Site Map

Pages

• About Us
  • Attack Surface Management Portal
  • Certifications & Accreditations
• ARTIFICIAL INTELLIGENCE. REAL RISK.
• ARTIFICIAL INTELLIGENCE. REAL RISK.
• Awards & Recognition
• BA
  • Finance
  • SaaS
  • Telecoms
• Beneath the Chain
• Contact us
• Continuous Red Teaming
• Continuous Security Testing
• Continuous Security Testing
• Cookies Policy
• Cyber Risk Gap
• Disclosure Policy
• Events
• FS
• GS
  • Contact Us
• Hall Of Fame
• Homepage
• Inside the Spider
• Legal Documents
• Log In
• Newsletter
• Pricing
• Privacy Policy
• Privacy Policy June 2023- Archived
• Privacy Policy March 2024 – Archived
• Resources
• RISE AGAINST THE MACHINE
• RSA 2025
• Services
  • Breach and Attack Simulation Services
  • Constant Cyber Attack Subscription
  • Ethical Hacking Services
  • Insider Threat detection
  • IT Infrastructure Penetration Testing
  • Password Strength Testing
  • Pen Testing Services
  • Phishing Attack Simulation
  • Physical Cyber Attack Services
  • Ransomware Attack Simulation
  • Red Teaming
  • Regulatory and Compliance testing
  • Social Engineering
  • Vulnerability Scanning Services
  • Web Application Security Testing
• Site Map
• Solutions
  • Crypto
  • Finance
  • Healthcare
  • SaaS
• Thank you
• TOGETHER, WE’RE THE SWARM
• you found us.
• Careers thank you

Posts

CovertSwarm Threat Alert

• SWARM INTELLIGENCE: BadSuccessor
• Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516

Glossary

• What Is Constant Cyber Attack?
• Cybersecurity Glossary
• What is Breach and Attack Simulation (BAS)?
• What is vulnerability scanning and why is it important?
• What is web application security, and why is it important?
• What is attack surface management and how does it work?
• What is a purple team in Cyber Security?
• What are insider threats and how do you prevent them?
• Incident response: a comprehensive guide
• What is IT infrastructure, and why is it important?
• What’s the difference between red teaming and penetration testing?
• What’s the difference between a red team and a blue team?
• What is patch management and what are the benefits?
• Digital Forensics and Incident Response (DFIR): the ultimate guide
• Denial of Service (DoS) attacks: a complete guide
• What are evil twin attacks and how do you prevent them?
• What is fuzzing and how does it work?
• What is API testing?
• What is email spoofing?
• What is an IDS (Intrusion detection system)?
• Vishing: everything you need to know
• What is Kerberos authentication?
• What Does SDLC Mean?
• What is endpoint security and why is it important?
• What is Cross-Site Scripting (XSS) and how do you prevent it?
• Multi-Factor Authentication (MFA): what you need to know
• What is a Man-in-the-Middle (MitM) attack?
• What are brute force attacks?
• What is an eavesdropping attack?
• What is DNS and how does it work?
• What is smishing and how do you prevent it?
• What is spear phishing and how do you prevent it?
• What is a SQL injection (SQLi) attack and how can you prevent them?
• What is malware and how can you prevent it?
• What is phishing and how can you prevent it?
• What is a firewall?
• What is ransomware and how do you prevent it?
• What is penetration testing and why is it important?
• What is social engineering in cybersecurity?
• What is ethical hacking?
• Red teaming: everything you need to know
• MFA Bombing
• What is password cracking and how does it work?
• Winners of the CISO Choice Awards ‘Breach & Attack Simulation Service Provider’
• One Hive Member’s insights into how and why our industry should change
• We’re Security Current’s 2022 CISO Choice Awards Finalists!
• FortiOS / FortiProxy / FortiSwitchManager – Authentication Bypass (CVE-2022-40684)
• Critical Zero-Day Vulnerability in Microsoft Exchange
• Unauthenticated Remote Code Execution in Magento 2 and Adobe Commerce Systems (CVE-2022-24086)
• Pentest from your pocket with Flipper Zero
• Critical vulnerability identified in WordPress plugin “BackupBuddy”: (CVE-2022-31474)
• DEF CON 30: what we learned (and how it helps you)
• Working at CovertSwarm: Our First Intern
• Critical RCE in DrayTek Routers (CVE-2022-32548)
• Why a cyber value proposition should be part of your business strategy
• Critical vulnerabilities identified in VMware products (CVE-2022-31656)
• DEF CON 30: what it is and where to find us
• What’s it like to work at CovertSwarm?
• Working at CovertSwarm: One Hive Member’s Experience
• CONSTANT offensive security – How does it all work?
• The Tiber EU Framework: What is it and why is it important?
• The Internet of Things: Securing the Hidden Attack Surface of Your Home
• What is Fingerprinting in Ethical Hacking?
• What is an Application-level Attack?
• What is Wi-Fi Penetration Testing?
• Application Penetration Testing
• What is Penetration Testing as a Service (PTaaS)?
• What is Intrusive Penetration Testing?
• Office 365 Security Best Practices
• Sniffing Attack
• DevOps vs DevSecOps
• What is Session Hijacking?
• Retail Penetration Test
• CEH Certification
• Malicious Code
• What is a computer worm and how do you prevent them?
• What is Enumeration in Cyber Security?
• What is a Network Penetration Test?
• What is Penetration Testing Software?
• Is Open Source or Proprietary More Secure?
• Can You Pentest AWS?
• What is Broken Authentication?
• What is the Information Security CIA?
• Is Linux Good for Ethical Hacking?
• What is a Physical Penetration Test?
• Why is Python Used for Hacking?
• Internal vs External Pen Testing
• What is PCI Pen Testing?
• What is a False Positive in Cyber Security?
• What is Cloud Pentesting?
• What is an OSCP Penetration Test?
• What is Nmap in Cyber Security?
• What are the Best Laptops for Pen-testers?
• What is an Android Pentest?
• What is CREST Certification?
• Simplify your jira vulnerability management workflow

