What Is Privilege Escalation? Definition, Types and Examples

Privilege escalation might be a confusing cybersecurity term for many. That’s why in this article we’re going to shed a little bit more light on this topic. Keep reading to…

‘Printjack’ Printer Attacks Pose a Serious Threat, Researchers Warn

A group of Italian cybersecurity researchers has put together a set of three attacks known as ‘Printjack,’ alerting people of the serious risks of trusting their printer too much. According…

Learn Subscriptions: Course Structure and New Courses

With the Offsec Training Library (OTL) being a growing platform for continuous cybersecurity workforce development, we remain committed to delivering new content and expanding into new areas (dare we say,…

Red Team: C2 frameworks for pentesting

Infosec Institute –  Infosec Institute –  C2 frameworks — the abbreviation to the Command and Control (C&C) infrastructure — are how red teamers and pentesters can control compromised machines during…

New vulnerabilities allowed attackers to intercept Zoom meetings

Exploiting these vulnerabilities, a remote attacker could also execute arbitrary code on the server using root-user privileges. The cybersecurity researchers at Positive Technologies identified three vulnerabilities in several critical apps…

3 Guideposts for Building a Better Incident-Response Plan

Invest and practice: Grant Oviatt, director of incident-response engagements at Red Canary, lays out the key building blocks for effective IR. The COVID-19 pandemic has highlighted the pressing need for security…

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 2021 marks a special month for Bitdefender as we celebrate our 20th anniversary. It has been an exciting journey since our 2001 founding. We have come a long way, growing…

‘Trojan Source’ Hides Invisible Bugs in Source Code

The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware. Researchers have found a new way…

Introducing ATT&CK v10: More Objects, Parity and Features

Amy L. RobertsonOct 21 · 6 min read By Amy L. Robertson (MITRE), Alexia Crumpton (MITRE), and Chris Ante (MITRE) As announced a couple of weeks ago, we’re back with…

How using the purple team approach helps in addressing cybercrime

Automated purple teaming is one of the best ways to address cybercrime as it does not only test for the deficiencies in existing security controls – Let’s dig deeper into…