AutoSploit Developer Improves Metasploit Penetration Testing

VectorSEC recently announced that they developed AutoSploit, a Python script for Metasploit. It does what it’s named to do: it automates Metasploit sessions. It has been released on GitHub as opensource software under the GPL v3.0 license ... Read More

Energetic DragonFly DYMALLOY Bear 2.0

New research from Cylance identifies for the first time the use of a compromised core router as one of the tools wielded by the threat actor that has recently been accused by the United States government of acting in the interests of Russia to attack government agencies and organizations in ... Read More
NorthSec: Threat Hunting Utilizing the ELK Stack and Machine Learning

NorthSec: Threat Hunting Utilizing the ELK Stack and Machine Learning

In this course being offered at NorthSec on May 14th, 15th and 16th, attendees will learn how to create their own enterprise-wide hunting platform using ELK with data enrichment feeds. Breaches are only expanding in size, so incident responders need to move beyond the days of using Excel to hunt ... Read More
CylancePROTECT vs. DataKeeper RaaS

Cylance vs. DataKeeper RaaS

DataKeeper is the latest contender in a rising number of malware attacks driven by ransomware-as-a-service (RaaS). What does this latest iteration of RaaS-inspired malware mean for computing? The Cylance Threat Research team dug into this emerging threat for answers ... Read More

Let’s Encrypt Delivers on Promise of Secure HTTP Connections

Back in summer 2017, Let's Encrypt, the free and open certificate authority (CA), said they’d soon deliver “wildcard” certificates to enable secure HTTP connections for entire domains – for free. The great day is today and it’s time to highlight their great work in democratizing security for the masses ... Read More

Cylance Expands Board of Directors to Drive Next Phase of Growth

Have you ever heard the phrase, 'history repeats itself'? While that may not be universally true, history does often reveal similarities between events. Read on to learn what a malware hash has in common with pi, and how machine learning can predict the future by looking at the past ... Read More

Security News Bytes: Can We Trust the Broken Cert Ecosystem?

This week, a new study titled: ‘Issued for Abuse: Measuring the Underground Trade in Code Signing Certificates’ was released by American and Czech researchers, investigating various forms of abuse that allow malware authors to produce malicious code carrying - yet valid - digital signatures ... Read More
Cylance Sports Update: The Team Hits Belgium and Italy

Cylance Sports Update: The Team Hits Belgium and Italy

After a successful team camp in Spain, Cylance Pro Cycling traveled to Belgium and Italy to begin the iconic part of the season called the Spring Classics. These monument races are known for harsh conditions, cobbles, and steep hills ... Read More

This Week in Security: AI Bias, E-Stalker Apps, and AI Laughing at You

This week in Security: why automating human decisions can often mean hard-coding bias; a stalkerware provider shuts down after being repeatedly hacked; and Amazon Alexa units are creepily laughing at people for unknown reasons ... Read More
Protecting Critical Infrastructure Against Cyberattacks

Protecting Critical Infrastructure Against Cyberattacks

The industry sectors that encompass the nation’s critical infrastructure cover virtually every aspect of people’s lives, including power generation, oil, gas, and manufacturing — to name but a few. In the digital era of the 21st century, securing the networks, systems and data in these sectors is of vital importance ... Read More