Inside the Swarm

• iNTERCEPT – How A Small RF Experiment Turned Into A Community SIGINT Platform

News

• Dynamic Attack Surfaces: The Professional Sports Problem
• Claude Jailbroken To Attack Mexican Government Agencies
• Jayson E Street Joins CovertSwarm
• What Moltbook reveals about AI agent security
• Cloud security vulnerabilities: the unpatchable risks hiding in your SaaS stack 
• SOC Testing: Turning Your Security Operations Centre into a Continuous Learning Engine
• Why I founded CovertSwarm after annual pen tests failed me
• When a former UK Government cyber operations chief says AI is “limitless” in Offensive Security, we should pay attention
• CovertSwarm welcomes Jim Jordan as Head of Sales for the U.S. Division 
• CovertSwarm Welcomes James Smith as Hive Leader, Expanding Operational Technology Security Expertise
• Weaponized patience: the strategic implications of the F5 breach
• Part 3: CBEST Series – The Future of Threat-Led Penetration Testing
• Prime Day Scams – How Attackers Exploit Trust and Urgency
• Offensive Security Is No Longer Optional
• AI: The Great Equalizer in Cyber Offense
• Part 2: CBEST Series – Operational Resilience
• Part 1: CBEST Series – Beyond the Checklist
• Billy Giles joins CovertSwarm as Head of Adversary Simulation for North America
• Anatomy of a Breach: Inside the Modern Retail Attack
• CovertSwarm named a Sunday Times 2025 Best Place to Work 
• CovertSwarm Achieves ISO 22301 Certification
• CovertSwarm Ranks #23 on Clutch 100 Fastest-Growing Companies in 2025
• CovertSwarm Achieves Prestigious CBEST Accreditation
• Julio Taylor joins CovertSwarm as CMO
• Beware of Recruitment Scammers Impersonating CovertSwarm 
• CovertSwarm welcomes Nick Dibbern as Chief Financial Officer
• James Dale joins CovertSwarm as Head of Adversarial Simulation Testing
• CovertSwarm Achieves STAR-FS Accreditation
• CovertSwarm Secures Spot in TechRound’s Top 100 for 2024 
• An In-Depth Guide to Remote Desktop Protocol (RDP) 
• Mitigating Credential Stuffing Attacks with IP Rotation: Strategies and Considerations 
• CovertSwarm at DEF CON 32: Insights from the Swarm
• How to Own DEF CON Like a Boss
• DEF CON 32: Discover the New CovertSwarm Badge
• Academy Launches Second Intake 
• Combining regulation with real-world security assurance: DORA and NIS2 
• CovertSwarm named by Clutch among Top 100 Fastest-Growing Companies
• The Sunday Times – Best Places to Work 
• Ellie Lancaster joins as Head of People and Culture
• Rishikesh Bhide joins CovertSwarm as Head of Engineering
• Louis Blackburn joins as Operations Director
• CovertBrew February Edition
• Discovering WordPress Vulnerabilities to Make it Safer
• Exploiting CVE-2023-5044 and CVE-2023-5043 to overtake a Kubernetes Cluster
• A journey into Badge Life
• Persistence Attack in Active Directory: The Golden Ticket Attack
• Our first Employee Net Promoter Score in review
• CovertSwarm named on the Startups 100 Index
• CovertSwarm strengthens leadership team with three key senior appointments
• We’ve been named a CISO Choice Awards finalist
• Web application vulnerability Scanning, in the palm of your hands
• How to create a strong password and essential best practices
• How to become an ethical hacker
• CovertSwarm Named Top UK Cybersecurity Firm by TechRound
• CovertSwarm launches in-house Academy Program
• We’re joining the Badge Life Movement: Discover the CovertSwarm Badge at DEF CON 31
• Covertswarm secures investment from beech tree private equity
• CovertSwarm revolutionizes Attack Surface Management with launch of free Offensive Operations Center
