Empire is an open source post-exploitation framework that acts as a capable backdoor on infected systems. It provides a management platform for infected machines. Empire can deploy PowerShell and Python agents to infect both Windows and Linux systems.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Some very exciting news, well I say exciting, its more like we’ve made a step forward in regards to IoT security at long last. Hopefully more will come on board and in time others will see the benefit.
Developers the world over depend on the Apache Struts open source framework to build valuable and powerful applications. This open source component and the Apache Software Foundation that stands behind it have provided organizations with a cost-effective force multiplier that allows their teams to develop faster and more efficiently. A very active project, GitHub shows Apache Struts as having 5,441 commits and 112 releases.
Tripwire for DevOps continues to add new features and capabilities. The newest of these is the ability to perform vulnerability scans against Amazon Machine Images (AMIs) in the same Tripwire for DevOps workflow used for your Docker containers. This blog will discuss the creation of AMIs and how to audit them for vulnerabilities within Tripwire for DevOps.
Today the UK government released a new Code of Practice (CoP) intended to drive security-by-design in the manufacture of IoT products. The new CoP is designed to improve baseline security in the sector and ensure small devices that process personal data are aligned with the GDPR. Regulations for improving the security of consumer-grade IoT products are also in the works.
Let’s get one thing out there from the get-go. Being a Bulletproof consultant is awesome. I haven’t been coerced to say that. I mean, let’s start with that brand name. How cool is it to say I work for Bulletproof? I have several T-shirts with the logo emblazoned across the chest. Sometimes, I even wear them on a non-work day.
An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan to protect their containers in production systems by focusing on runtime security, platform security and orchestration manager security.
The latest research from Blueliv has found that the number of compromised credentials detected in North American botnets grew 141% from the last quarter. The spike between the March to May and June to August quarters came alongside declines in other regions analyzed. Russia and Europe saw a 22% decrease and Asia saw a 36% decrease.
