise social media account hijack victims
• Video: Zero-Day Exploitation From A Bad Actors Perspective
• Multiple Windows Zero-Days Identified (CVE-2022-24521, CVE-2022-26904 and CVE-2022-26809)
• Zero Day Vulnerability Identified In Java Spring Framework – CVE-2022-22965 (Spring4Shell)
• Remote Code Execution Vulnerability In Veeam Backup & Replication – CVE-2022-265 & CVE-2022-26501
• Video: Your Best Defence is Your Worst Enemy – Rethinking Your Cyber Security Strategy.
• Critical Root Privilege Escalation Vulnerability Alert In Linux – CVE-2022-0847
• Who are CovertSwarm?
• CovertSwarm – Dundee and Angus College Curriculum Partner
• Introducing CovertSwarm – The Podcast
• Zero Day Vulnerability Identified In Magento 2 And Adobe Commerce (CVE-2022-24086)
• The emerging crisis in Ukraine
• 0-day Vulnerability In Horde Webmail Email System
• Authentication Bypass/Instance Takeover Vulnerability via Zabbix Frontend – CVE-2022-23131
• Critical RCE Vulnerabilities in WordPress Plugin PHP Everywhere
• Privilege Escalation Vulnerability in Windows Print Spooler – CVE-2022-22718
• Critical Vulnerability Alert in Samba – CVE-2021-44142
• Demonstration of remote root via Log4Shell and PwnKit attack chain
• Critical 0-day vulnerability in Polkit pkexec component
• CovertSwarm appoints Luke Potter as Chief Operating Officer
• Log4Shell RCE: Critical Zero Day Security Vulnerability
• Password Policy Best Practices 2022
• Office 365 Security Best Practices
• What is Penetration Testing as a Service (PTaaS)?
• Pentesting is DEAD.
• CovertSwarm collaborates with BBC on Instagram Scam investigation
• What is Vishing?
• CovertSwarm assists BBC with telephone ‘number spoofing’ investigation
• The Challenges of ethical hacking
• How to Become a Cyber Security Consultant
• How Secure are TPM Chips?
• Improving Internal Cybersecurity Engagement – Q&A
• New Styles of Cyber Attack Detected against Businesses & Supply Chain Partners
• Is your Penetration Testing Program delivering the value you expect to your business?
• Rattle the lock on your SOC’ – Time to constantly test your Security Operations Centre
• Rattle the lock on your SOC
• Red Team vs. Blue Team
• Is your Security Operations Centre awake? Your adversaries are. And so are we.
• Accelerate your cybersecurity posture with a CovertSwarm of security professionals
• Are you a Cyber Rebel?
• As A Service’ (AAS) Overload – Providing Context to ‘AAS’ in Cybersecurity
• The cyber risk of high-velocity product development
• Annual Penetration Testing is no longer enough
• Simplify your jira vulnerability management workflow

CovertSwarm Threat Alert

Glossary

• MFA Bombing
• What is Fingerprinting in Ethical Hacking?
• What is an Application-level Attack?
• What is Intrusive Penetration Testing?
• What is Wi-Fi Penetration Testing?
• What is an API Test?
• Application Penetration Testing
• DevOps vs DevSecOps
• What is Fuzzing in Hacking?
• Malicious Code
• Retail Penetration Test
• What is Session Hijacking?
• Sniffing Attack
• What Does SDLC Mean?
• CEH Certification
• What is Enumeration in Cyber Security?
• What is a Network Penetration Test?
• What is Penetration Testing Software?
• What is a Computer Worm?
• Red Teaming vs Penetration Testing
• What is the Information Security CIA?
• Is Linux Good for Ethical Hacking?
• Is Open Source or Proprietary More Secure?
• Can You Pentest AWS?
• What is Broken Authentication?
• What is a Physical Penetration Test?
• Why is Python Used for Hacking?
• What is a False Positive in Cyber Security?
• Internal vs External Pen Testing
• What is Nmap in Cyber Security?
• What is an OSCP Penetration Test?
• What is PCI Pen Testing?
• What is an Android Pentest?
• What is Cloud Pentesting?
• What are the Best Laptops for Pen-testers?
• What is CREST Certification?

News

• TechRound names CovertSwarm among the Top 20 Cybersecurity companies
• CovertSwarm launches in-house Academy Program
• We’re joining the Badge Life Movement: Discover the CovertSwarm Badge at DEF CON 31
• Covertswarm secures investment from beech tree private equity
• CovertSwarm revolutionizes Attack Surface Management with launch of free Offensive Operations Center
• SteelCon 2023: diary of a conference goon
• CovertSwarm Hive member, Dario Tejada, shares knowledge to Spanish cybersecurity community
• CovertSwarm appoint former ITV.com MD as Chairman of the Board
• Zero-day vulnerability in Atlassian Confluence
• Video: An Ethical Hacker’s View on your Security (London CTOs)
• CovertSwarm Gains Further Accreditation with CREST STAR
• CovertSwarm Achieves CREST Accreditation
• An introduction to Constant Cyber Attack
• CovertSwarm launches Offensive Operations Centre

Technology

• The trials and tribulations of secure software development
• Improving organisational awareness with enhanced Automated Reconnaissance
• Discovering and identifying change to your organisation’s attack surface
• CovertSwarm: How our technology helps you

Case Studies

• Alice (and Bob) in Blunderland
• Taking Privilege to Another Level
• The Luxembourg Job

Vacancies

• Software Developer
• Hive Member – Red Team
• Hive Team Leader

Podcasts

• Episode 17 – The moving security goalpost with Todd Wade
• Episode 16.5 – Defcon 2023 special, live from Las Vegas
• Episode 16 – Challenging the Attack Surface Management industry with special guest Adam Govier
• Episode 15 – Information Security Management with Special Guest Frankie Gallop from Provention
• Episode 14 – Threat Intelligence with special guest Haroon Mahmood
• Episode 13 – Data privacy and security with special guest Ulrika Dellrud
• Episode 12 – SwarmCon special
• Episode 11-Introducing Dominic Cameron, Chairman of the Board, CovertSwarm
• Episode 10- Introducing Will Morrish
• Episode 9- A new standard approach
• Episode 8- It’s time for a change
• Episode 7- PCI DSS 4.0 & Mitigating Skimming Attacks
• Episode 6- My First DEF CON
• Episode 5 – DEF CON 30 Special, Las Vegas
• Episode 4- Are You Thinking About Cyber The Right Way?
• Episode 3- How To Get Into The Cyber Industry
• Episode 2- The Crisis In Ukraine
• Episode 1- Why The Penetration Testing Industry Needs To Change