Qual é o horário de funcionamento?

Segunda-feira 09:00 - 18:00 Terça-feira 09:00 - 18:00 Quarta-feira 09:00 - 18:00 Quinta-feira 09:00 - 18:00 Sexta-feira 09:00 - 18:00

CyberX - The Ethical Hacking Services, Rua do tronco 375, São Mamede de Infesta e Senhora da Hora, Porto (2026)

05/06/2026

A cloud environment reviewed today may look very different a few months from now. ➡️

That gap often reveals resources, permissions, and services that were never meant to remain exposed.

During cloud security assessments, it is common to identify:
➡️ Publicly accessible storage
➡️ Overprivileged IAM roles
➡️ Legacy resources that remain active
➡️ Unrestricted communication between services

These findings are often connected to infrastructure growth, migrations, new integrations, and operational changes that accumulate over time.

As environments expand, some assets fall outside regular validation processes while continuing to interact with production systems, sensitive data, and external services.

The result is an attack surface that no longer matches internal expectations of the environment.

Cloud security requires visibility into what is currently reachable, how resources interact, and which access paths remain available across the infrastructure.

\

04/06/2026

CyberX has been selected to participate in the Startup Village at C-DAYS 2026, one of Portugal's most important cybersecurity events.

Organized by the Portuguese National Cybersecurity Centre (CNCS), C-DAYS brings together cybersecurity leaders, public institutions, technology companies, investors, researchers, and innovators from across the national and international ecosystem.

The Startup Village highlights Portuguese startups developing solutions that contribute to the future of cybersecurity.

Throughout the event, CyberX will showcase its offensive security services and The O, our AI-powered threat intelligence platform designed to support the identification of emerging threats and high-risk events.

The initiative also creates opportunities to connect directly with decision-makers, investors, industry leaders, and organizations shaping the future of cybersecurity.

We're proud to be part of a community focused on strengthening cyber resilience, innovation, and security capabilities across Portugal and beyond.

📍 Alfândega Congress Centre — Porto, Portugal 🇵🇹
📅 June 16–18, 2026

🤝 Visit CyberX at the Startup Village
More information: c-days.cncs.gov.pt

03/06/2026

Charter Communications confirmed a data breach reportedly connected to a vishing attack targeting an employee with access to internal systems. ⚠️

According to reports, attackers obtained authenticated access connected to customer management environments, exposing information tied to approximately 40 million individuals.

The incident reflects a recurring pattern in modern intrusions.

Social engineering continues to provide direct paths into environments where internal platforms centralize customer operations, support workflows, and sensitive records.

Once access is established through legitimate accounts, activity becomes significantly harder to distinguish from normal operational behavior.

This type of exposure also increases the likelihood of additional risks developing after initial compromise, including lateral movement across connected services and access expansion through inherited permissions.

Incidents involving valid internal access continue to demonstrate how identity exposure can rapidly evolve into large-scale operational impact.

see more: https://www.safestate.com/post/charter-communications-data-breach-exposes-42-million-records

02/06/2026

Modern environments rely heavily on integrations between platforms, services, and external tools.

Over time, these connections accumulate permissions, tokens, and access scopes that are rarely reviewed consistently.

During assessments, common findings include:
➡️ Integrations with unnecessary administrative access
➡️ Inactive third-party services still connected
➡️ Shared authentication between environments
➡️ External tools with visibility into sensitive data

These integrations become part of the operational structure of the company.

Which means they also become part of the attack surface.

Evaluating third-party exposure requires understanding not only what is connected, but how far that access can reach internally.

02/06/2026

Artificial intelligence is transforming industries at an unprecedented pace.

At the same time, it is creating new opportunities for manipulation, influence operations, automated attacks, and emerging security threats.

CyberX Founder & CEO, David Silva, has been invited to speak at We Make Future 2026, one of Europe's leading events focused on technology, innovation, AI, and digital transformation.

During the session, "When Machines Manipulate: The Weaponization of AI", David will explore how artificial intelligence is being leveraged in offensive scenarios and the challenges organizations face as AI capabilities become increasingly accessible.

The discussion will cover evolving threat landscapes, emerging attack vectors, and the growing importance of proactive security validation in environments shaped by AI.

