@ni5arga You guys have no idea how careless indian companies are, in just the last one week we reported critical vulnerabilities in multiple Billion dollar indian companies.
@BleepinComputer We come across this more often than we should . The good news being it is preventable . It only takes one person in the organization to be concerned about security , we take care of the rest .
The KDDI breach traces back to a vulnerability in a third-party software they had integrated into their systems.
What's to be noted is that the same software is being used by 5 other ISPs. The actual attack surface and the damage is far wider than what's been reported.
This is exactly what we flag constantly , vendors get integrated and it doesn't get check again. That gap is where the attackers get the passage to a company's records.
Our team scans multiple companies a day and this comes up more often than it should. It's not a sophisticated or rare pattern but an ignored one.
And yet security stays a secondary concern for most CTOs, right until the moment millions of client credentials are out the door.
Most breaches are preventable , they just don't get checked in time .
#CyberSec #Pentest #InfoSec
Most founders deprioritize security because the consequences feel abstract right up until they aren't.
The breach hasn't happened yet. That's not the same as being secure. That's just being early in the timeline.
You have patients trusting you with the most sensitive data that exists. That trust doesn't care how fast you're shipping.
Build fast. But know what you're shipping and who can see it.
Free baseline scan at https://t.co/FTHYCQr46h. No strings.
#HealthTech #HIPAA
19 million patient records were leaked last year.
100+ breaches were reported to OCR.
The number one cause wasn't a sophisticated attack but ransomware. Automated, opportunistic, completely indifferent to your compliance status.
NYC Health + Hospitals lost biometrics of 1.8 million people.
And somewhere a health tech founder read that headline and thought "that's a legacy hospital problem."
It isn't.
The updated HIPAA Security Rule isn't aspirational anymore. Mandatory encryption, MFA, and continuous risk assessment are the only way ahead according to the stats. Oh and the stats, well those are interesting. Third-party vendor breaches have doubled year over year. 30% of all healthcare incidents. 80% of stolen patient records trace back to a vendor chain.
We're looking for a Cyber Security Intern.
Not because we need an intern.
We want to find the people who can't stop investigating things.
The ones who click "View Source."
The ones who accidentally find exposed dashboards.
The ones who ask, "What happens if I try this?"
If you've ever found a vulnerability, won a CTF, reported a bug, or broken something you weren't supposed to (ethically), we should talk.
Drop a 👾 below or DM us.
#CyberSecurity #BugBounty #EthicalHacking #SecurityResearch #AI #Internship #Hiring #AIJobs