• Why red team exercises should be included in your company’s supply chain defense strategy
• SteelCon 2023: diary of a conference goon
• CovertSwarm Hive member, Dario Tejada, shares knowledge to Spanish cybersecurity community
• The risks, impact, and benefits of using AI generated content
• Security fatigue
• XSS – It’s not just “alert(1)”
• CovertSwarm is now ISO 27001 and ISO 9001 accredited
• ChatGPT in the wrong hands….
• ALERT – Critical Microsoft Outlook bug Actively Exploited
• CovertSwarm appoint former ITV.com MD as Chairman of the Board
• Simplify your vulnerability management workflow in Jira
• Introducing Will Morrish, CovertSwarm Chief Revenue Officer
• Enhance team cyber collaboration with our new Slack integration
• Exploiting Microsoft Windows 11 via Process No-Hollowing
• Zero-day vulnerability in Atlassian Confluence
• Zero-day vulnerability in Microsoft Office – Follina
• Diary of a Cyber Attacker
• CovertSwarm Inc. launched in North America
• CovertSwarm supports BBC to advise social media account hijack victims
• Video: Zero-Day Exploitation From A Bad Actors Perspective
• Multiple Windows Zero-Days Identified (CVE-2022-24521, CVE-2022-26904 and CVE-2022-26809)
• Zero Day Vulnerability Identified In Java Spring Framework – CVE-2022-22965 (Spring4Shell)
• Remote Code Execution Vulnerability In Veeam Backup & Replication – CVE-2022-265 & CVE-2022-26501
• Critical Root Privilege Escalation Vulnerability Alert In Linux – CVE-2022-0847
• Video: Your Best Defence is Your Worst Enemy – Rethinking Your Cyber Security Strategy.
• Who are CovertSwarm?
• CovertSwarm – Dundee and Angus College Curriculum Partner
• Introducing CovertSwarm – The Podcast
• Zero Day Vulnerability Identified In Magento 2 And Adobe Commerce (CVE-2022-24086)
• The emerging crisis in Ukraine
• 0-day Vulnerability In Horde Webmail Email System
• Authentication Bypass/Instance Takeover Vulnerability via Zabbix Frontend – CVE-2022-23131
• Critical RCE Vulnerabilities in WordPress Plugin PHP Everywhere
• Privilege Escalation Vulnerability in Windows Print Spooler – CVE-2022-22718
• Critical Vulnerability Alert in Samba – CVE-2021-44142
• Remote Root Exploit via Log4Shell & PwnKit Vulnerabilities
• Critical 0-day vulnerability in Polkit pkexec component
• CovertSwarm appoints Luke Potter as Chief Operating Officer
• Log4Shell RCE: Critical Zero Day Security Vulnerability
• Password Policy Best Practices 2022
• Video: An Ethical Hacker’s View on your Security (London CTOs)
• Pentesting is DEAD.
• CovertSwarm collaborates with BBC on Instagram Scam investigation
• CovertSwarm assists BBC with telephone ‘number spoofing’ investigation
• The Challenges of ethical hacking
• How to Become a Cyber Security Consultant
• How Secure are TPM Chips?
• CovertSwarm Gains Further Accreditation with CREST STAR
• CovertSwarm Achieves CREST Accreditation
• An introduction to Constant Cyber Attack
• Improving Internal Cybersecurity Engagement – Q&A
• CovertSwarm launches Offensive Operations Centre
• Accelerate your cybersecurity posture with a CovertSwarm of security professionals
• Are you a Cyber Rebel?
• As A Service’ (AAS) Overload – Providing Context to ‘AAS’ in Cybersecurity
• New Styles of Cyber Attack Detected against Businesses & Supply Chain Partners
• Is your Penetration Testing Program delivering the value you expect to your business?
• Rattle the lock on your SOC’ – Time to constantly test your Security Operations Centre
• Rattle the lock on your SOC
• Is your Security Operations Centre awake? Your adversaries are. And so are we.
• The cyber risk of high-velocity product development
• Annual Penetration Testing is no longer enough

