Our Blog

White Papers, Research, Tools and more

Looking Forward: Leap Security’s 2019 Cybersecurity Predictions

It’s time to kick off the new year with our Threat Predictions for 2019. Although we like to think we are Jedi, our predictions are based off last year’s trends and our team’s research — not the force. Here are five high impact threats and predictions to prepare for in the new year. Zero Days…

Read more

Leap Security CTF 2018 Results

Wow, what an event! We are truly blown away by the community’s enthusiasm, participation, and excitement surrounding the event! Thank you to all those who participated!! The IRC channel was tense up to the last moment and it was fun seeing several participants excel during the CTF and be challenged with our crypto challenge. The…

Read more

Leap Security CTF 2018

Welcome to the inaugural Leap Security CTF competition. The CTF is a global competition created with the goal of giving back to the community. To make this all happen, we’ve teamed up with the guys at 0x00sec! The CTF will have no limitations on participants, it is open to anyone — think of it as…

Read more

libssh Authentication Bypass CVE-2018-10933

A vulnerability present in libssh versions 0.6 and later has taken the internet by storm. The vulnerability allows attackers to bypass authentication and gain remote code execution on the affected system. The libssh team has already released a patch to this vulnerability (link below). Upgrading to 0.7.6 or 0.8.4 eliminates the vulnerability. Link: libssh patchLink:…

Read more

Bsides Miami Presentation

Powerpoint: Slides BSides Miami 2018 Slides We had a great time bonding with our South Florida community at the inaugural BSides Miami this year. Our presentation educated the audience on current industry trends, the creation of targeted social engineering scenarios, demos of tools and real world examples. Luckily for us, the demo gods were nice…

Read more

LinkedIn Enumeration with InSpy 3.0

InSpy: https://github.com/leapsecurity/InSpy Welcome to InSpy 3.0 With InSpy 3.0 we decided to go back to the drawing boards and focus on what InSpy does best, gather employee information. We improved its core functionality and automated it as much as possible to the point that consultants no longer need to research an organization’s domain or email…

Read more

Let's talk about your
security needs

Send us an email and we’ll get the process started to protect your company

contact us