%term

Elastic + Tidal making MITRE ATT&CK easier

Dec 13, 2022 By Devon Kerr In Elastic

Security vendors seem to have a complicated relationship with the MITRE ATT&CK(™) matrix. With one hand, they hold it high as a powerful resource, and with the other, they criticize some aspect of it. But regardless of your viewpoint on any given day, ATT&CK is one of the most important resources for improving your understanding of threat capabilities and aligning those to technical controls, countermeasures, or mitigations.

Read Post

Elastic

Read more about Elastic + Tidal making MITRE ATT&CK easier

Using LDAP Ping to Enumerate Active Directory Users

Dec 13, 2022 By Joe Dibley In Netwrix

LDAP Nom Nom is a recently discovered brute-force technique for enumerating valid usernames in Active Directory — anonymously and without leaving any log entries behind. It abuses LDAP Ping, a little-known mechanism in Active Directory normally used by computers to check whether a domain controller is alive. This blog post explains how LDAP Ping works and how adversaries can abuse it with LDAP Nom Nom.

Read Post

Netwrix

Read more about Using LDAP Ping to Enumerate Active Directory Users

Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

Dec 13, 2022 By Brian Vermeer In Snyk

SnakeYaml is a well-known YAML 1.1 parser and emitter for Java. Recently, a vulnerability — CVE-2022-1471 — was reported for this package. This vulnerability can lead to arbitrary code execution. The org.yaml:snakeyaml package is widely used in the Java ecosystem, in part because it is packaged by default with Spring Boot in the spring-boot-starter.

Read Post

Snyk

Read more about Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

How to fuzz your Java projects using CI Fuzz CLI in Maven

Dec 13, 2022 By Code Intelligence In Code Intelligence

With CI Fuzz CLI, Java developers can integrate fuzz tests into their unit testing setups (e.g. JUnit). In this video, Josh demos how easy this can be done in Maven.

View Video

Code Intelligence

Read more about How to fuzz your Java projects using CI Fuzz CLI in Maven

Under the Wing: Stopping Identity-Based Attacks

Dec 13, 2022 By CrowdStrike In CrowdStrike

80% of all attacks are identity-based. In this week’s episode, get an inside look into how Falcon Identity Threat Protection helps you detect identity based attacks and prevent lateral movement.

View Video

CrowdStrike

Read more about Under the Wing: Stopping Identity-Based Attacks

Invite External Collaborators

Dec 13, 2022 By Egnyte In Egnyte

Working in separate systems and sending files back and forth while waiting for replies, can hinder productivity. Egnyte breaks down those barriers so you can work closely with clients and business partners by adding them as Standard Users.

View Video

Egnyte

Read more about Invite External Collaborators

CrowdStrike Services Helps Organizations Prioritize Patching Vulnerabilities with CrowdStrike Falcon Spotlight

Dec 13, 2022 By Steven Alexander In CrowdStrike

When the CrowdStrike Services team conducts a proactive security engagement, such as a Cybersecurity Maturity Assessment or Tabletop Exercise, it often uses CrowdStrike Falcon® Spotlight to identify what vulnerabilities exist in the environment. Unfortunately, this can be a disheartening experience, as many organizations we see have millions, even tens of millions, of unpatched vulnerabilities. It’s typical to see at least a quarter of those listed with a CVSS rating of Critical.

Read Post

CrowdStrike

Read more about CrowdStrike Services Helps Organizations Prioritize Patching Vulnerabilities with CrowdStrike Falcon Spotlight

Cloud Threats Memo: Understanding the Dead Drop Resolver Technique

Dec 13, 2022 By Paolo Passeri In Netskope

If I asked you what the common ways to exploit a cloud app for malicious purposes are, I bet your answer would probably be either to use it to distribute malicious content (such as malware or phishing pages), or to host the command and control (C2) infrastructure. In reality another frequent technique is the dead drop resolver, where a legitimate service is abused by threat actors to host the information related to the C2 infrastructure rather than the C2 infrastructure itself.

Read Post

Netskope

Read more about Cloud Threats Memo: Understanding the Dead Drop Resolver Technique

PyPI malware creators are starting to employ Anti-Debug techniques

Dec 13, 2022 By Andrey Polkovnychenko In JFrog

The JFrog Security Research team continuously monitors popular open-source software (OSS) repositories with our automated tooling, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community.

Read Post

JFrog

Read more about PyPI malware creators are starting to employ Anti-Debug techniques

SELinux, Dragons and Other Scary Things

Dec 13, 2022 By Jakub Nyckowski In Teleport

If you've ever used Linux, you’ve probably heard about SELinux or Security-enhanced Linux. For a very long time, my interaction with it was just restricted to: Like many other security solutions, SELinux can sometimes be annoying, and understanding even the basic concepts can change our bigger enemy to our best friend.

Read Post

Teleport

Read more about SELinux, Dragons and Other Scary Things

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Elastic + Tidal making MITRE ATT&CK easier

Using LDAP Ping to Enumerate Active Directory Users

Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

How to fuzz your Java projects using CI Fuzz CLI in Maven

Under the Wing: Stopping Identity-Based Attacks

Invite External Collaborators

CrowdStrike Services Helps Organizations Prioritize Patching Vulnerabilities with CrowdStrike Falcon Spotlight

Cloud Threats Memo: Understanding the Dead Drop Resolver Technique

PyPI malware creators are starting to employ Anti-Debug techniques

SELinux, Dragons and Other Scary Things

Monthly Archive

Follow Us