July 12, 2024 at 02:10PM CISA’s SILENTSHIELD exercise detected major security lapses at a federal agency in 2023. A red team exploited an Oracle Solaris vulnerability, leading to a full compromise. Despite timely alerts, the patch was delayed, and the agency ignored crucial investigation procedures. CISA’s report revealed poor network safeguards and a lack of … Read more
July 12, 2024 at 10:33AM In early 2023, a CISA red team exercise exposed significant cybersecurity gaps in a federal civilian executive branch organization. The SILENTSHIELD assessment revealed the organization’s failure to prevent and identify malicious activity, insufficient network segmentation, deficient log collection, and use of a ‘known-bad’ detection approach. Additionally, bureaucratic communication and decentralized … Read more
May 13, 2024 at 10:09AM IBM’s X-Force penetration-testing team employed AI-driven tools to hack into a major computer component manufacturer’s network within eight hours. Using automation, they exploited a flaw in the manufacturer’s HR portal, escalated privileges, and utilized a rootkit to avoid detection. The team is also helping other technology providers, banks, and defense … Read more
April 26, 2024 at 12:37PM Government and security-sensitive firms are requiring software bills of material (SBOMs), listing components of applications. Attackers could exploit this information without sending packets. Larry Pesce warns that publicly accessible SBOMs can expose vulnerabilities. Yet, SBOMs aim to enhance software security, with 60% adoption expected by next year. Pesce advises using … Read more
February 27, 2024 at 07:27AM The text discusses the significance of Red Teams for security stress tests and outlines their current state-of-the-art. It emphasizes the need for a well-defined security program and the role of human operators. It also explores the potential of automation and AI in Red Team engagements, such as asset discovery, ransomware … Read more
January 5, 2024 at 10:06AM In 1931, Alfred Korzybski emphasized the limitations of models, likening them to maps that cannot fully represent reality. Red-team assessments often fail to test enough attack variants to accurately gauge defense strength, leaving defenders uncertain about their security posture. To address this, organizations can explore alternatives like Atomic Testing and … Read more
October 9, 2023 at 05:56PM The D-Link DAP-X1860 WiFi 6 range extender has a vulnerability that allows for denial of service attacks and remote command injection. Despite being notified multiple times, D-Link has not released any fixes. Attackers can exploit the flaw by creating an SSID with a tick symbol and executing commands. Owners are … Read more