wizlynx group

Name: wizlynx group
Address: Hauptstrasse 11, Binningen, 4102, CH
Telephone: +41618239050

Startseite
Schweiz
Binningen
wizlynx group

Welcome to the official wizlynx group page - your global Cyber Security provider for Penetration Tes PROFESSIONAL PORTFOLIO
We live and breathe Cyber Security!

wizlynx group is an ethical, trustworthy, and vendor agnostic global Cyber Security provider. Headquartered in Switzerland, you can rely on us to effectively protect your business and trade secrets against any form of cybercrime. Our vision is to be a best-in-class global Cyber Security company, enabling customers to focus on their core business by providing high-quality, value added and innovativ

e Cyber Security services. wizlynx group is one of the few globally accredited CREST Penetration Testing service providers, employing CREST registered Penetration Testers. This highly recognized certification is proof to our customers that wizlynx maintains the highest quality of technical capabilities, policies, processes and procedures. For this reason, we have designed a service portfolio that covers the entire risk management lifecycle to ensure our customer benefits from our passion and experience, but primarily to maximize their protection. Our vast and flexible portfolio encompasses various security assessments and penetration test to meet every customer’s need, whether large or small. Our Cyber Defense Consulting Services provide design and integration of security products, spanning all layers (i.e. network, host, system, and application) for a 360° protection. Additionally, our Cyber Defense Consulting Services are complemented by our Cyber Defense Operations Services to securely manage security infrastructure by security experts 24 hours a day, 7 days a week, 365 days a year. wizlynx has extensive experience in protecting 2000+ customers, some part of the Fortune 100, against various cyber threats, including thousands of security assessments, penetration tests, incident responses, and breach root cause analyses for companies in various sectors. Leave no stone unturned with wizlynx – the perfect partner to ensure high-quality services and assessments giving you a true sense of security!

01/06/2026

𝗧𝗵𝗲 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗟𝗮𝘆𝗲𝗿 𝗨𝗻𝗱𝗲𝗿 𝗔𝘁𝘁𝗮𝗰𝗸 | Weekend Cyber Risk Brief

This weekend, attackers focused on trust: VPN access, employee identities, trusted platforms, and business systems.

🔓 | Palo Alto warned that attackers are actively exploiting a GlobalProtect VPN authentication bypass flaw to gain access to internal corporate networks. When VPN systems become the entry point, the perimeter disappears quickly.

📞 | A voice phishing attack helped ShinyHunters breach Charter Communications by compromising an employee’s Microsoft Entra account and pivoting into Salesforce. Nearly 5 million records were exposed. No malware. No exploit. One convincing phone call was enough.

🛰️ | Intelligence officials warned that foreign espionage operations are increasingly targeting sensitive technology and infrastructure-related information through fake companies, intermediaries, and cyber operations. The concern is not only data theft — it is long-term strategic positioning.

🤖 | Threat actors abused ChatGPT’s content-sharing feature to show fake OpenAI outage pages that pushed malware disguised as the ChatGPT desktop application. Instead of building fake infrastructure, attackers used a trusted platform to deliver the attack for them.

The pattern was consistent: attackers are increasingly abusing trusted systems and normal business workflows instead of forcing their way in.

If identity, SaaS access, and remote connectivity are not part of your active security testing strategy, they probably should be: https://www.wizlynxgroup.com/contact

Sources: BleepingComputer, The Register, SecurityWeek, Associated Press, CISA, and Rapid7

29/05/2026

This week, the biggest cyber threats didn't come through a firewall. One walked through a front door.

Three stories from the past week every organization — not just the IT team — should know about.

🚪 | 𝗧𝗵𝗲 𝗜𝗧 𝘁𝗲𝗰𝗵𝗻𝗶𝗰𝗶𝗮𝗻 𝘄𝗮𝘀𝗻’𝘁 𝗜𝗧 — The FBI issued its highest-urgency alert this week about a group targeting U.S. law firms — not through email, not through hacking, but by sending someone in person, posing as IT support. They insert a USB drive, copy what they need, and walk out. No malware. No trace. Over 100 firms have already been hit, with 38 having data published publicly after refusing to pay. If someone you don't recognize claims to be from IT and needs access to your computer — stop, verify, and call your real IT team.

💻 | 𝗬𝗼𝘂𝗿 𝗦𝗵𝗮𝗿𝗲𝗣𝗼𝗶𝗻𝘁 𝗻𝗲𝗲𝗱𝘀 𝗮 𝗽𝗮𝘁𝗰𝗵: 𝗻𝗼𝘄 — Microsoft disclosed a critical flaw in SharePoint this week that allows attackers to take full control of a system without the victim clicking anything. It was already being actively exploited by the time the fix was released. If your organization uses SharePoint on-premise or in a hybrid setup, this is not a "schedule it for next sprint" situation. It needs to happen today.

