Wiz recently published a detailed analysis of a critical vulnerability in the NGINX Ingress admission controller—what they’ve dubbed IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514). The vulnerability stems from insufficient input validation during configuration file processing, allowing an attacker to inject arbitrary code into the NGINX process. Wiz’s writeup is excellent and covers the technical nuances thoroughly, […] The post An Improved Detection Signature for the Kubernetes IngressNightmare Vulnerability appeared first on Praetorian.  ( 17 min )

Cyberattackers are evolving their tactics and developing more sophisticated ransomware. Advanced AI-driven security solutions are needed to provide the defense mechanisms to detect and remediate ransomware threats. Ransomware Protection Plus is a new solution from ManageEngine that provides a multi-layered defense against ransomware. Source

A blog about SANS Insititute's self-paced cyber range; Skills Quest by NetWars  ( 13 min )

Bishop Fox's, Alethe Denis, recaps and provides key insights from her talk, Epic Fails and Heist Tales: Red Teaming Toward Truly Tested Security, at Wild West Hackin' Fest.  ( 10 min )

Dakota Cary and Eugenio Benincasa explore China's CTF ecosystem, highlighting competitions held by the Ministry of State Security and the PLA.  ( 22 min )

Explore key background knowledge on authorization issues and common bad practices developers may unintentionally introduce in Salesforce Orgs. The post A Not So Comprehensive Guide to Securing Your Salesforce Organization appeared first on NetSPI.  ( 17 min )

At PortSwigger, we believe AI has the power to transform penetration testing - not by replacing human testers, but by augmenting them. With the release of Burp Suite Professional 2025.2, we’re introdu  ( 6 min )

With Microsoft’s decision to deprecate NTLM (NT LAN Manager), it’s time to disable NTLM authentication on Windows Server 2025 and move toward more secure alternatives. NTLMv1 has already been removed in Windows Server 2025 and Windows 11, version 24H2, signaling the beginning of NTLM’s end. Given the protocol’s vulnerabilities—like pass-the-hash attacks—organizations should begin transitioning to stronger authentication methods such as Kerberos, the preferred protocol in Active Directory environments. Source

TL;DR IPMI, released by Intel in 1998, is a hardware management interface operating independently of the OS, often using 623/udp. It monitors hardware data (e.g., temperature, power) and supports remote […] Backdoor in the Backplane. Doing IPMI security better first appeared on Pen Test Partners.  ( 8 min )

TL;DR UK & EU IoT manufacturers have more security regulation coming Applies to all wireless devices  Comes into force 1st August 2025  It may be absorbed into the EU Cyber […] Preparing for the EU Radio Equipment Directive security requirements first appeared on Pen Test Partners.  ( 6 min )

SANS Cybersecurity Blog pertaining to a summary of the SANS AI Cybersecurity Summit 2025  ( 10 min )

A blog summarizing the SANS Institute’s new report on its risk-based approach to AI controls and governance.  ( 14 min )

A blog explaining Linux User Permissions  ( 22 min )

A blog about updates to the SANS SEC540 course.  ( 13 min )

Every once in a while we put our hands on a source code corpora of some malware (thx vx-underground!). Whether it is a quality release or not, we don’t care, because we know we usually get a kinda mixed bag … Continue reading →  ( 6 min )

I got an interesting question on my blog post “Quickpost: Electrical Power & Mining“: Does the temperature in your room increase due to the miner running full blast? Would you turn down the heater to compensate (which may change the calculation slightly). That was indeed the case: I did turn down the heating in the […]  ( 12 min )

AI enables administrators to adapt complex open-source projects easily to their environment. If the project is not hosted on GitHub or other version control platforms, it becomes tedious to merge your changes into the open-source software whenever the maintainer updates their project. The Bash script I discuss in this post uses Git to automate merging your code changes into a new version provided by the maintainer of an open-source project lacking version control. Source