Opinion

• Why Robbing Banks Is Easy (And Why That Should Terrify You)
• Threat Actors Don’t Wait For Your Annual OT Pen test
• Humans In The Loop: The Non-Negotiable In Offensive Security
• Everyone has a plan until they get punched in the face: reflections on the NCSC 2025 annual review
• Airport Chaos Shows How Fragile Our Infrastructure Really Is
• Inside a Red Team OSINT Operation: Mapping the Human Attack Surface 
• Redefining Cybersecurity Value: A CFO’s Take on ROI and Resilience 
• Can AI Really Hack You? The Truth Behind the Hype
• Remote Work Security Gaps Still Driving UK Breaches
• EchoLeak: The Zero-Click Microsoft Copilot Exploit That Changed AI Security
• Proving Resilience: The Role of Regulator-Led Testing in Strengthening Market Stability.
• Your LLM Security Isn’t as Strong as You Think.
• Retail Under Siege: The Coordinated Cyber Assault on UK’s Top Stores
• AI apps are smart. Until they do something really dumb.
• Reality Check: What Google’s Latest Report Tells Us About AI-Enabled Threat Actors
• Santa: The OG Ethical Hacker Smashing Your Home Security Since Forever 
• Is Your Business Secured Like an Egg or an Onion?

Swarm Brief

• Handala & MuddyWater: MDM Weaponization at Enterprise Scale

Swarm Intelligence

• Swarm Intelligence: Stryker’s Intune wipe proves your BCDR plan has a single point of failure
• When Your IDE Becomes An Insider: Testing Agentic Dev Tools Against Indirect Prompt Injection
• Inject one agent, own them all: The cascading risk of multi-agent AI
• Atlas AI: Local LLM inside Burp Suite
• The Evolution of EDR Bypasses: A Historical Timeline
• Inside BadSuccessor: Privilege Escalation via dMSA in Windows Server 2025

Technical

• Why So Syscalls? BOF Edition
• Cobalt Strike External C2 Passthrough Guide

Technology

• K8s – Pod to Node Escape Techniques
• Uncloaking Radio Frequency Identification (RFID)
• Gaining Initial Access in a Kubernetes Environment (part 2)
• Exploring the Kubernetes Architecture from an Offensive Viewpoint (part 1)
• The trials and tribulations of secure software development
• AI voice impersonation: voice-based authentication just got owned
• Improving organisational awareness with enhanced Automated Reconnaissance
• Avoiding the Cyber Risk Rollercoaster
• Discovering and identifying change to your organisation’s attack surface
• CovertSwarm: How our technology helps you

