Lightnews — Scholar-powered news

Bishop Fox

@bishopfox.bsky.social

140 followers 27 following 90 posts

A leading provider of #offensivesecurity solutions & contributor to the #infosec community. #pentesting #hacking

Posts Media Videos Starter Packs

Pinned

Bishop Fox @bishopfox.bsky.social · Jan 28

Hello, Bluesky!

We’re Bishop Fox, leaders in offensive security for nearly 20 years. From pentesting to attack surface management with Cosmos, we help organizations stay ahead of attackers.

Follow us for insights, research, and cybersecurity updates!

#cybersecurity #offensivesecurity #pentesting

Bishop Fox @bishopfox.bsky.social · 5d

New from Bishop Fox: Burp Variables, a Burp Suite extension that automates variable handling.
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...

Bishop Fox @bishopfox.bsky.social · 5d

Tomorrow @ 2 EDT: Demystifying 5G Security w/ Drew Jones.
Real-world tactics for testing & defending 5G networks.

Save your seat: bishopfox.com/resources/5g...

Bishop Fox @bishopfox.bsky.social · 7d

Working on DORA compliance?
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT

Bishop Fox @bishopfox.bsky.social · 10d

A $20 smart device. A curious researcher.
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.

Read his story → bishopfox.com/blog/how-a-2...

#IoTSecurity

Bishop Fox @bishopfox.bsky.social · 18d

🚨 New Bishop Fox advisory: YoSmart YoLink Hub (v0382) found vulnerable.
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions

Details: bishopfox.com/blog/yosmart...

Yolink Hub — VERSION 382 — SUMMARY

The following document describes identified vulnerabilities in the YoLink Hub smart device version 0382.

bishopfox.com

Bishop Fox @bishopfox.bsky.social · 20d

We’re live with cloud expert Mitchell Sperling talking CloudFox!

Join here: bishopfox.com/resources/cl...

Bishop Fox @bishopfox.bsky.social · 22d

Cloud enumeration is messy. CloudFox makes it manageable.

Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST

Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...

Bishop Fox @bishopfox.bsky.social · 22d

We’re proud to sponsor Hacker Halted 2025 + the Global CISO Forum (Oct 1–2, Atlanta).

We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.

Details: www.linkedin.com/posts/ec-cou...

#hackerhalted #globalcisoforum #cybersecurity #thankyousponsors #cyberleadership #cisoforum2025 | EC-Council

🎉 𝗔 𝗛𝘂𝗴𝗲 𝗧𝗵𝗮𝗻𝗸 𝗬𝗼𝘂 𝘁𝗼 𝗢𝘂𝗿 𝟮𝟬𝟮𝟱 𝗦𝗽𝗼𝗻𝘀𝗼𝗿𝘀! 🎉 As we gear up for Hacker Halted Cybersecurity Conference and the Global CISO Forum this October in Atlanta, we want to extend our deepest gratitude to the i...

www.linkedin.com

Bishop Fox @bishopfox.bsky.social · 25d

SecDSM October Meetup 🎃
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines

Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.

Details: bishopfox.com/events/secds...

Bishop Fox @bishopfox.bsky.social · 25d

CHOTINER: You believe AI alone will solve cybersecurity?

EVANGELIST: Yes, it will eventually detect everything.

CHOTINER: Including attacks run by other AI?

EVANGELIST: Well… yes, AI learns.

CHOTINER: So you’re building the attack and the defense simultaneously.

EVANGELIST: Now wait a minute-

1 4

Bishop Fox @bishopfox.bsky.social · 26d

Full talk: bishopfox.com/resources/sa...

Fireside Chat - SaaS Security: Inside Recent Attacks Disrupting…

Learn how UNC6040 and UNC6395 exploited OAuth to breach Salesforce ecosystems. Expert insights on SaaS security threats and defense strategies.

bishopfox.com

Bishop Fox @bishopfox.bsky.social · 26d

Think your OAuth tokens may be compromised?
Here’s what AppOmni CTO Brian Soby says you should do first:

Bishop Fox @bishopfox.bsky.social · Sep 19

When your SaaS vendor gets breached, it can break your whole business.

AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.

Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...

Bishop Fox @bishopfox.bsky.social · Sep 16

“There’s a war out there… and it’s not about bullets. It’s about who controls the information.” – Marty Bishop, Sneakers

RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.

Always a Sneaker.

1 3

Bishop Fox @bishopfox.bsky.social · Sep 8

Red Teaming validates controls, trains defenders, and gets everyone from SOC to the board on the same page.

bishopfox.com/blog/top-rea...

The Top Reasons Security Leaders Choose Red Teaming

Leaders are turning to red teaming to test defenses against real-world adversaries discover why this strategy is becoming a must-have for cyber resilience.

bishopfox.com

Bishop Fox @bishopfox.bsky.social · Sep 5

Senior Security Consultant Drew Jones dug into the 5G registration protocol and found that early connection messages aren’t encrypted, identifier privacy can break down, and devices still request null encryption: bishopfox.com/blog/demysti...

Bishop Fox @bishopfox.bsky.social · Sep 3

Red Teaming only works if you’re ready for it.

This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.

Get it here → bishopfox.com/resources/re...

Red Team Readiness Guide: Plan, Align, and Execute Successful…

Download our framework for planning red team operations. Learn how to align stakeholders, set objectives, and evaluate readiness before launching your red…

bishopfox.com

1 1

Bishop Fox @bishopfox.bsky.social · Aug 28

Some say there’s a cybersecurity talent shortage.

But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.

In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...

1 3

Bishop Fox @bishopfox.bsky.social · Aug 25

Systems get patched. If only people did...

Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.

Bishop Fox @bishopfox.bsky.social · Aug 20

🚨 We're live! 🚨

The battlefront of offensive AI is here.

Hear real-world stories, lessons, and strategies from the front lines. Happening right now!

bishopfox.com/resources/ai...

Bishop Fox @bishopfox.bsky.social · Aug 19

Cloud enumeration can eat up your whole day.

Spend ~60 minutes with us and we’ll fix that.

Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...

Bishop Fox @bishopfox.bsky.social · Aug 8

If you build, deploy, or secure AI, this is your blueprint for stopping silent failures before they turn into breaches.

On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.

Save your spot: bishopfox.com/resources/ai...

Bishop Fox @bishopfox.bsky.social · Aug 5

We're taking our Discord Workshops to the cloud! ☁️

Follow along as Senior Security Consultant Mitchell Sperling uses #CloudFox to map massive environments fast and spot the attack paths that matter.

Live Aug 21 on Discord: discord.gg/ANytASyDFr?e...

Discord Workshop - CloudFox: Cloud Enumeration for Penetration Testing
Thursday, August 21 2PM EDT / 7PM BST
Mitchell Sperling, Senior Security Consultant
[register now button]

Bishop Fox @bishopfox.bsky.social · Aug 4

Oh hey we know her!

Phillip Wylie @phillipwylie.bsky.social · Aug 4

The latest episode of The Phillip Wylie Show has dropped for your pre DEFCON viewing/listening! This episode features social engineer, red teamer, and DEFCON Black Badge recipient, Bishop Fox consultant, Alethe Denis.

YouTube: youtu.be/Qd45YA6u3X8
Available on Apple, Spotify, and other platforms.

Alethe Denis: The Art of Social Engineering

YouTube video by Phillip Wylie

youtu.be

Bishop Fox @bishopfox.bsky.social · Jul 15

Last call!

Join us tomorrow for Breaking AI: Inside the Art of LLM Pen Testing. Learn how attackers are actually manipulating LLMs and why prompt engineering isn’t enough: bishopfox.com/resources/br...

Breaking AI: Inside the Art of LLM Pen Testing

Learn why traditional pen testing fails on LLMs, deep dive into adversarial prompt exploitation, social engineering, real-world AI security techniques.

bishopfox.com