Use-after-free is a memory corruption condition where a program references memory after it has been released back to the allocator. Statically detecting these bugs can be challenging. In the past, several approaches have addressed this problem, such as GUEB by Josselin Feist and Sean Heelan's work on Finding use-after-free bugs with static analysis. This blog post explores the usage of Binary Ninja’s Medium Level Intermediate Language (MLIL) to establish a data flow graph by tracing interactions between a specific memory allocation and other memory regions. Building on the data flow graph, it is further utilized in context-insensitive reachability analysis across functions to identify potential Use-After-Free (UAF) vulnerabilities in binaries. Like any other static code analysis approach,…

Terminal Chat enables the integration of GitHub Copilot, Azure OpenAI, and OpenAI's AI services into Windows Terminal Canary. Through this experimental feature, you can request assistance from an AI for your PowerShell commands and directly execute the AI's recommendations in the terminal. Source

As a follow up to Maxence Schmitt’s research on Client-Side Path Traversal (CSPT), we wanted to encourage researchers, bug hunters, and security professionals to explore CSPT further, as it remains an underrated yet impactful attack vector. To support the community, we have compiled a list of blog posts, vulnerabilities, tools, CTF challenges, and videos related to CSPT. If anything is missing, let us know and we will update the post. Please note that the list is not ranked and does not reflect the quality or importance of the resources. Publications (blog posts, advisories, …) Maxence Schmitt: Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF Maxence Schmitt: CSPT & File Upload Bypasses Dafydd Stuttard: PortSwigger - On-Site Request Forger…  ( 3 min )

@import url(https://themes.googleusercontent.com/fonts/css?kit=XGMkxXUZTA64h2imyzu79g);.lst-kix_t2u4j4vhkrnm-3>li:before{content:"\0025cf "}.lst-kix_t2u4j4vhkrnm-0>li:before{content:"\0025cf "}.lst-kix_t2u4j4vhkrnm-4>li:before{content:"\0025cb "}.lst-kix_t2u4j4vhkrnm-7>li:before{content:"\0025cb "}ul.lst-kix_t2u4j4vhkrnm-8{list-style-type:none}ul.lst-kix_t2u4j4vhkrnm-6{list-style-type:none}ul.lst-kix_t2u4j4vhkrnm-7{list-style-type:none}ul.lst-kix_t2u4j4vhkrnm-4{list-style-type:none}.lst-kix_t2u4j4vhkrnm-5>li:before{content:"\0025a0 "}ul.lst-kix_t2u4j4vhkrnm-5{list-style-type:none}li.li-bullet-0:before{margin-left:-18pt;white-space:nowrap;display:inline-block;min-width:18pt}ul.lst-kix_t2u4j4vhkrnm-2{list-style-type:none}.lst-kix_t2u4j4vhkrnm-6>li:before{content:"\0025cf "}ul.lst…  ( 42 min )

Cyber Security research, thoughts, and tutorials  ( 2 min )

No content preview

Jim Walter reveals how a recent leak provided insight into how Kryptina RaaS has been adapted for use in enterprise attacks.  ( 22 min )

A potential supply chain attack on GitHub CodeQL started simply: a publicly exposed secret, valid for 1.022 seconds at a time. In that second, an attacker could take a series of steps that would allow them to execute code within a GitHub Actions workflow in most repositories using CodeQL, GitHub’s code analysis engine trusted by […] The post CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL appeared first on Praetorian.  ( 26 min )

In my previous post, I explained how to use the OpenAI library to augment your AI-powered terminal. Today, we will build on this enhancement and encourage two AIs to collaborate on IT tasks in the Warp terminal. Warp includes strong AI capabilities, though it currently only supports models lacking search features. As a result, you're using models with outdated IT knowledge. With a few tweaks, you can make Warp AI prompt GPT-4 Search to bypass the cutoff date of the Warp models. Source

A blog about Linux fundamentals.  ( 21 min )

Domain controllers rely on DFS Replication (DFS-R) to synchronize the contents of SYSVOL and Netlogon across the network. This process ensures that group policy objects (GPOs) and logon scripts remain consistent across all DCs. While troubleshooting DFS-R issues can be complex, several built-in tools can help diagnose and resolve problems efficiently. Source

