Microsoft Azure is a cloud platform that offers a wide range of services to its users. It’s used by organizations all around the world for a variety of reasons. However,…
Tag: Penetration Testing
Web Application Assessment using Burp Suite
Web Application Assessment Information Firstly, we need to understand why Web Application Assessment is important to any organization out there. As people should be aware by now, Web Applications have…
NPK: Free tool to crack password hashes with AWS
The NPK tool is an open-source password cracking tool developed by the Coalfire Labs Research and Development team. The initials NPK are inspired by the atomic elements contained within farm…
Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability
The number of attacks aiming to take advantage of the recently disclosed security flaw in the Log4j2 Java logging library continues to grow. The vulnerability (CVE-2021-44228) was publicly disclosed on…
Log4j flaw could be a problem for industrial networks 'for years to come'
Industrial networks are among those which are vulnerable to the recently disclosed zero-day in the Log4j2 Java logging library, security researchers have warned. The vulnerability (CVE-2021-44228) was disclosed on December…
Emotet Is Dropping Cobalt Strike
Emotet is a virus infection that is propagated by spam email attachments that contain malicious Word or Excel documents. These documents utilize macros to download and install the Emotet Trojan…
Cognitive Biases and Penetration Testing
by Jeremy Miller This post first appeared on November 30, 2021 and is republished with permission from the author. Disclaimer: The ideas below are my own and may not reflect…
Cuba Ransomware Gang Hauls in $44M in Payouts
The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. The “Cuba” ransomware gang has settled into a…