Non-production environments refer to any setup that is used for purposes other than live, operational applications. This includes development, testing, staging, and quality assurance (QA) environments. They are essential for preparing software for production by allowing thorough testing and debugging. A lot of us security minded folks are aware developers standup non prod environments and
IoT Penetration Testing is one of our favorite types of testing here at Brackish Security. This will be the first of a multi-part blog series on embedded device security (the “Internet of Things” or IoT). Our goal is to show how the Brackish security team approaches an IoT pentest, including detailed methodologies and examples. IoT
As a continuation in our series of penetration testing stories (who doesn’t love those) we bring you MouseJacking (With Flipper Zero). Check out the first blog post in the series here here. In this engagement, we were successfully able to compromise a network utilizing an old attack vector – MouseJacking. MouseJacking was first brought to
In today’s digital age, cybersecurity is not just a technical necessity but a cornerstone of a successful business strategy. Among the myriad of cyber threats, phishing scams stand out for their cunning simplicity and devastating effectiveness. Phishing attacks manipulate human psychology to steal confidential information, disrupt business operations, and compromise customer trust. This comprehensive guide
MAC address whitelisting is commonly perceived as a foolproof network security mechanism. Yet, Brackish Security’s recent test on a wireless network illustrates how easily this method can be bypassed, challenging its efficacy as a standalone security solution. MAC address whitelisting operates on the premise that only devices with pre-approved MAC addresses can access a network.
Penetration testing, a critical component of cybersecurity, involves evaluating the security of IT systems by simulating cyber attacks. These tests are essential for uncovering vulnerabilities that could be exploited by hackers. This post explores the various types of penetration testing, each targeting different aspects of an organization’s IT infrastructure. Network Penetration Testing: Network penetration tests
As the digital landscape evolves, so do the challenges in maintaining robust cybersecurity. For business owners navigating this terrain, understanding the role and significance of penetration testing, commonly referred to as pen testing, is essential. This introductory guide aims to demystify pen testing, explaining what it is, how it’s conducted, and the benefits it offers
As penetration testers, like SharePoint, (check out our previous blog post here https://brackish.io/the-risks-of-storing-passwords-in-sharepoint), Bitbucket is a gold mine for credentials. In the dynamic world of software development, tools like Bitbucket are indispensable for version control and collaboration. However, a common yet often overlooked security misstep is the storage of sensitive information, such as passwords, within