
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …

Why a layered defense is your best protection against malware
As long as there is software there will be vulnerabilities and those vulnerabilities will be exploited. It’s a bold statement, and oddly enough technically incorrect. In …

Solutions for the hijacked websites problem
According to a group of researchers from Google and University of California Berkeley, roughly 16,500 new sites get hijacked each week and start serving drive-by-malware or …

Spring network cleaning: Quick tips to reduce risk
Spring is here, which means many people will be cleaning their workspace and getting rid of the clutter on their desks. If you’re in charge of your organization’s security, we …

3 steps to embracing NIST 800 security controls
One proven path to improving any organization’s security posture is to embrace the National Institute of Standards and Technology’s risk management framework set forth in its …

Software tools and services used to achieve ISO 27001
With high profile breaches becoming almost a daily occurrence in the media, many organizations are now turning to the ISO 27001 information security standard to help them stay …

Why ICS network attacks pose unique security challenges
Attacks on industrial control systems (ICSs) are increasing in frequency – and have become a reality we can no longer ignore. Securing these networks poses unique …

GoPhish: Free phishing toolkit for training your employees
Too many system and network breaches today start with a well-designed, persuasive phishing email, and organizations and businesses would do well to continually train their …

Identify the ransomware you’ve been hit with
Michael Gillespie, a coder that has created a password generator for unlocking the files stashed in a password-protected archive by the CryptoHost ransomware, has also created …

How to prepare for your first infosec job hunt
You’re new to the information security industry and you’re wondering what to expect during an interview. A quick online search will bring up horror stories …

Petya ransomware encryption has been cracked
Petya ransomware hit companies hard, but the good news is that there are now tools available to get the encrypted files and locked computers back. The ransomware not only …

Developing the perfect exfiltration technique
At SafeBreach, one of our major research areas is exfiltration (sending sensitive data out of the corporate network). In one of our research projects in late 2015, we set out …
Featured news
Resources
Don't miss
- Hottest cybersecurity open-source tools of the month: August 2025
- What CISOs can learn from Doppel’s new AI-driven social engineering simulation
- Social media apps that aggressively harvest user data
- NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
- Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)