May 2022

The role of attack surface management to bolster data breach protection

May 31, 2022 By Detectify In Detectify

The attack surface is an organization’s digital exposure that an attacker could exploit to get unauthorized access to a system and extract data or other sensitive information. It could also be used as a point within a chain of attacks. As Organizations increasingly rely on SaaS services and products, the digital attack surface is more than the firewall and network.

Read Post

Detectify

Read more about The role of attack surface management to bolster data breach protection

"White Hat" Hackers Will No Longer Face Prosecution, DoJ Says

May 26, 2022 By Application Security Weekly In ImmuniWeb

Read also: GM hit by a cyberattack, the Conti ransomware gang shuts down operation, and more cybersecurity news of the week.

Read Post

ImmuniWeb

Read more about "White Hat" Hackers Will No Longer Face Prosecution, DoJ Says

Webinar: "I get paid to hack your company and these are the controls I hate most!"

May 25, 2022 By The Redscan Team In Redscan

Drawing on over three decades’ experience in penetration testing for global organisations of all sizes, this webinar outlines some of the most common attack methods in use today and shares effective approaches for tackling them. The session on will detail the most effective security controls to prevent and mitigate common types of cyber-attacks.

Read Post

Redscan

Read more about Webinar: "I get paid to hack your company and these are the controls I hate most!"

A Problem Like API Security: How Attackers Hack Authentication

May 25, 2022 By Tripwire Guest Authors In Tripwire

There is a sight gag that has been used in a number of movies and TV comedies that involves an apartment building lobby. It shows how people who don’t live there, but who want to get in anyway, such as Girl Guides looking to sell cookies to the tenants – simply run their fingers down every call button on the tenant directory, like a pianist performing a glissando, knowing that at least one of the dozens of apartments being buzzed will let them in simply out of reflex or laziness.

Read Post

Tripwire

Read more about A Problem Like API Security: How Attackers Hack Authentication

Hack a vulnerable OWASP Node.js app

May 25, 2022 By Snyk In Snyk

Node.js is popular and makes a great platform for developing web applications. The OWASP NodeGoat project provides an environment to experiment and learn how some of the OWASP Top 10 security risks apply to web applications developed using Node.js, and also how to fix the mitigate these concerns.

View Video

Snyk

Read more about Hack a vulnerable OWASP Node.js app

Understanding pentesting vs an automated hacker-powered tool

May 18, 2022 By Detectify In Detectify

Penetration testing is a vulnerability detection mechanism that uses multistep and multivector attack scenarios to find vulnerabilities and attempts to exploit them. While some companies might be continuously pentesting, others don’t at all, this is often due to lacking security culture, budget limitations, or both.

View Video

Detectify

Read more about Understanding pentesting vs an automated hacker-powered tool

Is the perimeter dead?

May 18, 2022 By Detectify In Detectify

This question still triggers some interesting discussions among security professionals. Does the perimeter still exist, or has it become impossible to outline due to the immense asset list and expansion of an organization’s attack surface? Included by Gartner in 2021 as a major cybersecurity category and an emerging product, the External Attack Surface Management (EASM) term might be new. Still, the idea behind it is nothing new: identifying risks coming from internet-facing assets that an organization may be unaware of.

View Video

Detectify

Read more about Is the perimeter dead?

What are organizations doing wrong when it comes to security?

May 18, 2022 By Detectify In Detectify

What are organizations doing wrong when it comes to security? While today’s code-quality security is good, the sharing between each domain or principle is lacking, such as using infrastructure as code. Some people have become lazy, using other people’s templates and sometimes without knowing the security details. There is no technical depth (the rule now is; if it works, it works). Security metrics are valued by the exploitation that happens. We learn by being hacked, and that is not how it should work.

View Video

Detectify

Read more about What are organizations doing wrong when it comes to security?

Your social media account hasn't been hacked, it's been cloned!

May 17, 2022 By Tyler Reguly In Tripwire

A recent Facebook post from a family member made me realize that I needed to write about an overused term. A term, that when used, causes chaos and concern. I don’t blame the family member for using it, I’ve seen it used hundreds of times over the past few years and I’ve seen IT and cybersecurity professionals respond without correcting, even, on occasion, offering bad advice.

Read Post

Tripwire

Read more about Your social media account hasn't been hacked, it's been cloned!

Can SIM Cards Get Hacked?

May 10, 2022 By Kyle Chin In UpGuard

‍Yes, even basic technology like SIM cards poses the risk of getting hacked. Today, cell phones have almost become tiny supercomputers, so users must learn how to secure their mobile phones. From social engineering scams to SIM hijacking, sensitive data can easily become compromised without adequate cybersecurity awareness. Learn more about why SIM card hacking is on the rise and how you can prevent it from happening.

Read Post

UpGuard

Read more about Can SIM Cards Get Hacked?

Measures that actually Do reduce your hacking risks

May 10, 2022 By AlgoSec In AlgoSec

Robert Bigman, former CISO of the CIA offers tried and proven hacking risk measures that are "must haves" in any organization's cybersecurity toolkit.

View Video

AlgoSec

Read more about Measures that actually Do reduce your hacking risks

25+ Vulnerable websites to practice your ethical hacking skills

May 5, 2022 By Editor In Cyphere

In recent times as the field of information is on the rise a new term ‘Ethical Hacking’ has emerged and opened many different avenues for IT and cyber security professionals. Now more and more people are getting familiar with the field of information security and are getting interested in learning about hacking skills.

Read Post

Cyphere

Read more about 25+ Vulnerable websites to practice your ethical hacking skills

Blue Dawn Webinar

May 3, 2022 By Cyberint In Cyberint

The Russia-Ukraine conflict has introduced us to a new era in which anyone can pick up a keyboard and join a cause they see fit. Groups like BlueHornet emerged as a result and caused havoc to anyone they saw as responsible. This reality raises many questions - will wars rise and fall in the decision of hacktivists instead of governments? Are we as a society legitimized this phenomenon, and where do we draw the line?

View Video

Cyberint

Read more about Blue Dawn Webinar

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2022

The role of attack surface management to bolster data breach protection

"White Hat" Hackers Will No Longer Face Prosecution, DoJ Says

Webinar: "I get paid to hack your company and these are the controls I hate most!"

A Problem Like API Security: How Attackers Hack Authentication

Hack a vulnerable OWASP Node.js app

Understanding pentesting vs an automated hacker-powered tool

Is the perimeter dead?

What are organizations doing wrong when it comes to security?

Your social media account hasn't been hacked, it's been cloned!

Can SIM Cards Get Hacked?

Measures that actually Do reduce your hacking risks

25+ Vulnerable websites to practice your ethical hacking skills

Blue Dawn Webinar

Monthly Archive

Follow Us