January 5, 2024 at 10:06AM In 1931, Alfred Korzybski emphasized the limitations of models, likening them to maps that cannot fully represent reality. Red-team assessments often fail to test enough attack variants to accurately gauge defense strength, leaving defenders uncertain about their security posture. To address this, organizations can explore alternatives like Atomic Testing and … Read more
January 3, 2024 at 05:00PM iFlock Security Consulting, a leading boutique cybersecurity company, has completed its first private funding round, bringing in two strategic sales executives, signifying growth. With a focus on penetration testing and fortified cybersecurity services, the company is well-positioned to tackle the rising global cybercrime. The new funding and hires demonstrate firm … Read more
December 18, 2023 at 10:09AM CISA conducted a cybersecurity assessment for a healthcare and public health organization, finding no significant exploitable conditions but identifying weak passwords and other security issues. CISA is sharing the results with the sector to improve cybersecurity posture. The report includes mitigation recommendations and urges organizations to review and apply them. … Read more
December 5, 2023 at 02:19PM Kali Linux 2023.4, the last release of 2023, features GNOME 45 desktop, 15 new tools, and Kernel 6.3.7 upgrade. This distribution targets ethical hackers and includes updated apps, performance boosts, and new builds for cloud platforms and Raspberry Pi 5. Available for existing users via upgrade commands and for new … Read more
November 24, 2023 at 10:40AM The owner of OpenCart, an e-commerce store management system, has responded hostilely to a security researcher who disclosed a vulnerability in the product. The researcher, Mattia Brollo, tried to contact OpenCart for nearly a month through various channels before receiving dismissive and offensive responses from the owner, Daniel Kerr. OpenCart … Read more
October 26, 2023 at 10:39AM Insights from the ICS Cybersecurity Conference highlighted the value of applying cybersecurity techniques and penetration testing used in weapons systems to secure industrial control systems (ICS) and operational technology (OT). Vulnerabilities such as poorly secured connectivity and outdated software were identified during penetration testing on weapons systems. Cybersecurity techniques for … Read more
October 18, 2023 at 07:00AM In the first half of October 2023, there were over a dozen cybersecurity-related merger and acquisition (M&A) deals announced. Some notable acquisitions include Arctic Wolf’s acquisition of Revelstoke to enhance their security orchestration capabilities, KPMG’s acquisition of IMagosoft to expand their identity and access management services, and Okta’s acquisition of … Read more