Black Hat
ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware
Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the …
Kubestriker: A security auditing tool for Kubernetes clusters
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …
SniperPhish: An all-in-one open-source phishing toolkit
SniperPhish is an all-in-one open-source phishing toolkit that pentesters and other security professionals can use for setting up and executing email and web-based spear …
Cloud Sniper: Manage and automate cloud security operations
Cloud Sniper is an open-source platform for managing cloud security operations that aims to make it easy for cloud teams to deal with security incidents. “One of our …
Microsoft sets up isolated environment for bug hunters to test attacks against Azure
Microsoft has some very good news for bug hunters: not only has the company doubled the top bounty reward for vulnerabilities discovered in its Azure cloud computing service, …
Should government officials complete basic cyber security training?
Venafi announced the results of a survey of 515 IT security professionals’ views on the cyber security literacy of government officials. The survey was conducted August 4-9, …
What’s keeping Europe’s top infosec pros awake at night?
As the world adapts to GDPR and puts more attention on personal privacy and security, Europe’s top information security professionals still have doubts about the industry’s …
Are privacy and personal identity impossible to protect?
While consumers and businesses expand their use of social media and electronic services to record levels, many of America’s most knowledgeable security professionals don’t …
Love letters from a Black Hat to all the fools on the Internet
As an underground, “black hat” hacker, I don’t have time for significant others. I’m too busy earning stacks of cash to improve my Bitcoin mining rigs …
EFF offers legal advice to researchers at Black Hat, B-Sides and DEF CON
Not all security researchers have someone to talk to and ask specific advice about the legal challenges that they could be faced while doing their work. If you are one of …
Which countermeasures improve security and which are a waste of money?
If you want to know about which cyber defenses are most effective and which are a waste of money and resources, ask a hacker. And that’s just what Nuix researchers did. …
Kali Linux certification, first official Kali book on the horizon
The Kali Linux distribution celebrates its 10th anniversary this year. The hugely popular open source project, maintained by Offensive Security, announced today that its new …