Case Studies

• The one where we got their client’s data by simply asking nicely
• The one where a slack message became a supply chain backdoor
• The one where we counted sockets and took control
• The one where we pulled off the holiday hangover heist
• The one where we impersonated the Head of IT
• Araco: how we turned an image upload into a potential nightmare
• The one where we turned a telecom’s security nightmare into a masterclass in resilience
• The one where we cracked 90% of a fintech’s passwords using their onboarding process
• The one where we rewrote the script on security
• The one where we breached an insurance giant through image uploads
• The one where we owned a cloud platform through a free trial
• CovertSwarm and Fintech: Snoop Case Study
• The one where public data led to private access
• The one where a fake email proved the risk was real
• The one where compliance wasn’t enough

Podcasts

• S2 E7 – The Ghost in the Machine: Why Operational Technology is Everyone’s Blind Spot
• S2 E6: Christmas Special Fireside Chat: AI, Insider Threats, and Lessons from 2025
• S2 E5 – How AI is shaping offensive cyber operations
• S2 E4 – Words as weapons
• S2 E3 – Nation-State Attacks: Hidden in Plain Sight
• S2 E2 – The Bank of England: Rethinking Cyber Resilience
• S2 E1 – Inside The Spider: Anatomy Of An Attack
• S1 E33 – The AI Impersonation with Ron Eddings
• S1 E32 – Inside the Breach: The Vulnerabilities Within Your Perimeter
• S1 E31 – Insights From A Former State-Sponsored Hacker
• S1 E30 – CovertSwarm Academy: End of First Year
• S1 E29 – DEF CON: Las Vegas Special
• S1 E28 – DEF CON 32: Badge Life
• S1 E27- From America’s Insurance Capital: Let’s talk about Fraudsters
• S1 E26- Understanding DORA and NIS2
• S1 E25 – SwarmCon 7 at Bletchley Park
• S1 E24 – Initial Access Brokers
• S1 E23 – The Red Teaming Paradigm
• S1 E22 – New Cyber Maturity Rating Feature
• S1 E21 – Product Thinking in Security 
• S1 E20 – Transitioning from Bug Bounty to Constant Cyber Attack
• S1 E19 – From Punk to Cyber
• S1 E18 – The CovertSwarm Academy
• S1 E17 – The moving security goalpost with Todd Wade
• S1 E16.5 – Defcon 2023 special, live from Las Vegas
• S1 E16 – Challenging the Attack Surface Management industry with special guest Adam Govier
• S1 E15 – Information Security Management with Special Guest Frankie Gallop from Provention
• S1 E14 – Threat Intelligence with special guest Haroon Mahmood
• S1 E13 – Data privacy and security with special guest Ulrika Dellrud
• S1 E12 – SwarmCon special
• S1 E11 – Dominic Cameron on Leading CovertSwarm’s Board
• S1 E10 – Introducing Will Morrish
• S1 E9 – A new standard approach
• S1 E8 – It’s time for a change
• S1 E7 – PCI DSS 4.0 & Mitigating Skimming Attacks
• S1 E6 – My First DEF CON
• S1 E5 – DEF CON 30 Special, Las Vegas
• S1 E4 – Are You Thinking About Cyber The Right Way?
• S1 E3 – How To Get Into The Cyber Industry
• S1 E2 – The Crisis In Ukraine
• S1 E1 – Why The Penetration Testing Industry Needs To Change

Authors

• RAID
• Jayson E. Street
• Tony Law
• Anders Reeves
• James Smith
• Luke Potter
• Ben Stickland
• Nick Dibbern
• Luke Dyer
• Dom Pietrzak
• James Dale
• Louis Blackburn
• Pablo Sanchez
• Ibai Castells
• Santi Quintana
• Ellie Lancaster
• Alessandro Grisa
• Dario Manuel Tejada
• Maximilian Kleinke