How to Defend Against Mobile App Impersonation

Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to…

Red Team: C2 frameworks for pentesting

Infosec Institute –  Infosec Institute –  C2 frameworks — the abbreviation to the Command and Control (C&C) infrastructure — are how red teamers and pentesters can control compromised machines during…

Some Thoughts on Teaching Hacking

by Jeremy Miller This post first appeared on October 31, 2021 and is republished with permission from the author. Disclaimer: The ideas below are my own and may not reflect…

Get all of the training you need to become a cybersecurity analyst for just $26

StackCommerce There has never been a greater need for cybersecurity analysts because cybercrime attacks seem to be neverending these days. So if you want a well-paid career with long-term job…

ONS Reports Huge Spike in Cybercrime and Fraud During COVID-19

ONS Reports Huge Spike in Cybercrime and Fraud During COVID-19 Fraud and computer misuse offenses rose by 43% in the year ending June 2021 compared with the pre-COVID year ending…

Cring ransomware continues assault on industrial organizations with aging applications, VPNs

The Cring ransomware group continues to make a name for itself through attacks on aging ColdFusion servers and VPNs after emerging earlier this year.  Experts like Digital Shadows Sean Nikkel…

Inside 1,602 pentests: Common vulnerabilities, findings and fixes

Infosec Institute –  Infosec Institute –  Each year, Cobalt releases its State of Pentesting report, which extracts trends and statistics about the state of security from penetration testing engagements on…

Pentesters Wanted for Ransomware Attacks!

The Russian Advanced Persistent Threat (APT) group FIN7 is trying to break into the lucrative ransomware market by creating bogus cybersecurity organizations that perform network attacks under the pretense of…

Red teaming tutorial: Active directory pentesting approach and tools

Infosec Institute –  Infosec Institute –  There are a number of tools you should use when it comes to active directory (AD). Inveigh and responder as a start point Many…

OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…