August 30, 2024 at 05:42AM The article discusses the overlooked threat of Active Directory Certificate Services (AD CS) vulnerabilities. It highlights the potential dangers and implications of these vulnerabilities, emphasizing the responsibility to address and mitigate them. It also introduces tools such as vPenTest by Vonahi Security and PSPKIAudit to assist in identifying and addressing … Read more
July 1, 2024 at 02:48PM PortSwigger, the UK company behind Burp Suite software, secures a significant $112 million investment from Brighton Park Capital, marking its first external funding since 2008. With 20,000 clients, including major companies such as Microsoft and Amazon, PortSwigger’s products automate security testing for web applications and APIs, enhancing attack surface visibility … Read more
June 5, 2024 at 01:23PM Kali Linux has released version 2024.2, featuring eighteen new tools and fixes for the Y2038 bug. The release includes visual updates and new tools such as autorecon and gowitness. The update also addresses the Y2038 bug and introduces Gnome 46 with enhanced stability and performance. Users can upgrade or download … Read more
April 26, 2024 at 12:37PM Government and security-sensitive firms are requiring software bills of material (SBOMs), listing components of applications. Attackers could exploit this information without sending packets. Larry Pesce warns that publicly accessible SBOMs can expose vulnerabilities. Yet, SBOMs aim to enhance software security, with 60% adoption expected by next year. Pesce advises using … Read more
January 5, 2024 at 08:15AM The Ultimate 2020 White Hat Hacker Certification Bundle offers 10 courses taught by cybersecurity experts Nathan House and Joe Parys. The program covers various topics in ethical hacking, network security, Python for web applications, Nmap for network security checks, and certifications like CompTIA’s PenTest+ and Cybersecurity Analyst. Available for $39.99, … Read more