We look forward to contributing to this global conversation alongside innovators, researchers, and industry leaders from around the world.

🎤 David Silva, Founder & CEO of CyberX
📅 June 26, 2026
🕒 16:10 - 16:40
📍 We Make Future 2026 - Bologna, Italy 🇮🇹

See more: https://en.wemakefuture.it

01/06/2026

Artificial intelligence is transforming industries at an unprecedented pace.

At the same time, it is creating new opportunities for manipulation, influence operations, automated attacks, and emerging security threats.

CyberX Founder & CEO, David Silva, has been invited to speak at We Make Future 2026, one of Europe's leading events focused on technology, innovation, AI, and digital transformation.

During the session, "When Machines Manipulate: The Weaponization of AI", David will explore how artificial intelligence is being leveraged in offensive scenarios and the challenges organizations face as AI capabilities become increasingly accessible.

The discussion will cover evolving threat landscapes, emerging attack vectors, and the growing importance of proactive security validation in environments shaped by AI.

We look forward to contributing to this global conversation alongside innovators, researchers, and industry leaders from around the world.

🎤 David Silva, Founder & CEO of CyberX
📅 June 26, 2026
🕒 16:10 - 16:40
📍 We Make Future 2026 - Bologna, Italy 🇮🇹

See more: https://en.wemakefuture.it

29/05/2026

Credential exposure still plays a central role in many intrusions. ➡️

The access itself may come from phishing, password reuse, token leakage, or improperly stored credentials.

What determines the impact is how that access is protected afterward.

During assessments, it is common to identify:
➡️ Accounts without MFA
➡️ Long-lived sessions
➡️ Shared administrative access
➡️Credentials stored in scripts or internal systems

Once valid access exists, many defensive layers are bypassed automatically.

This shifts the focus from intrusion to expansion.
And in many environments, expansion requires far less effort than expected.

28/05/2026

APIs have become one of the most frequent attack surfaces in modern environments.➡️

In many cases, the issue is not visibility.
It is trust.

Common findings during assessments include:

➡️ Endpoints exposing unnecessary data
➡️ Weak authentication validation
➡️ Improper access control between users
➡️ Tokens with excessive permissions

Because APIs directly connect systems, users, and services, small validation failures can quickly scale into broader exposure.

Testing APIs requires more than checking responses.

It requires understanding how data, permissions, and logic behave across the entire flow.

27/05/2026

An attack surface is not limited to what is intentionally public.

It often includes:

➡️ Outdated endpoints that were never decommissioned
➡️ APIs exposed during development
Third-party services with inherited permissions
➡️ Misconfigured cloud resources
➡️ Authentication flows that reveal more than expected

These elements are not always visible in standard inventories.
But they remain accessible.

Mapping an attack surface requires looking at the environment the way it is reachable,
not the way it was designed.
And that difference is where most entry points are found.

26/05/2026

A major incident has affected close to 197,000 customers of Zara, where personal information stored in third‑party hosted databases was accessed by unauthorized actors. ⚠️

The data set included email addresses, geographic locations, purchase information, and customer support interactions, enough context to inform highly tailored social engineering or phishing attacks, even though credentials and payment data were reportedly not included in the compromised records.

Investigations tie the breach to the exploitation of access credentials from an analytics provider used by multiple companies, showing how vendor integrations can extend risk far beyond the primary organization.

This incident highlights a growing pattern in breach activity: attackers target trusted third‑party services to pivot into broader ecosystems, often without needing traditional exploits.

Staying ahead of this threat landscape requires continuous validation of external connections and a clear understanding of how integrated services impact overall exposure.

CyberX - The Ethical Hacking Services

05/06/2026

04/06/2026

03/06/2026

02/06/2026

02/06/2026

01/06/2026

29/05/2026

28/05/2026

27/05/2026

26/05/2026

Endereço

Horário de Funcionamento

Website

Notificações

Atalhos

Compartilhar

Categoria

Segunda-feira	09:00 - 18:00
Terça-feira	09:00 - 18:00
Quarta-feira	09:00 - 18:00
Quinta-feira	09:00 - 18:00
Sexta-feira	09:00 - 18:00