🔒It's that time again - Microsoft Patch Tuesday July! 🔒 This month, Microsoft has released 143 security updates, focusing on Remote-Code-Execution (RCE) and privilege elevation vulnerabilities. Notably, CVE-2024-38112 and CVE-2024-38080 are being actively exploited in the wild. Key areas of concern include SQL Server's Native Client and Secure Boot security feature bypasses. Keeping your systems up to date and patched is a great defense. But remember, sometimes the best defense is a good offense. When you need that strong offense, we're here to help at OccamSec. #CyberSecurity #PatchTuesday #InfoSec #Microsoft #ThreatIntel https://lnkd.in/gd3mxCgG
About us
As an industry leader in cybersecurity, OccamSec excels in providing a wide range of services extending to penetration testing, continuous penetration testing, threat hunting, red team operations, purple team engagements, and vulnerability research. With a commitment to cutting-edge methodologies, we enable organizations to fortify their security posture and proactively detect and address vulnerabilities before they can be exploited. At OccamSec, we understand that today's threat landscape is constantly evolving, requiring a proactive and dynamic approach to cybersecurity. Our team of skilled professionals is adept at conducting rigorous penetration tests to identify weaknesses in your systems and networks, allowing you to fortify your defenses against potential attacks. Our continuous penetration testing services ensure that your security remains robust and up to date, providing ongoing monitoring and assessments to detect and address any emerging vulnerabilities in real time. In addition, our threat hunting capabilities enable us to actively search for potential threats within your infrastructure, while our red and purple team exercises simulate real-world attacks to evaluate your overall security readiness. Complemented by our cutting-edge vulnerability research, we deliver comprehensive insights and actionable recommendations to empower your organization in staying one step ahead of cyber threats. Choose OccamSec and stay confident in your cybersecurity defenses.
- Website
-
http://www.occamsec.com
External link for OccamSec
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- New York, NY
- Type
- Privately Held
- Founded
- 2010
- Specialties
- Penetration Testing, Competitive Intelligence, Red Team Assessment, Security Benchmarking, Vulnerability Management, and Incident Response
Locations
-
Primary
122 E 42nd St
New York, NY 10168, US
-
49
Greek Street
London, W1D 4EG, GB
-
1200 Ala Moana Blvd
Suite 380
Honolulu, Hawaii 96814, US
Employees at OccamSec
-
Gabe LeBlanc
Project Manager @ OccamSec | MBA, CISM, CISSP
-
Cynthia Boumann
-
Erin Murtha
COO at OccamSec
-
Philip Niedermair “The price of Liberty is eternal vigilance.”
Chairman of the Advisory Board TAC, Special Advisor VIRSEC, Chair of the Advisory Board NCG National Cyber Group, Managing Partner Modirum Security…
Updates
-
Recent ransomware attacks, like the one on CDK Global that disrupted over 15,000 car dealers, highlight a critical need for robust cybersecurity measures. While your security budget isn't limitless, the potential damage from online threat actors is, and your organization needs advanced detection and regular security audits. At OccamSec, we offer Incenter—a reliable, always-on solution that combines automated testing with expert human oversight. This framework not only protects against threats but also ensures your organization avoids costly downtime. Protect your organization and optimize your security budget with OccamSec’s Incenter. Contact us today to learn more. https://lnkd.in/ggYEtzZs #Affordable #Cybersecurity #Pentest #Prevent #RansomWare
-
FinSec Leadership Forum 🚀 June 27 We’re excited to announce our attendance at this week’s FinSec Leadership Forum, sponsored by FinTech-Tables and hosted by Barclays at their Glasgow campus. Darren Anderson, OccamSec's Information Security Director, will be there to discuss supply chain risk and third-party risk management which has been an ever growing problem. Don’t miss this chance to gain insights from industry leaders and explore innovative cybersecurity solutions. #FinSec #CyberSecurity #RiskManagement #DigitalPayments #SupplyChainRisk Virgin Money FNZ Group Lloyds Banking Group M&G plc Royal London
In the face of sophisticated cyber threats, capital markets need top-tier #cybersecurity to navigate growing challenges. Next week, Beeks Group's CISO Oscar Neill joins industry leaders at the FinTech-Tables FinSec Leadership Forum, discussing how effective #riskmanagement and robust cybersecurity solutions can set firms apart. Stay tuned for insights, exploring innovative technology that safeguards operations and drives competitive edge! #PoweredbyBeeks #CapitalMarkets #FinTech #Innovation #IaaS #FinanceSecurity Barclays OccamSec Virgin Money Lloyds Banking Group M&G plc Royal London FNZ Group
-
-
The recent advisories from the Cybersecurity and Infrastructure Security Agency (CISA) raise an alarm, we must safeguard our Industrial Control Systems (ICS). These systems are distinct in their complexity and integral to the operation of essential infrastructure sectors like energy, water, and transportation. A strong security plan for ICS must be tailored to address their specific vulnerabilities and operational requirements. This involves understanding each organization's unique configurations, protocols, and legacy systems which characterize their ICS environments. Regular assessments, continuous monitoring, and customized security measures are critical to maintaining a healthy security posture. #ICS #industrial #security #cybersecurity
-
-
This man is about to change the whole meaning of "botnet", because those bots are getting hacked. 😅 Listen, we all want a cheap robot that folds laundry as much as the next person, but can you imagine the carnage? Cyber attacks are bad enough already, but now we have to deal with someone who's amassed a swarm of chore-bots? Nope. Let's practice basic #cybersecurity first. #botnet A network of infected computers that are controlled by a single entity, often without the knowledge of the computers' owners.
