Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Digital heart beat monitor on Unsplash https://unsplash.com/photos/0lrJo37r6Nk

HealthTech Protection

How healthcare breakthroughs could help cybersecurity

Many startups are achieving success by redefining how the economy works. Xtechs (financial, health, insurance, among others) are reducing operational costs and delivering more value to customers,...



Syringe ready to inject bad stuff. Credit: https://pixabay.com/es/photos/jeringa-healthcare-aguja-medicina-417786/

Tainted love

It's all about sanitization

In the several past articles, we have briefly touched on the concept of taint analysis. In this article, we would like to fill in the gaps which maybe have been raised by these careless...



CPU Usage. Photo by Alberto Duo on Unsplash: https://unsplash.com/photos/e4rcg33x4fA

Cryptojacking, a real malware?

Understanding cryptojacking "malware".

Before discussing the concept, we need a brief definition of blockchain. It is simply a unique, consensual, and distributed registry on the network that allows storage of information that cannot...



Bookshelf with some books

Learning how to code

A chat with Ricardo Yepes. Part 2.

We continue our conversation with Ricardo. We threw him a question that was the source of interesting debates at Fluid Attacks some time ago. Should a company invest in security awareness...



Bookshelf with some books

We need more training in basic stuff

A chat with Ricardo Yepes. Part 1.

Ricardo is a DevOps engineer in Australia. Previously, he worked for Fluid Attacks as a security analyst and instructor. He also spent a couple of years developing and maintaining an educational...



Photo by KP Bodenstein on Unsplash: https://unsplash.com/photos/ElQI4kGSbiw

Fool the machine

Trick neural network classifiers

Artificial Neural Networks (ANNs) are certainly a wondrous achievement. They solve classification and other learning tasks with great accuracy. However, they are not flawless and might misclassify...



Toasting Marshmallow. Photo by hcmorr on Unsplash: https://unsplash.com/photos/qlHRuDvaxL8

Roasting Kerberos

Attacking a DC using kerberoast

Kerberos is a protocol developed by the MIT used to authenticate network services, is built using secret key cryptography and using a trusted third party server (named Authentication Server). This...



Git. Photo by Yancy Min on Unsplash: https://unsplash.com/photos/842ofHC6MaI/

Big Code

Learning from open source

In our Machine Learning (ML) for secure code series the mantra has always been the same: to figure out how to leverage the power of ML to detect security vulnerabilities in source code, regardless...



Photo by Andres Urena on Unsplash. Credits: https://unsplash.com/photos/k1osF_h2fzA

Natural code

Natural language processing for code security

Our return to the Machine Learning (ML) for secure code series is a bit of a digression, but one too interesting to resist. At the same time, it is not, since the Natural Language Processing (NLP)...



handshake

A Conflict of Interest?

You probably don’t see it.

Years ago, we faced something odd in a project: a customer was putting pressure on us while performing a One-Shot Hacking. The manager who hired us demanded preliminary results and made comments...



Nicolás Acosta, CISO at Corona

Sensible about cybersecurity

An interview with Nicolás A. CISO at Corona. Part II.

In this post, we share the second part of our conversation with Nicolás Acosta, Chief Information Security Officer (CISO) of Corona. We spoke about risks, setbacks, and truths and falsehood in...



New York City Skyline

Querier Writeup

How to solve HTB Querier

In my opinion, Querier is a great box. We can learn a bit about Windows pentesting, a widely used operating system. The challenge begins with a public SMB where we will pass our first level. Next...




Service status - Terms of Use