No content preview

The post CVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith appeared first on Rhino Security Labs.  ( 9 min )

In this blog, Bishop Fox's Nick Cerne, will compare developing malware in Rust compared to its C counterparts and develop a simple malware dropper for demonstration.  ( 15 min )

The GPT-4o Search model offers search engine functionality similar to ChatGPT Search or Perplexity when accessed via the OpenAI API. With the free OpenAI Python Library, you can enhance your terminal AI by adding online search features, overcoming the limitations of LLM cutoff dates, and eliminating the frustration of outdated instructions. This post will guide you on installing the OpenAI Python library and using it conveniently in Windows PowerShell, Warp, or any other terminal. Source

TL;DR The first 24 hours after a cyber incident are critical for containment and recovery.  Small and medium-sized businesses (SMBs) often lack resources, but swift action is still possible.  This […] The first 24 hours of a cyber incident. A practical playbook  first appeared on Pen Test Partners.  ( 8 min )

PHP is still available on Windows despite Microsoft no longer providing support for version 8.x. It can be integrated as a script engine into Internet Information Services (IIS), either through the graphical IIS Manager or via PowerShell, which is especially useful for Server Core installations. Source

Introduction Over the course of numerous Red Team engagements MDSec has often gained privileged access to a target’s ServiceNow instance. This has, in turn, facilitated a variety of compromise actions... The post Red Teaming with ServiceNow appeared first on MDSec.  ( 26 min )

Business email compromise (BEC) remains a commonly utilized tactic that serves as leverage for adversaries to gain access to user resources or company information. Depending on the end goals of the adversaries, and on the compromised user’s business role – the potential impact can vary from simply accessing sensitive information (e.g., from emails, files uploaded … Continue reading How to hunt & defend against Business Email Compromise (BEC) →  ( 12 min )

A blog about SANS Insitute's hjands-on cybersecurity training and skill validation  ( 18 min )

A blog about SANS Institute's Cyber42 simulation game  ( 12 min )

There is no excerpt because this is a protected post. The post Protected: A Possible Solution to the Zodiac Killer Z32 Cipher appeared first on Praetorian.  ( 14 min )

The Australian Treasury conducted an employee survey as part of a large-scale Microsoft 365 Copilot pilot program. The initially high expectations were significantly disappointed. Only a few users noticed AI providing any support in their daily work. Source

A blog about securing pharma ICS/OT and healthcare IoT against cyber threats.  ( 15 min )

Researching and reverse engineering Level 2 Electric Vehicle Supply Equipment (EVSE or loosely “charger”) efforts might require the equipment to be placed beyond the idle state. The idle state is straightforward and usually involves nothing more than powering up the charger. Indeed, this is a very useful state for research where the user interface is in operation, communications both wired and wireless are working and the mobile device app can interact. However, there are times when there is a need to force the charger into other states so that it behaves as though the electric vehicle is attached, the EV is asking for charge, or the EV is charging and the EVSE is providing charging current.   At the Pwn2Own Automotive 2025 event, an add-on category was introduced that required a demonstra…

Learn about a reference design for a new Beacon Object Files portable executable concept and helpful features. The post The Things We Think and Do Not Say: The Future of Our Beacon Object Files (BOFs) appeared first on NetSPI.  ( 13 min )

Learn about a reference design for a new Beacon Object Files portable executable concept and helpful features. The post The Things We Think and Do Not Say: The Future of Our Beacon Object Files (BOFs) appeared first on NetSPI.  ( 13 min )

In environments with multiple VMs running the same Windows version, powering down the Hyper-V VMs during a maintenance window is usually the most efficient way to update them offline. This involves mounting the virtual disk and installing updates through PowerShell. This approach also benefits VMs that have been powered off for an extended period. Instead of starting them in an outdated and potentially vulnerable state, you can apply critical security updates in advance. Source