Reinventing Finance 1% at a Time 💸 | Leading & Scaling FinTech Unicorn 🦄 | The only newsletter you need for Finance🤝Tech at 🔔linas.substack.com🔔 | Financial Technology | Artificial Intelligence | Banking | AI
NVIDIA CEO Jensen Huang says that in the near future, humanoid robots will be available for $10,000-20,000 😳 Sounds wild? Just think about it... Robots have 10x fewer parts than a car and 20x less mass. So there's literally no limiting factor to getting the cost to $20k with enough manufacturing volumes. Robots will be building robots very soon.
-
🚨 Data Breach: Kaiser Permanente® On October 25, 2023, Kaiser Permanente identified a privacy incident where certain online trackers (cookies/pixels) on their websites and apps transmitted personal info to third-party vendors Google, Microsoft Bing, and X (Twitter). Although no sensitive information like Social Security numbers or financial details were involved, it's a reminder of the importance of cybersecurity. At OccamSec, we serve companies in need of proven cybersecurity measures, and we have the proof with our Fortune 100 clients. With industry-standard accreditation, we can help you stay vigilant and protect customer data. Drop us a line, and let us help you enhance your security posture. https://lnkd.in/guGK3qax #CyberSecurity #DataBreach #Privacy #KaiserPermanente #OSec
-
-
🚨 Supply chain attacks are on the rise, threatening businesses of all sizes. Basic cybersecurity measures are essential to mitigate these risks. Here are key steps to enhance your defense: - Improve Network Visibility: Know what's happening within your network. - Regular Penetration Testing: Identify and fix vulnerabilities before they can be exploited. - Employee Training: Ensure everyone understands cybersecurity best practices. By implementing these strategies, you can better protect your business from potential supply chain threats. Stay proactive and secure! #CyberSecurity #SupplyChainSecurity #DataProtection
-
🚀 Exciting News from OccamSec! 🚀 We're thrilled to share that our very own Senior Security Engineer, Ivano Bianco, recently attended and spoke at the IoD-hosted event in Glasgow: Digital Transformation: People-Driven, Tech-Powered. Ivano brought his extensive expertise in offensive security and IT infrastructure to the event, sharing valuable insights on how businesses can navigate the complexities of today's digital landscape while ensuring compliance and security. The event comes at a pivotal time, with the next general election on the horizon and the recent spring budget indicating a potentially turbulent year ahead. However, the evening was filled with optimism, actionable strategies for growth, and of course some good brews! We are proud to have Ivano representing OccamSec at such a significant event, contributing to the ongoing conversation about digital transformation and cybersecurity. Stay tuned for more updates from our team as we continue to drive innovation and security in the digital age! #CyberSecurity #OffensiveSecurity #IoD #OccamSec
-
-
Let's Protect Our Water Systems! The EPA's latest alert on cyberattacks against community water systems shows that basic scanning isn't enough. Work with us. We know the unique risks and EPA requirements for water utilities, and we've already got experience with securing critical infrastructure: 🔹 Purple Teaming 🔹 Red Teaming 🔹 Penetration Testing 🔹 Continuous Monitoring Secure smarter, not harder, with OccamSec. https://lnkd.in/eN_iC-Tu #Cybersecurity #WaterSafety #EPA #PenTesting #PurpleTeam #RedTeam #ContinuousMonitoring
EPA urges water utilities to protect nation's drinking water amid heightened cyberattacks
usatoday.com
-
🚨 Attention developers! 🐍 A recent supply chain attack on a Python package revealed a critical red flag. While the legitimate "requests" library logo has a file size of ~300 kB, the malicious "requests-darwin-lite" package contains a logo file of 17 MB! 📈 This significant size difference is a glaring anomaly that should raise immediate suspicion when incorporating dependencies. At OccamSec, we're committed to helping you fortify your defenses against evolving supply chain threats. Let's work together to build your company's #SupplyChainSecurity solution. #CyberSecurity #OccamSec https://lnkd.in/d6KZjXDd
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
thehackernews.com