Security News

Private equity giant KKR leads investment to fuel growth of enterprise penetration testing firm. NetSPI, a provider of enterprise penetration tools and services, has raised $90 million in growth funding led by private equity giant KKR, with participation from Ten Eleven Ventures.

Pentesting can fortify organizations' general security posture and is a critical measure organizations should put in place proactively to prevent security breaches. Recently, Colleen Pate, Customer Marketing Lead at Cobalt sat down with Coleen Coolidge, CISO at Twilio Segment to better understand how she views the role of pentesting in a cybersecurity program and how it can fit into modern workflows.

Pentesting can fortify organizations' general security posture, full stop, and is a critical measure for organizations to put in place proactively to prevent security breaches. There are misconceptions about the role of pentesting and what companies and security programs it is best for.

Rather, it is to illustrate some of the uses for automated pentesting tools and how they may even be used for specific types of attacks to raise awareness of these unauthorized devices. The concept behind this vulnerable OS is for users to test their security skills, effectively learning how to exploit these systems and how to best protect them.

FireEye breach: State-sponsored attackers stole hacking toolsU.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed. Key cybersecurity problems expected to mark 2021After a year in which COVID-19 upended the way we live, work and socialize, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to ESET. How Kali Linux creators plan to handle the future of penetration testingOffensive Security might best known as the company behind Kali Linux, the popular open-source pen testing platform, but its contribution to the information security industry is definitely not limited to it.

To select a suitable pentesting solution for your business, you need to think about a variety of factors. There are several key questions to answer before considering a pentesting solution or partner.

Easily exploitable RCE in Oracle WebLogic Server under attackA critical and easily exploitable remote code execution vulnerability in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. DNS attacks increasingly target service providersThe telecommunications and media sector is the most frequent victim of DNS attacks, according to EfficientIP. Hackers breach psychotherapy center, use stolen health data to blackmail patientsNews of an unusual data breach at a psychotherapy center in Finland broke over the weekend, after affected patients began receiving emails telling them to pay up or risk their personal and health data being publicly released.

Rebyc Security introduces cyber security penetration testing services to help proactively address new and growing insecurities in remote working arenas. Rebyc Security offers these services to chief information security officers and information security officers employed by banks and credit unions as well as healthcare and insurance companies.

HackerOne announced the expansion of its penetration testing solution in Europe. This latest product from HackerOne compliments its existing offerings dedicated to helping organizations find and fix vulnerabilities before they can be exploited.

Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems. Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.