SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repo …
Read More »124 legal hacking websites to practice and learn
Joe Shenouda is well known in The Netherlands as “The Netdetective” who has extensive experience in IT, ICS & Information Security as an international hands-on technical engineer, trainer, consultant & research fellow with a successful record in developing & leading technical corporate Cybersecurity programs for military & global organizations. He …
Read More »Emotet Malware – one of the most destructive malware right now
Emotet continues to be among the most costly and destructive malware affecting SLTT governments. Its worm-like features result in rapidly spreading network-wide infection, which are difficult to combat. Emotet infections have cost SLTT governments up to $1 million per incident to remediate. Emotet continues to be among the most costly …
Read More »Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
Recommended best practices for mitigating this threat include rigorous credential and privileged-access management, as well as remote-access control, and audits of legitimate remote-access logs. While these measures aim to prevent the initial attack vectors and the spread of malicious activity, there is no single proven threat response. Using a defense-in-depth …
Read More »Check Point SandBlast protected users from a Zero-Day Microsoft Office Vulnerability
Neil Armstrong, the great space explorer, once said “research is all about creating new knowledge.” And of course, with knowledge we are in a better position to predict, and thus prepare, for what is yet to come. For this reason, the work Check Point Research does is invaluable when it …
Read More »