September 25, 2024 at 10:21AM Cybersecurity researchers discovered a new post-exploitation tool, Splinter, with features commonly found in penetration testing tools, developed in Rust. While not as advanced as others, it poses a threat if misused. No threat actor activity has been detected, but its large size suggests potential for cloud and data compromise. This … Read more
September 23, 2024 at 02:51AM Attackers are using a new post-exploitation tool called Splinter to infiltrate and disrupt victims’ IT environments. The malicious tool can execute Windows commands, steal files, collect cloud service account info, and download additional malware. Unlike Cobalt Strike, Splinter poses a potential threat to organizations and remains undetected on victims’ networks. … Read more
September 18, 2024 at 07:42AM The evolution of software has surprised us, from Deep Blue beating Kasparov to chatbots handling complex tasks. Cybersecurity testing is also evolving, with automated penetration testing (PT) disrupting traditional methods. Automated PT offers more thorough and frequent testing at a fraction of the cost, making it crucial for robust security … Read more
August 27, 2024 at 10:19AM External Attack Surface Management (EASM) bridges gaps in traditional penetration testing, addressing overlooked risks in an organization’s digital defenses. An Informa Tech survey highlights limited coverage and frequency issues of penetration testing, leaving organizations vulnerable to cyber threats. Integrating EASM with Penetration Testing as a Service (PTaaS) provides comprehensive visibility … Read more
July 11, 2024 at 10:48AM CrystalRay, a threat actor, has expanded their operations since the February attacks. They utilize SSH-Snake, an automated worm-like tool, for hacking purposes and have added mass scanning, open source software exploitation, and credential theft to their arsenal. Their use of open source and penetration testing tools enables them to maintain … Read more
July 11, 2024 at 10:04AM A threat actor known as “Crystalray” has been utilizing open source software (OSS) to expand its operations in credential stealing and cryptomining. Researchers observed Crystalray utilizing a range of OSS tools to carry out various stages of its attack chain. Despite its efficiency, the use of OSS opens the attacker … Read more
July 5, 2024 at 10:21AM Businesses heavily rely on third-party vendors for various services, but this dependence introduces security vulnerabilities. Cybercriminals exploit weaknesses in vendors to target organizations, making robust vendor risk management crucial. While SOC 2 reports are useful, they have limitations. Organizations should supplement them with security questionnaires, testing, contractual agreements, and ongoing … Read more
July 3, 2024 at 12:15AM Cybersecurity researchers have uncovered a highly targeted attack campaign, named Supposed Grasshopper, targeting Israeli entities using open-source malware such as Donut and Sliver. The attackers use custom WordPress websites to deliver the malware, and the campaign could be the work of a small team. The end goal of the campaign … Read more
June 11, 2024 at 07:48AM Vonahi Security’s vPenTest platform released an annual report on the top 10 critical pentest findings in 2024, following the analysis of over 10,000 network pentests at 1,200 organizations. The report covers various vulnerabilities, such as MDNS and NBNS Spoofing, and provides recommendations for prevention. vPenTest offers automated network penetration testing, … Read more
May 13, 2024 at 10:09AM IBM’s X-Force penetration-testing team employed AI-driven tools to hack into a major computer component manufacturer’s network within eight hours. Using automation, they exploited a flaw in the manufacturer’s HR portal, escalated privileges, and utilized a rootkit to avoid detection. The team is also helping other technology providers, banks, and defense … Read more