Incorporating SOAR into Zero Trust and MITRE ATT&CK: A Conversation With Forrester Research

Your Security Operations Cheat Sheet for Windows and Linux Logs (And How to Tie Them to the MITRE ATT&CK Framework)

Within the security operations center, visibility is everything. Being aware of the details of users, assets, known threats, and specific... The post Your Security Operations Cheat Sheet for Windows and Linux Logs ...
Cybereason Earns Gold OPSWAT Access Control Certification

Cybereason Earns Gold OPSWAT Access Control Certification

Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 21.X for Windows, Mac and Linux endpoints. The OPSWAT Access Control Certification Program is the industry ...
managed detection and response, Apache ActiveMQ, vulnerability, Aqua Cham, threat, elGang APT Meltdown Spectre Threat Detection

Aqua Security Uses eBPF to Extend Security Platform

Aqua Security this week at the Kubecon + CloudNativeCon North America conference added a cloud-native detection and response (CNDR) capability based on its open source Tracee software-based platform. Tracee is a threat ...
Security Boulevard

Tripwire Patch Priority Index for September 2021

Tripwire’s September 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, Linux, and Confluence. First on the patch priority list this month are patches for the Linux kernel (CVE-2021-3490) ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester

Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them.  However, what if we want to test ...
vulnerability zero day

Linux Attackers Take Advantage of Unpatched Vulnerabilities

Linux operating systems are being targeted by malicious actors as organizations increase their digital footprint in the cloud, with many attackers of the open source OS likely taking advantage of outdated software ...
Security Boulevard
Did your WD My Book NAS get Wiped? Put a Brave Face on It

Did your WD My Book NAS get Wiped? Put a Brave Face on It

A 2019 vulnerability is being exploited to remotely wipe WD My Book Live NAS devices, by Eastern-European malefactors ...
Security Boulevard
Linux

Who, Us? Linux Root Bug Quietly Added 7 Years Ago

A nasty vulnerability in most Linux distributions is raising eyebrows among the penguinistas ...
Security Boulevard
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How to Make Our Hello World Usable as an Exploit Payload

Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 assembly.  While this can help us learn x86 assembly, it isn’t viable as a ...
Beyond Shell - Webcast

The Best Way to Capture Traffic in 2021

There are times when you need to capture some network traffic.  Maybe you’re troubleshooting a communication issue or maybe you’re doing something a little more suspect on a penetration test (looking for ...