Latest posts from OP Innovate
LATEST BLOG
Broken Access Control in REST APIs – Shields Up 🛡️ !
Unfortunately, I have a long relationship with Broken Access Control (BAC) in most of its forms. As a research leader, I often encounter critical security…
Read more >
DM Apps at Work: Congrats, Cyber Security Risk!
As technology advances, we tend to think that advances in security should run in parallel. This is only partly true. End to-end encryption is now…
Read more >
How I found a CVE in a 4 milion (!) active users of WordFence
One of our goals at OP Innovate is to protect our clients and partners at all times. During a recent penetration testing engagement, the testing…
Read more >
Under the hood of a Smishing campaign
Earlier today our OP Innovate research team received yet another Smishing attempt asking them to provide credit card details
Read more >
The Art of the Red Team
This article pulls together some of the tactics and techniques used by OP Innovate researchers during a red team exercise. Please note, tools, tactics and…
Read more >
Email-based attacks in the COVID-19 era
Since life in the shadow of the Covid-19 pandemic became “new normal”, we at OP Innovate have seen an excess of business email compromises (BEC)…
Read more >
N3TW0RM Ransomware IOCS
Explore the N3tw0rm ransomware gang operations targeting Israeli companies for ransom, identify IOCs, and seek cyber protection from OP Innovate
Read more >
Prototype Pollution high vulnerability in ‘mixme’ NPM package
NPM (Node Package Manager) is a gigantic software registry that contains hundreds of thousands of open source Node.js projects in the form of packages.
Read more >
Halloween and Cyber-Security: Malware in Disguise
Ghostly greetings one and all. On Halloween night, children the world over dress up in scary costumes and prowl from house to house, asking wary…
Read more >
