Security News
FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "Highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. Red Team tools are often used by cybersecurity organizations to mimic those used in real-world attacks with the goal of assessing a company's detection and response capabilities and evaluating the security posture of enterprise systems.
Pentest-as-a-Service company Cobalt announced on Thursday that it has raised $29 million in a Series B funding round. Founded in 2013, Cobalt has designed a platform that connects vetted ethical hackers with organizations looking to test the security of their products.
British infosec biz NCC Group has admitted to The Register that its internal training materials were leaked on GitHub - after folders purporting to help people pass the CREST pentest certification exams appeared in a couple of repositories. CREST offers a certification called CRT: CREST Registered Tester.
The pair were performing a routine penetration test at the Dallas County courthouse at night when they tripped an alarm, were collared by deputies, and, ultimately, charged with felony trespassing - a crime that can lead to up to seven years behind bars. Part of the problem, the two professional attackers told the Black Hat online conference today, was the imprecise terms of the penetration tests Coalfire was hired to perform at the request of the US state of Iowa.
The pair were performing a routine penetration test at the Dallas County courthouse at night when they tripped an alarm, were collared by deputies, and, ultimately, charged with felony trespassing - a crime that can lead to up to seven years behind bars. Part of the problem, the two professional attackers told the Black Hat online conference today, was the imprecise terms of the penetration tests Coalfire was hired to perform at the request of the US state of Iowa.
Tales from the coal face as experts reflect on what can possibly go wrong on the job Analysis It has been six weeks since Coalfire's Gary Demercurio and Justin Wynn were nabbed in Dallas County,...
Shearwater Group, the organizational resilience group, announces that its group company, Pentest has secured a one-year contract with a global technology corporation worth in excess of US$1...
BitDam, provider of cybersecurity solutions that protect enterprise communications from advanced threats hidden in files and links, announced the availability of a new, free data security...
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android...
A researcher has published a tool called Modlishka, capable of phishing 2FA codes sent by SMS or authentication apps.