latestnews

New DHS railroad and aviation security directive aims to strengthen cybersecurity fabric

The Transportation Security Administration (TSA) division within the U.S. Department of Homeland Security (DHS) is set to impose a new ‘security directive’ for railroad and aviation industries in an effort to strengthen cybersecurity strategies. Homeland Security Secretary Alejandro Mayorkas confirmed in a speech earlier this month that the cybersecurity regulations slated to be released by …

New DHS railroad and aviation security directive aims to strengthen cybersecurity fabric Read More »

Week in review: Strengthening firmware security, Help Net Security: XDR Report released

Here’s an overview of some of last week’s most interesting news, articles and interviews: Help Net Security: XDR Report has been released The topic of this inaugural report is extended detection and response (XDR), an emerging technology that has been receiving a lot of buzz in the last few years. Apache OpenOffice users should upgrade …

Week in review: Strengthening firmware security, Help Net Security: XDR Report released Read More »

Los Angeles Police Declare Ghost Guns an 'Epidemic,' Citing 400% Increase in Seizures

The Los Angeles Times reports that homemade (usually 3D-printed) “ghost guns” have contributed to more than 100 violent crimes this year, according to a report released Friday by the Los Angeles Police Department (LAPD).” Detectives have linked the untraceable weapons to 24 killings, eight attempted homicides and dozens of assaults and armed robberies since January, …

Los Angeles Police Declare Ghost Guns an 'Epidemic,' Citing 400% Increase in Seizures Read More »

Sophos present at GITEX with its latest cybersecurity innovations

Sophos today announced its participation at GITEX starting today, where it will be showcasing its newest cybersecurity innovations, including Sophos XDR, the industry’s only extended detection and response (XDR) solution that synchronizes native endpoint, server, firewall, and email security, along with Sophos Firewall, and the Sophos Adaptive Cybersecurity Ecosystem (ACE). “We are happy to be …

Sophos present at GITEX with its latest cybersecurity innovations Read More »

Accenture confirms Data breach after LockBit Ransomware attack

The LockBit ransomware gang claimed to have stolen 6TB of data and demanded a $50 million ransom.The company has not yet publicly acknowledged the data breach outside SEC filings. Accenture confirmed a data breach after the LockBit ransomware attack that hit the company in August 2021. The news about the attack was included in the …

Accenture confirms Data breach after LockBit Ransomware attack Read More »

Security Threat Analyst Accuses Microsoft of Hosting Malware on Office365's OneDrive

Slashdot reader juul_advocate quotes ITWire: A British tech researcher, who quit working as a security threat analyst with Microsoft a few months back, has called on his former employer to act speedily to remove links to ransomware on its Office365 platform. In a tweet sent on Friday, Beaumont said: “Microsoft cannot advertise themselves as the …

Security Threat Analyst Accuses Microsoft of Hosting Malware on Office365's OneDrive Read More »

AmiViz to present BlackBerry Cyber Suite solutions at GITEX

At this year, BlackBerry has partnered with AmiViz, the Middle East region’s first enterprise B2B marketplace for the weeklong show, GITEX to present BlackBerry Cyber Suite solutions powered by advanced AI, ML, and automation technologies that can enable regional organisations to adopt a prevention-first security posture. The suite includes BlackBerry Protect, an EPP that prevents …

AmiViz to present BlackBerry Cyber Suite solutions at GITEX Read More »

CSRF for Begginers

CSRF(Cross-site request forgery) is a web application technique where an attacker induces the user to click on a malicious link that performs adverse actions such as password change , email change, transfer of money, or even account takeover without the victims intent Types of CSRF:- CSRF with GET Request:- During GET request, we have to send a request …

CSRF for Begginers Read More »

TD SYNNEX expands cloud and cybersecurity offerings with Elisity’s zero trust platform

Elisity and TD SYNNEX announced that TD SYNNEX will add Elisity’s Zero Trust Access platform to its cybersecurity portfolio. The TD SYNNEX Next Up Program will enable Elisity to leverage the company’s proven, scalable resources to extend its existing partner base. The agreement enhances TD SYNNEX’s expansive cloud and cybersecurity offerings to deliver the best …

