Security News

At its Google Next '23 event this week, Google revealed how - with the use of its PaLM 2 foundational model - it is applying the generative AI Duet AI to security solutions in Google Cloud, including posture management, threat intelligence and detection and network and data security. Integrating Duet AI into Chronicle explicitly addresses security operations workload and tool proliferation, and implicitly the shortage of security operators in SOC teams, Potti explained.

Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform.Besides updates to current tools, new versions of Kali typically introduce fresh tools.

Kali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations. Kali Linux is a Linux distribution created for ethical hackers and cybersecurity professionals to perform penetration testing, security audits, and research against networks.

Open-Source Intelligence refers to gathering, assessing, and interpreting public information to address specific intelligence queries. The OWASP Amass project performs network mapping of attack surfaces and external asset discovery using open-source information gathering and active reconnaissance techniques.

To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research. Over 74% of respondents have experienced an increase in the use of AI by cybercriminals in the past six months, and over 85% believe that AI will be used to circumvent their existing email security technologies.

Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company's threat intelligence team said in a series of posts on X. "This BlackCat version also has the RemCom hacktool embedded in the executable for remote code execution. The file also contains hardcoded compromised target credentials that actors use for lateral movement and further ransomware deployment."

This is a comprehensive list of best encryption software and tools, covering their features, pricing and more. Use this guide to determine your best fit.

A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware attacks. Dubbed Nitrogen, the "Opportunistic" activity is designed to deploy second-stage attack tools such as Cobalt Strike, Sophos said in a Wednesday analysis.

In light of these events, I'd like to discuss how OSINT can assist with dark web investigations. Transactions on the dark web often involve cryptocurrency in exchange for illegal goods and services.

Red Siege has developed and made available many open-source tools to help with your penetration testing work. The company plans to continue to support the tools listed below, whether in the form of bug fixes or new features.