Security News

SCYTHE, a leader in continuous adversarial emulation, is introducing the SCYTHE Marketplace at the RSA Conference 2020. The SCYTHE Marketplace opens up SCYTHE's synthetic malware creation platform to trusted third party developers so that they can turn their experience and expertise into new capabilities for a vibrant security ecosystem.

The new capability provides an isolated test or QA environment within the production setup for security operations teams to test, tune, and validate new use cases prior to pushing them to live production. With Securonix Analytics Sandbox, the teams responsible for developing SIEM content can test and fine-tune use cases against real production data without impeding SOC efficiency.

Study for the CISSP exam anytime, anywhere using Official² CISSP flash cards. This free interactive self-study tool tests knowledge across all eight CISSP domains and gives you immediate feedback to reinforce learning.

Penetration testers looking at commercial shipping and oil rigs discovered a litany of security blunders and vulnerabilities - including one set that would have let them take full control of a rig at sea. Making heavy use of the word "Poor" to summarise what he had seen over the past year, Hearne wrote that he and his colleagues had examined everything from a deep water exploration and the aforementioned drilling rig to a brand new cruise ship to a Panamax container vessel, and a few others in between.

The forensic engineers who help police gather evidence understand this even if it's not always been clear which methods are the most effective as extracting data accurately enough for it to meet standards of evidence. To examine the issue, the US National Institute of Standards and Technology says it recently conducted tests using 10 popular Android smartphones careful loaded with a mix of data accumulated during simulated use.

Criminals sometimes damage their mobile phones in an attempt to destroy data. Manufacturers use those taps to test their circuit boards, but by soldering wires onto them, forensic investigators can extract data from the chips.

On Sept. 11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. Gary DeMercurio, 43 of Seattle, and Justin Wynn, 29 of Naples, Fla., are both professional penetration testers employed by Coalfire Labs, a security firm based in Westminster, Colo. Iowa's State Court Administration had hired the company to test the security of its judicial buildings.

Google is testing out a feature to make Android's built-in password manager safer, according to online sleuths who have picked apart its software. You could use it to take autofill input from third-party password managers, or if you wanted to keep everything in your Google account, you could use autofill with Google's own password management service.

Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. During the internal phase, our team's white hack attackers moved around laterally within the entire network via the external access provided by the JBoss issue.

The data breach disclosure was met with ire from customers whose lab test results, health card numbers and more were accessed.