Security News

MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a custom-built C# LDAP parser designed for...

In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces...

It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with...

One of these categories is Automated Security Validation, which provides the attacker's perspective of exposures and equips security teams to continuously validate exposures, security measures, and remediation at scale. Traditional security methods can miss hidden assets or fail to account for vulnerabilities hiding in user accounts or security policies.

Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It's designed to handle engagements of any size.

An effective third-party risk management framework ensures that an organization is not derailed by vendor risks and vulnerabilities. Right after you categorize your third-party vendors based on their importance to your organization, next you must define the scope of your third-party risk management services and framework by identification of the type of third parties involved and the risk factors posed by them.

Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly...

Ghidra, a cutting-edge open-source software reverse engineering framework, is a product of the National Security Agency Research Directorate. The framework features high-end software analysis tools, enabling users to analyze compiled code across various platforms, including Windows, macOS, and Linux.

Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. "I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple command-line hexadecimal editor to scan a hard drive looking for keywords and dump the results to disk to recover some files. Over time, the project evolved to meet my diverse requirements, serving as a debugger, a disassembler, and a platform for exploring various architectures. It proved invaluable during CTF competitions, at work, and for personal reverse engineering projects," Sergi Àlvarez, the creator of Radare, told Help Net Security.

The maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of...