🤖 | 𝟵𝟮% 𝗼𝗳 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗹𝗲𝗮𝗱𝗲𝗿𝘀 𝗰𝗮𝗻'𝘁 𝗳𝘂𝗹𝗹𝘆 𝗰𝗼𝗻𝘁𝗿𝗼𝗹 𝘁𝗵𝗲𝗶𝗿 𝗔𝗜 𝗮𝗴𝗲𝗻𝘁𝘀 — Darktrace released a major report this week showing that 92% of security professionals are worried about AI agents operating in their environments — and most admit they don't have full visibility into what those agents can access or do. AI tools are being adopted faster than the guardrails to govern them. That's not an IT problem anymore. It's a boardroom one.

The theme this week: threats are moving faster than the assumptions organizations built their defenses on.

If any of this applies to your environment, we're happy to have that conversation: https://www.wizlynxgroup.com/contact

Sources: FBI FLASH Alert, Microsoft Security, Darktrace / Cloud Security Alliance

28/05/2026

A threat actor spent 87 days inside an organisation's environment last year. The security team had full visibility across their tooling. They just had nothing to flag — because the attacker was operating entirely through legitimate accounts, trusted admin tools, and normal working hours.

That's not a detection gap. That's a framing problem.

Most security teams are built to spot what looks wrong. But the more capable attackers today don't look wrong. They look like your IT team running a routine task at 2pm on a Tuesday.

The question worth sitting with isn't "do we have enough alerts?" It's: what would we actually see if someone were living inside our environment right now — and how long before we would notice?

We work through that question with organisations regularly. It's harder than it sounds, and more useful than most tabletop exercises.

If it's a question your team is wrestling with, we are happy to compare notes: https://www.wizlynxgroup.com/contact

26/05/2026

🏆 First place at Pwnterrey CTF. One of our own.

Last weekend, a wizlynx group offensive security specialist won 1st place at the Pwnterrey CTF competition in Monterrey, Mexico.

This isn't just a competition result. It's the same mindset our teams bring to client engagements every day: sharp instincts, technical depth, and the ability to think like an attacker when it matters most.

Huge congratulations to 👏 — you made the whole team proud!

We're also proud to sponsor Pwnterrey 2026 and support the growth of offensive security talent across the region.

26/05/2026

Recognition matter most when it reflect meaningful work. | 🇭🇰

wizlynx group is honored to receive the 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗣𝗿𝗼𝗷𝗲𝗰𝘁 𝗼𝗳 𝘁𝗵𝗲 𝗬𝗲𝗮𝗿 award at the Fest Hong Kong Awards 2026 for our Red Teaming Assessment.

This recognition reflects the dedication of our Asia team, the trust of our clients, and the importance of validating security through realistic adversary simulation.

A huge thank you to the organizers, partners, clients, and everyone involved in this milestone.

恭喜香港團隊

25/05/2026

This weekend, attackers didn't break through defenses. They borrowed them.

Here's what happened across four incidents — and why the pattern matters more than any single CVE.

🔐 | 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗮𝘀 𝗣𝗮𝘆𝗹𝗼𝗮𝗱
A zero-day in Trend Micro Apex One let attackers with admin access push malicious code through the security platform's own deployment system. The tool became the threat. Trust concentration in centralized security infrastructure is itself a risk.

🌐 | 𝗕𝗼𝗿𝗿𝗼𝘄𝗲𝗱 𝗥𝗲𝗽𝘂𝘁𝗮𝘁𝗶𝗼𝗻
The "Underminer" vulnerability lets attackers blend command-and-control traffic into legitimate cloud infrastructure and trusted domains. If your defenses rely on reputation-based filtering, that trust is now an attack surface.

🔦 | 𝗧𝘂𝗿𝗻 𝗢𝗳𝗳 𝘁𝗵𝗲 𝗟𝗶𝗴𝗵𝘁𝘀
Microsoft patched two actively exploited Defender zero-days — one granting SYSTEM-level access, one capable of shutting down anti-malware entirely. The goal isn't immediate data theft. It's switching off visibility before moving deeper. When your sensor goes dark, they're already further in than you think.