No content preview

TL;DR Cybersecurity communities and groups are an excellent opportunity to network and learn There are OWASP, DEF CON, 2600, university hacking societies, Meetup communities and more to choose from They […] Cybersecurity communities. Small hacker groups, big impact first appeared on Pen Test Partners.  ( 7 min )

Introduction In this post, we’ll show precisely how to chain round-trip attacks and namespace confusion to achieve unauthenticated admin access on GitLab Enterprise by exploiting the ruby-saml library  ( 7 min )

In this guide, I’ll walk through installing ShellGPT (shell_gpt) – a command-line AI assistant – on PowerShell using a local Ollama LLM. This approach lets you use AI in your terminal without relying on cloud APIs, which is great for privacy. This review highlights the use of ShellGPT on Windows through PowerShell. If you are using Mac or Linux, check out our earlier review of ShellGPT. Source

A blog about Linux fundamentals.  ( 24 min )

Register for the ICS Security Summit to be able to participate in The Quest to Summit and win big prizes.  ( 11 min )

ol { list-style-type: decimal } Introduction I know, we have written it multiple times now, but in case you are just tuning in, Doyensec had found themselves on a cruise ship touring the Mediterranean for our company retreat. To kill time between parties, we had some hacking sessions analyzing real-world vulnerabilities resulting in the !exploitable blogpost series. In Part 1 we covered our journey into IoT ARM exploitation, while Part 2 followed our attempts to exploit the bug used by Trinity in The Matrix Reloaded movie. For this episode, we will dive into the exploitation of CVE-2024-0402 in GitLab. Like an onion, there is always another layer beneath the surface of this bug, from YAML parser differentials to path traversal in decompression functions in order to achieve arbitrary file …  ( 10 min )

Manus AI, a Chinese general AI agent, has created significant buzz in the AI community. Some perceive it as the next DeepSeek moment, while others minimize its significance, viewing it merely as a wrapper for Anthropic's Sonnet 3.5. Exploring the open-source tool WebUI helps understand one of the underlying technologies of Manus AI, the open-source framework Browser Use, which is key to Manus AI's web capabilities. Source

A blog about the SANS | GIAC Workforce Leadership Summit at RSAC 2025 Conference  ( 11 min )

This is a bug fix version. zipdump_v0_0_31.zip (http)MD5: 8EA7D6DBC2877C0E8F3635F06F6E5639SHA256: C063421D1A87E1DB08205948D481CD733F1F170398D990711F92F4F5921134A4  ( 11 min )

On a Windows host, strictly isolated Docker containers can be operated thanks to Hyper-V, which is capable of running an operating system different from Windows Server. Microsoft offers Server Core and Nano Server as operating systems suitable for this purpose. Windows services inside the containers can be managed locally using the CLI or remotely using established GUI tools. Source

A blog about how the SANS Cyber42 Leadership Simulation helps cybersecurity leaders make the tough decisions.  ( 13 min )

Many laptops come with just one M.2 slot, making storage upgrades challenging. Rather than adding an SSD, you have to replace the current one. This operation involves connecting the new SSD externally and booting the system via USB to transfer data. The free open-source tool Clonezilla provides a dedicated feature to simplify this process. Source

Security is a team sport. Whether you're a pentester, bug bounty hunter, student, or just love breaking (and fixing) things, our field thrives on shared knowledge, collaboration, and support. We want  ( 4 min )

You are likely aware of ASCII Smuggling via Unicode Tags. It is unique and fascinating because many LLMs inherently interpret these as instructions when delivered as hidden prompt injection, and LLMs can also emit them. Then, a few weeks ago, a post on Hacker News demonstrated how Variant Selectors can be used to smuggle text. This inspired me to take this further and build Sneaky Bits, where we can encode any Unicode character, not limited to ASCII, with the usage of only two invisible characters.  ( 4 min )

SANS Cybersecurity Blog pertaining to a summary of the SANS New2Cyber Summit 2025  ( 9 min )

No content preview

Lindy.ai is a no-code platform that enables users to build custom AI assistants to automate various business workflows without requiring coding skills. Users can create AI agents to handle tasks such as email management, meeting scheduling, customer support, or sales outreach. The platform integrates with various business tools, such as Google Workspace, HubSpot, Slack, and Zendesk. Source

Why now? Artificial intelligence is rapidly transforming industries, and security testing is no exception. At PortSwigger, we’ve always been driven by innovation, but we don’t chase trends for the sak  ( 4 min )

Kim Zetter interviews David Weston on topics such as the fallout from the CrowdStrike outage, Windows Recall and improving Microsoft security.  ( 22 min )

TL;DR Caching speeds up website content delivery What caching directives are and how to use them The No-cache directive does not prevent caching The No-store directive prevents caching Introduction The […] Take control of Cache-Control and local caching first appeared on Pen Test Partners.  ( 7 min )

We’ve reached the third Patch Tuesday of 2025, and, as expected, Microsoft and Adobe have released their latest security offerings. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for March 2025 For March, Adobe released seven bulletins addressing 37 CVEs in Adobe Acrobat Reader, Substance 3D Sampler, Illustrator, Substance 3D Painter, InDesign, Substance 3D Modeler, and Substance 3D Designer. Six of these bugs were reported through the ZDI program. The patch for Reader contains fixes for multiple Critical-rated code execution bugs. This should be the top priority for deployment. The fix for Illustrator also corre…

In 2025, Microsoft will discontinue a long list of products and services. In recent days, the announcement of Skype’s shutdown has drawn significant attention. Additionally, other well-known apps like Outlook for Mac and Viva Goals will also be affected. Source

A blog about the importance of continuous penetration testing  ( 24 min )

Learn how an attacker with access to a backup file could potentially recover certain encrypted passwords. The post CVE-2024-28989: Weak Encryption Key Management in Solar Winds Web Help Desk appeared first on NetSPI.  ( 12 min )

Winhance is a PowerShell utility for optimizing and customizing Windows 11. It enables users to remove unwanted software, prevent reinstallation, and enhance system privacy and performance settings. Source

This is a bugfix version. xmldump_V0_0_10.zip (http)MD5: 8A42C57B10E9D41CCD4D48C2C618431BSHA256: F0E37F1B61D065A92E2F2C3A678CDE101413BE6099A89AA81FB7C80F18965966  ( 11 min )

This newly update vulnerability management maturity model self-assessment tool (VMMM0SAT 2.0) helps assess an organization's maturity level across all 12 areas  ( 11 min )

Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor can you trust dates of commits!  ( 7 min )

This is a bugfix version. pdf-parser_V0_7_11.zip (http)MD5: 54425CBB5E3E88D931AE7A627105947ESHA256: 4B550F11DBEA5EE3CF10C842AC1C290407E6BD2A60ECFA2EE192E2D3663227B9  ( 11 min )

In the first part of this series we explored some basic search terms that can be used to find ‘unwanted’ software being installed on company endpoints. Today, I’d like to take this research a step further and look at other … Continue reading →  ( 4 min )

This is a bugfix version. pdfid_v0_2_10.zip (http)MD5: E2F369B34D7148BE4D5C4C02430E7983SHA256: A677336B1CF51386E35DBDED8FDB79F27368FD5D5ECC3FC5C8DA020A029CB6B6  ( 11 min )

OpenAI has greatly enhanced the Work with Apps functionality in the ChatGPT app. Users can now incorporate the outputs from these apps as context for their prompts in ChatGPT and implement code changes in Cursor, VS Code, and various other IDEs. This feature positions the ChatGPT app as a competitor to Cursor and GitHub Copilot in VS Code. Furthermore, outputs from well-known terminal applications such as Warp and iTerm2 can be used as context within ChatGPT. Source

This is an update with new stats. 1768_v0_0_23.zip (http)MD5: 04641D1CCDABDD16FB303B89235AAC53SHA256: 708D849F11D6614B55AAF0154445CEEC12AC7ADBE02260D8FF567FC4A02C193E  ( 11 min )

A blog explaining how to get your employer to reimburse you SANS course tuition costs  ( 14 min )

TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a…  ( 15 min )

Zach Lloyd, a former Principal Engineer at Google, introduces new features at warp speed to the best terminal app in the galaxy, with the latest Warp release introducing cutting-edge AI technologies from The Next Generation. The standout addition is the Dispatch mode, which I prefer to call reasoning mode, enabling administrators to plan complex automation tasks with AI assistance. Prompt Suggestions might better be described as big brother or creepy mode since the AI continually observes your actions and intervenes when it believes you need assistance. Additionally, AI memory functions similarly to the personalization feature in ChatGPT, allowing you to save preferences as Knowledge across sessions. Source

TL;DR   What is Cyber Essentials and why does it matter?  The role of Cyber Essentials (CE) and Cyber Essentials Plus (CE+) assessors in protecting UK businesses  The difference between a […] How I became a Cyber Essentials Plus assessor first appeared on Pen Test Partners.  ( 10 min )

This is a bug fix version. oledump_V0_0_79.zip (http)MD5: 5463B7660B15EA1AE4C9F2792CECB512SHA256: EA56C4A4C261C499ECE5C19EB0E53607E497253110953F6050177516C0728E02  ( 11 min )

This post concludes a four-month performance study of OpenSearch and Elasticsearch search engines across realistic scenarios using OpenSearch Benchmark (OSB). Our full report includes the detailed findings and comparison results of several versions of these two applications.  ( 8 min )

When we founded SpecterOps, one of our core principles was to build a company which brought unique insight into high-capability adversary…  ( 7 min )

Kristin Del Rosso & Madeleine Devost explore the growing trend of foreign ownership of farmland and its implications for national security.  ( 22 min )

Standard users can install Microsoft PowerToys without requiring administrative privileges, which may be undesirable in managed environments. However, certain tools from the PowerToys suite might be beneficial for specific users. Group Policy allows administrators to control which utilities are available. Source

zoneidentifier.exe, my tool to manage MoTW (ADS Zone.Identifier) data received a small update. A new option, -show, can be used to display the Zone.Identifier data. zoneidentifier_V0_0_2.zip (http)MD5: AD0A127384EA8C0D85CC2701B6CA7739SHA256: C1CFD764F4345ACE924F0449F89337E57A648B2D75226E467E0366A6EF22C96E  ( 11 min )

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Simon Humbert and Guy Lederfein of the Trend Micro Research Team detail a recently patched code execution vulnerability in the Microsoft Windows Key Distribution Center (KDC) Proxy. This bug was originally discovered by k0shl and Wei in Kunlun Lab with Cyber KunLun. Successful exploitation could result in arbitrary code execution in the security context of the target service. The following is a portion of their write-up covering CVE-2024-43639, with a few minimal modifications. An integer overflow has been reported for Microsoft Windows KDC Proxy. The vulnerability is due to a missing check for Kerberos response length. A remote, unauthenticated attacker could direct KDC proxy to forward a Kerberos reques…

In this second post of a five-part series, I provide advice on how to best utilize the PEN-200 course material for a successful career in…  ( 22 min )

We have reviewed Warp's Mac and Linux versions multiple times, as it stands out as the top terminal application. The newly released Windows edition introduces AI-driven automation for PowerShell administrators. Even if you have no use for natural language automation because PowerShell is your primary language anyway, you should give Warp a try, as no terminal app can compete with it on Windows. Source

TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, […] DNSSEC NSEC. The accidental treasure map to your subdomains first appeared on Pen Test Partners.  ( 11 min )

A blog about this month’s SANS Threat Analysis Rundown livestream, covering ransomware, the continued exploitation of old vulnerabilities, and the evolving role of AI.  ( 14 min )

ol { list-style-type: decimal } Introduction In case you are just tuning in, Doyensec has found themselves on a cruse ship touring the Mediterranean. Unwinding, hanging out with colleagues and having some fun. Part 1 covered our journey into IoT ARM exploitation, while our next blog post, coming in the next couple weeks, will cover a web target. For this episode, we attempt to exploit one of the most famous vulnerabilities ever. SSHNuke from back in 2001. Better known as the exploit used by Trinity in the movie The Matrix Reloaded. Some Quick History Back in 1998 Ariel Futoransky and Emiliano Kargieman realized SSH’s protocol was fundamentally flawed, as it was possible to inject cipher text. So a crc32 checksum was added in order to detect this attack. On February 8, 2001 Michal Zalew…  ( 10 min )

Historically, Microsoft Intune has been the primary tool for managing Windows devices in enterprises. However, it is also capable of managing Linux devices. Source

No content preview  ( 7 min )

In this blog, we are excited to announce our white paper on Return on Mitigation (RoM), a framework we designed to quantify the financial impact of security programs in a way that speaks to business leaders.  ( 6 min )

At Snap, security is more than a priority—it’s a core mission. Over the past decade, Snap has partnered with HackerOne to build and sustain a robust bug bounty program. This collaboration has led to major milestones, including paying security researchers over $1M in bounties. To celebrate this achievement and their 10-year partnership, we spoke with Jim Higgins, Snap's Chief Information Security Officer, Vinay Prabhushankar, Snap’s Security Engineering Manager, and Ilana Arbisser, Snap’s Privacy Engineer.

No content preview  ( 4 min )

What if your security program could self-optimize: analyze trends, identify weak points, and proactively propose actionable steps to strengthen defenses? With HackerOne Recommendations, it can.  ( 5 min )

What are Hackbots and how are they impacting vulnerability discovery and the researcher community?  ( 6 min )

The new DORA regulation: everything your organization needs to know about its impact and how to comply.  ( 5 min )

We’re excited to announce that all of NCC Group’s latest research findings and articles are now hosted on our website at the following link: NCC Group Research Blog. (https://www.nccgroup.com/us/research-blog/) To stay up-to-date with our latest research, you can also subscribe to our RSS feed here: NCC Group Research Blog RSS Feed. (https://www.nccgroup.com/us/research-blog/feed/) Be sure to […]  ( 63 min )

The term “special relationship,” coined by Winston Churchill, describes the close, longstanding alliance between the United States and the United Kingdom. It has been applied to cooperation during war, to trade and commerce, and even to intelligence sharing. That special relationship has clearly influenced the two nations’ recent policy papers on national cybersecurity. The U.K. […] The post Protecting Critical Infrastructure: A Tale of Two National Cybersecurity Strategies appeared first on Synack.  ( 7 min )

Scoping Adventures is a series of blogs about some of the more interesting penetration tests that the Synack Customer Success teams have worked on over the last few months. Each blog outlines how we engage with the client to achieve the best results from a pentest. Pentesters love colors—red, blue, purple, black, white and grey […] The post Scoping Adventures: How to Get the Most Out of Your Synack Pentesting appeared first on Synack.  ( 11 min )

The Synack Platform & Five Pillars of Strategic Pentesting Why You Need to Think Strategically It’s no great revelation that tactics, techniques, and procedures utilized by nefarious hackers hacking activities are evolving on a daily basis. In 2022, 18,828 common vulnerabilities and exposures (CVEs) were published. At the same time, organization attack surfaces are expanding. […] The post Applying Strategic Thinking in Your Pentesting Program appeared first on Synack.  ( 7 min )

One week ago, the Biden administration unveiled its long-awaited U.S. National Cybersecurity Strategy, with an eye toward centralizing government cyber resources and holding IT vendors more accountable for their digital defenses. Now that the ink is dry on the 35-page document, top officials like Acting National Cyber Director Kemba Walden are busy putting it into […] The post The U.S. has a new cybersecurity strategy. What’s next for CISOs? appeared first on Synack.  ( 7 min )