Security News

UK's Ministry of Defence coughs up bug bounties for crowdsourced pentesting
2021-08-03 14:20

The Ministry of Defence has paid out the first bug bounties to ethical computer hackers who probed web-accessible systems for vulnerabilities, according to a cheery missive from HackerOne. A month-long "Hacker security test" culminated in a couple of dozen folk being handed unspecified rewards - and marking the first public confirmation of HackerOne's UK government partnership.

Investors Pump $90 Million Into Pentesting Firm NetSPI
2021-05-14 17:05

Private equity giant KKR leads investment to fuel growth of enterprise penetration testing firm. NetSPI, a provider of enterprise penetration tools and services, has raised $90 million in growth funding led by private equity giant KKR, with participation from Ten Eleven Ventures.

How modern workflows can benefit from pentesting
2021-05-05 04:30

Pentesting can fortify organizations' general security posture and is a critical measure organizations should put in place proactively to prevent security breaches. Recently, Colleen Pate, Customer Marketing Lead at Cobalt sat down with Coleen Coolidge, CISO at Twilio Segment to better understand how she views the role of pentesting in a cybersecurity program and how it can fit into modern workflows.

MythBusters: What pentesting is (and what it is not)
2021-04-29 05:30

Pentesting can fortify organizations' general security posture, full stop, and is a critical measure for organizations to put in place proactively to prevent security breaches. There are misconceptions about the role of pentesting and what companies and security programs it is best for.

How an automated pentesting stick can address multiple security needs
2021-02-01 19:55

Rather, it is to illustrate some of the uses for automated pentesting tools and how they may even be used for specific types of attacks to raise awareness of these unauthorized devices. The concept behind this vulnerable OS is for users to test their security skills, effectively learning how to exploit these systems and how to best protect them.

Week in review: FireEye breach, vulnerable TCP/IP stacks, Kali Linux and the future of pentesting
2020-12-13 08:00

FireEye breach: State-sponsored attackers stole hacking toolsU.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed. Key cybersecurity problems expected to mark 2021After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. How Kali Linux creators plan to handle the future of penetration testingOffensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it.

How do I select a pentesting solution for my business?
2020-11-30 05:58

To select a suitable pentesting solution for your business, you need to think about a variety of factors. There are several key questions to answer before considering a pentesting solution or partner.

Week in review: Automated pentesting, Oracle WebLogic servers under attack
2020-11-01 11:00

Easily exploitable RCE in Oracle WebLogic Server under attackA critical and easily exploitable remote code execution vulnerability in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. DNS attacks increasingly target service providersThe telecommunications and media sector is the most frequent victim of DNS attacks, according to EfficientIP. Hackers breach psychotherapy center, use stolen health data to blackmail patientsNews of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released.

Rebyc Security’s new pentesting services help tackle growing insecurities in remote working
2020-06-16 02:30

Rebyc Security introduces cyber security penetration testing services to help proactively address new and growing insecurities in remote working arenas. Rebyc Security offers these services to chief information security officers and information security officers employed by banks and credit unions as well as healthcare and insurance companies.

HackerOne expands pentesting solution in Europe to help orgs find and fix vulnerabilities
2020-06-16 01:30

HackerOne announced the expansion of its penetration testing solution in Europe. This latest product from HackerOne compliments its existing offerings dedicated to helping organizations find and fix vulnerabilities before they can be exploited.