🎣 | 𝗧𝗵𝗲 𝗪𝗲𝗯𝘀𝗶𝘁𝗲 𝗪𝗮𝘀 𝘁𝗵𝗲 𝗣𝗵𝗶𝘀𝗵
Attackers exploited a Ghost CMS flaw to compromise real websites, steal admin keys, and trick visitors into running malware themselves. The site looked trustworthy — because it was, until it wasn't.

The weekend pattern: trusted systems turned inward, before anyone is back at their desk Monday morning.

If this raises questions about your own security posture, we're happy to talk. Get in touch with our cybersecurity team: https://www.wizlynxgroup.com/contact

Sources: SecurityWeek, CSO, BleepingComputer

22/05/2026

What Looks "Trusted" is Becoming the Attack Surface | May 18-22

This week’s biggest cyber incidents were not just about malware or outages. They exposed how attackers increasingly move through legitimate systems, suppliers, and infrastructure already trusted by organizations.

📡 | Ghosts in the Backbone — Attackers quietly maintained long-term access across Singapore’s telecom sector using advanced tooling and a firewall zero-day to bypass perimeter controls and collect network intelligence without triggering disruption.
(Source: TechCrunch)

🏭 | One breach. Everyone’s problem.— The Foxconn ransomware attack reportedly exposed data connected to Apple, Intel, Nvidia, Samsung, Google, and others. One manufacturer was compromised — but the operational and reputational exposure expanded far beyond a single company.
(Source: BleepingComputer, AppleInsider)

🔥 | The Patch Came Late — The Interlock ransomware gang reportedly exploited a Cisco firewall management vulnerability weeks before public disclosure. No patch. No advisory. No visibility window for defenders.
(Source: The Record)

The pattern is becoming harder to ignore:
Attackers are targeting trust relationships, operational dependencies, and the gaps between assumed security and real-world resilience.

That is why validation matters: https://www.wizlynxgroup.com/contact

21/05/2026

¡La superficie es solo el inicio!

wizlynx group se enorgullece de participar como sponsor de Pwnterrey CTF 2026 — un espacio donde la seguridad ofensiva, el pensamiento estratégico y la resolución de problemas bajo presión se ponen a prueba.

Durante 24 horas continuas, los participantes llevarán al límite su:
• lógica 🧠
• adaptabilidad ⚙️
• creatividad técnica 🐤
• y mentalidad ofensiva 🎯

Nos vemos en Monterrey en apoyo a la próxima generación de talento en ciberseguridad ofensiva.

🎟️ Reserva tu espacio: https://bit.ly/3PrMqbz

19/05/2026

Your IT team removed the threat. But is the attacker actually gone?

Most business owners assume that once an incident is "handled," it's over.

It's not.

Modern attackers plant hidden access points that survive password resets, device wipes, and standard cleanup. They don't leave — they wait. And when the moment is right, they come back.

This is why so many businesses face a second breach shortly after the first.

Containing an attack and confirming the attacker is gone are two very different things. Most standard responses only do the first one.

When was the last time someone tested whether your business could prove an attacker was fully removed — not just contained?

18/05/2026

𝗪𝗲𝗲𝗸𝗲𝗻𝗱 𝗖𝘆𝗯𝗲𝗿 𝗔𝗹𝗲𝗿𝘁 | May 17, 2026

While most people were enjoying their weekend, cybercriminals were not.

Two major cyberattacks made headlines — and both targeted systems that companies use to run their entire networks. Here is what happened, and why it matters even if you are not in tech.

🚪 | No password needed — Attackers found a flaw in Cisco's SD-WAN — software that acts as the traffic control tower for a company's network. No login required. They got in, took control, and wiped the evidence before anyone noticed. The US government ordered all federal agencies to patch it immediately. Deadline: today.
(Source: Dark Reading)

🔄 | Caught, and came back anyway — A state-backed group called Salt Typhoon hacked an oil and gas company in Azerbaijan. When security teams removed them, they returned through the same door — twice. Azerbaijan is a key energy supplier to Europe, making it a high-value target right now.
(Source: Bitdefender)

Cyberattacks do not take weekends off. The question is whether your defenses do.

If you want to know whether your organization is protected: https://www.wizlynxgroup.com/contact

Adresse

Hauptstrasse 11
Binningen
4102

Telefon

+41618239050

Webseite

http://www.wizlynxgroup.com/ch/en

Benachrichtigungen

Lassen Sie sich von uns eine E-Mail senden und seien Sie der erste der Neuigkeiten und Aktionen von wizlynx group erfährt. Ihre E-Mail-Adresse wird nicht für andere Zwecke verwendet und Sie können sich jederzeit abmelden.