FORTBRIDGE
@FORTBRIDGE
FORTBRIDGE โ Leading IT Security Services in London | Cybersecurity, Penetration Testing, Red Teaming and Cloud Security
Our very own @Adrian__T presented at @Microsoft 's @BlueHatIL 2025 on "๐ฉ๐ฒ๐๐๐ฎ ๐๐ฑ๐บ๐ถ๐ป ๐ง๐ฎ๐ธ๐ฒ๐ผ๐๐ฒ๐ฟ โ ๐๐ ๐ฝ๐น๐ผ๐ถ๐๐ถ๐ป๐ด ๐ฅ๐ฒ๐ฑ๐๐ฐ๐ฒ๐ฑ ๐ฆ๐ฒ๐ฒ๐ฑ ๐๐ป๐๐ฟ๐ผ๐ฝ๐ ๐ถ๐ป $๐ฅ๐๐ก๐๐ข๐ " ๐บ Watch the full talk here: youtube.com/watch?v=bnEr9Gโฆ #FORTBRIDGE #OffSecโฆ
Two leading cybersecurity vendors, Sophos and SonicWall, have released patches addressing critical remote code execution (RCE) vulnerabilities in their firewall and remote access solutions. These flaws, if exploited, could allow attackers to take full control of vulnerableโฆ
Cybersecurity researchers at Nozomi Networks have identified over a dozen high-severity vulnerabilities in Tridiumโs Niagara Framework โ a platform widely used to control smart building systems, including HVAC, lighting, energy management, and security infrastructure. Watch theโฆ
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after two critical vulnerabilities in Microsoft SharePoint were found to be actively exploited by advanced Chinese threat groups. These flaws were added to CISAโs Known Exploitedโฆ
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities in SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog. These flaws are now confirmed to be actively exploited in the wild, putting organizationsโฆ
The Alcohol & Drug Testing Service (TADTS), a Texas-based provider of workplace and individual drug and alcohol testing services, has confirmed a significant data breach affecting nearly 750,000 individuals. Watch the video till the end to explore the details of the breach, whoโฆ
Microsoft has issued an urgent patch for a severe remote code execution (RCE) vulnerability affecting on-premises SharePoint Servers. This flaw, actively exploited in the wild, enables attackers to run arbitrary code remotely without authentication, potentially giving them fullโฆ
Cisco has disclosed a maximum-severity vulnerability affecting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). This flaw allows unauthenticated remote attackers to execute arbitrary code as root on vulnerable systemsโwithout needing any loginโฆ
Google discovered a serious security vulnerability in the Chrome browser that hackers are already using in real-world attacks. Watch the video till the end to explore the details of the vulnerability, who was impacted, mitigation strategies, and essential tips for preventingโฆ
Fortinet has released urgent security updates addressing a critical SQL injection vulnerability in FortiWeb, its web application firewall. With a CVSS score of 9.6 out of 10, this flaw poses a serious risk to organizations using affected versions. Watch the video till the end toโฆ
Microsoft has released security patches for 130 vulnerabilities across its product ecosystem in the July 2025 Patch Tuesday rollout โ including critical flaws in SQL Server, SharePoint, Office, and Windows services. Watch the video till the end to explore the details of the keyโฆ
SAP has released its July 2025 Security Patch Day advisory, addressing 27 new and 4 updated security issues including 6 critical vulnerabilities that pose serious risks to enterprise systems. Watch this video till the end to explore the details of the key vulnerabilities, whoโฆ
The Cybersecurity and Infrastructure Security Agency (CISA) has added four critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog โ a clear signal that these flaws are being actively exploited in real-world attacks. Watch the video till the end to exploreโฆ
OVER x SLIDES & VIDEOS ๐ฃ #pts25 is now over, thanks so much to all ๐ ๐จ As always, due to the ๐ฅ work of the team, you can browse/follow *all* talks: ๐ Slides: archives.pass-the-salt.org/Pass%20the%20Sโฆ ๐ฆ Videos : passthesalt.ubicast.tv/channels/#2025 Thanks again & we wish you a fantastic summer โค๏ธ ๐
Had a great time speaking at @passthesaltcon in Lille this week! I presented my research on โ๐ฉ๐ฒ๐๐๐ฎ ๐๐ฑ๐บ๐ถ๐ป ๐ง๐ฎ๐ธ๐ฒ๐ผ๐๐ฒ๐ฟ โ ๐๐ ๐ฝ๐น๐ผ๐ถ๐๐ถ๐ป๐ด ๐ฅ๐ฒ๐ฑ๐๐ฐ๐ฒ๐ฑ ๐ฆ๐ฒ๐ฒ๐ฑ ๐๐ป๐๐ฟ๐ผ๐ฝ๐ ๐ถ๐ป $๐ฅ๐๐ก๐๐ข๐ โ, where I showed how weak randomness in shell scripts can lead toโฆ
Cisco has disclosed a critical security vulnerability in its Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). The flaw rated with the maximum CVSS score of 10.0 could allow attackers to gain root access to affected systems usingโฆ
Google has issued an urgent security update for Chrome to patch a critical zero-day vulnerability currently being actively exploited in the wild. Watch the video till the end to explore the details of the vulnerability, who was impacted, mitigation strategies, and essential tipsโฆ
APIs are the backbone of modern applicationsโand also one of the most targeted components by attackers. In this detailed blog post, we break down everything you need to know about API security: โค Common vulnerabilities and OWASP API Top 10 โค Tools and techniques for effectiveโฆ
Weโre thrilled to announce that we are now Cyber Essentials Plus (CE+) certified! This UK Government-backed certification is a significant milestone that demonstrates our commitment to maintaining the highest standards in cyber security. โ With CE+, not only have we passed theโฆ
Two newly disclosed vulnerabilities in SAP GUI and a critical flaw in Citrix NetScaler (dubbed Citrix Bleed 2) could allow attackers to steal sensitive data or hijack user sessions โ even bypassing authentication altogether. If left unpatched, these flaws can seriouslyโฆ
Excited to share that Iโll be speaking at @passthesaltcon in Lille on July 3rd! I'll be presenting my research titled: โ๐ฉ๐ฒ๐๐๐ฎ ๐๐ฑ๐บ๐ถ๐ป ๐ง๐ฎ๐ธ๐ฒ๐ผ๐๐ฒ๐ฟ โ ๐๐ ๐ฝ๐น๐ผ๐ถ๐๐ถ๐ป๐ด ๐ฅ๐ฒ๐ฑ๐๐ฐ๐ฒ๐ฑ ๐ฆ๐ฒ๐ฒ๐ฑ ๐๐ป๐๐ฟ๐ผ๐ฝ๐ ๐ถ๐ป $๐ฅ๐๐ก๐๐ข๐ .โ This talk dives into how weakโฆ