News
20 February 2024
Penetration test quality vs. recruitment quality?
What does it mean that in Citadelo a hacker is hiring a hacker? Interview with our HR Manager Dita. Find more about hacker recruitment at Citadelo and how it affects the quality of the team and therefore the quality of the pentests.
12 February 2024
CI/CD Misconfigurations That Could Break Your Production
What happens when your CI/CD pipeline skips one too many security checks? In our latest assessment, we chained multiple vulnerabilities—from GitHub misconfigurations to OpenShift exposure—and landed a webshell in production.
29 January 2024
CVE Hat-trick: 3 Major Vulnerabilities Found by Our Hacker
At Citadelo, discovering CVEs isn’t just a badge of honor — it’s how we keep systems safe. Here’s the story behind a triple find: one hacker, three vulnerabilities, and critical insights for anyone serious about cybersecurity.
16 October 2023
The Beginnings of Citadelo: The First Bank and a Hacked Dam
Before we were a trusted cybersecurity partner with clients across Europe, we were just a couple of hackers in a borrowed meeting room with no coffee machine and a Windows phone. This is the story of how Citadelo got started—from our first hacked bank to a hacked dam and beyond.
5 September 2023
NIS2 Explained: The New Cybersecurity Rules in the EU
NIS2 isn’t just an update—it’s a major step forward in EU-wide cybersecurity regulation. Whether you’re an essential entity or flying just under the radar, this directive likely affects you. Here’s what to expect—and how to prepare.
1 August 2023
Azure Functions Privilege Escalation
Azure Functions Privilege Escalation Vulnerability - A Wake-Up Call for Security Professionals