penetration testing
Why you need a tailored application security program
For companies that provide applications to their customers, keeping those applications secure is a must. Setting up an application security program is the next logical step, …
SAMRi10: Windows 10 hardening tool for thwarting network recon
Microsoft researchers Itai Grady and Tal Be’ery have released another tool to help admins harden their environment against reconnaissance attacks: SAMRi10 (pronounced …
Hackers changing tactics, techniques and procedures
Organizations need to conduct better penetration testing to combat continual changes in hackers’ tactics, techniques and procedures (TTPs), according to NTT Security. “Our Q3 …
Net Cease: Microsoft researchers unveil anti-reconnaissance tool
Microsoft researchers Itai Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from …
Components of an effective vulnerability management process
Vulnerabilities continue to grab headlines. Whether it is a zero-day that affects “tens of millions” servers around the globe or an old unpatched flaw that leads to a data …
Nmap 7.30: New NSE scripts, Npcap, fingerprints
Nmap 7.30 is the first stable release since 7.12 back in March. Apart from bug fixes, it comes with new features, including more NSE scripts, an improved version of Npcap …
Hack a Nexus from afar, get $200,000
Google has issued a challenge to bug hunters around the world: find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only …
It pays to be a penetration tester, the market is booming!
The penetration testing market is estimated to grow from $594.7 million in 2016 to $1,724.3 million by 2021, at a Compound Annual Growth Rate (CAGR) of 23.7%, according to …
Sn1per: Automated pentest recon scanner
Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. “I originally created Sn1per because I didn’t want …
Dagah: Penetration testing for enterprise mobility programs
Shevirah Inc. will unveil at Black Hat USA 2016 the free version of dagah – a product that empowers security test teams to assess the security posture of their mobility …
Photo gallery: Black Hat USA 2016 Arsenal
Black Hat USA 2016 is underway at Las Vegas, and here are a few photos from the Arsenal, where the open source community demonstrates tools they develop and use in their daily …
Security awareness training or no, users will keep clicking on dodgy links
There is no way to make humans never click on potentially dangerous links they receive, as the right combination of curiosity, context, and emotions will always beat security …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems