penetration testing
Training: The Art of Exploiting Injection Flaws
HITBSecConf 2013 Malaysia will host the widely acclaimed course The Art of exploiting Injection Flaws in Kuala Lumpur on 14 and 15 October 2013. This hands-on session will …
Most security managers don’t trust their apps
Application vulnerabilities are a major factor in the cybercrime game. More than 500 CISOs and Security managers have been interviewed by Quotium about the security state of …
The current state of application security
New research offers a better way to understand the maturity of an organization’s application security program in comparison to the core competencies of high-performing …
Working as an ethical hacker
The term “ethical hacker” as it is used today is, if you ask me, somewhat imprecise. After all, a hacker in it for the money could be said to follow his or her own …
Cybercriminals are doing a better job than the companies they target
What can you learn from reading the exploits of the most successful hacking ring ever brought to justice? Recently, the US Attorney’s Office in NJ unsealed their …
Rapid7 updates Metasploit, Mobilisafe and Nexpose
Rapid7 announced new innovations for its risk assessment and management portfolio. This simplifies remediation, testing and communication of security program performance to …
Widely used routers easy to hack even by remote attackers
Security researchers from Independent Security Evaluators have tested thirteen widely used small office/home office routers and wireless access points, and have discovered …
Instant Penetration Testing: Setting Up a Test Lab How-to
If you want to start practicing penetration testing, you will be needing a test lab. This book will tell you what you need in order to do it, how to set it up, and how to use …
Thousands of Amazon S3 buckets left open exposing private data
Cloud hosting and cloud storage is all the rage, but there are still some common pitfalls that many organizations overlook. In this article I will walk through an issue that …
LogRhythm and Rapid7 partner on threat protection and security analytics
LogRhythm and Rapid7 announced API-level integrations of the LogRhythm SIEM 2.0 platform with both the Rapid7 Nexpose vulnerability management product and the Rapid7 …
Metasploit supports Kali Linux free security auditing toolkit
Rapid7 is working with Offensive Security to provide official Metasploit support for Kali Linux, the enterprise-ready evolution of BackTrack Linux. The free security auditing …
Pwn Pad: A tablet for penetration testers
At the RSA Conference 2013 in San Francisco, Pwnie Express released the Pwn Pad, a tablet loaded with wired and wireless pentesting tools. The Pwn Pad contains bleeding edge …
Featured news
Resources
Don't miss
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams
- CERT-UA warns against “security audit” requests via AnyDesk