TD SYNNEX expands cloud and cybersecurity offerings with Elisity’s zero trust platform Read More »

Elastic acquires Optimyze to deliver visibility into cloud native environments

Elastic announced it has entered into a definitive agreement to acquire Optimyze to accelerate the company’s vision for unified, actionable observability and enhance the ability for customers to detect and find root cause faster in complex distributed environments. With deep expertise in large-scale distributed systems, Optimyze provides a simpler way to get insights into the …

Elastic acquires Optimyze to deliver visibility into cloud native environments Read More »

Trickbot spreads malware through new distribution channels

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and …

Trickbot spreads malware through new distribution channels Read More »

Ransomware Summit Eyes Tighter Global Scrutiny for Crypto

Officials from 32 countries “recognize that ransomware is an escalating global security threat with serious economic and security consequences,” according to a statement issued Thursday: From malign operations against local health providers that endanger patient care, to those directed at businesses that limit their ability to provide fuel, groceries, or other goods to the public, …

Ransomware Summit Eyes Tighter Global Scrutiny for Crypto Read More »

All-Remote GitLab Valued at $15B in NASDAQ's First-Ever Livestreamed IPO Day

“Long before the pandemic, software business GitLab operated fully remotely, building its developer tools without any physical office…” remembers Forbes. “The company went public on Thursday on Nasdaq under the ticker ‘GTLB.’ Priced at $77, shares of GitLab closed their first day of trading at $103.89, up 35%, giving GitLab a market cap of nearly …

All-Remote GitLab Valued at $15B in NASDAQ's First-Ever Livestreamed IPO Day Read More »

OpenBSD 7.0 Released

Long-time Slashdot reader ArchieBunker writes: Everyone’s favorite security focused operating system OpenBSD released version 7.0 Thursday. In addition to the usual bug fixes and performance enhancements, support for RISC-V processors has been added. It’s 26 years old, and still chugging along. One interesting feature highlighted by Phoronix: Improving the ARM64 platform support with improved drivers …

OpenBSD 7.0 Released Read More »

Domain-Protect – Protect Against Subdomain Takeover

Protect Against Subdomain Takeover scans Amazon Route53 across an AWS Organization for domain records vulnerable to takeovervulnerable domains in Google Cloud DNS can be detected by Domain Protect for GCPdeploy to security audit account scan your entire AWS Organization receive alerts by Slack or email or manually scan from your laptop subdomain detection functionality Scans …

Domain-Protect – Protect Against Subdomain Takeover Read More »

American Bumblebees Have Disappeared From 8 States and Could Face Extinction

Long-time Slashdot reader phalse phace quotes USA Today: The dwindling populations of the American bumblebee and their complete disappearance from eight states has led to a call for the bee to be placed under the Endangered Species Act before they face extinction. Maine, Rhode Island, New Hampshire, Vermont, Idaho, North Dakota, Wyoming, and Oregon each …

American Bumblebees Have Disappeared From 8 States and Could Face Extinction Read More »

Former 'Donkey Kong' Record Holder Billy Mitchell May Now Sue Twin Galaxies

“Billy Mitchell always has a plan,” said Billy Mitchell in the 2007 documentary about Donkey Kong high scores, The King of Kong. And he tweeted the phrase again Wednesday. GameSpot explains why. “Billy Mitchell, the professional gamer and hot sauce purveyor who rose to fame for setting several retro video game high scores, is preparing …

Former 'Donkey Kong' Record Holder Billy Mitchell May Now Sue Twin Galaxies Read More »

TomGhost

Hello there!!This is not gonna be a regular write-up of the machine , instead I would like to do this as a Penetration-Test report with template as that provided for OSCP. I got this notion from multiple sources where they stressed the point of effective reporting which is very essential for a pentester. So lets jump right …

TomGhost Read More »

HackTheBox Writeup: Cap

This was an easy-difficulty Linux box that was very straightforward and an excellent entry level challenge for those new to HackTheBox. To solve the machine, the attacker needed to perform basic scanning and enumeration to gain a foothold on the machine and get the user flag. The privilege escalation to root was also a relatively …

HackTheBox Writeup: Cap Read More »