How do You Know if You’re Ready for a Red Team Partnership? 2025-04-29 at 19:23 By Trevin Edgeworth Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. The post How do You Know if You’re Ready for a Red Team Partnership? appeared first on SecurityWeek. […]
React to this headline:
How do You Know if You’re Ready for a Red Team Partnership? Read More »
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the
React to this headline:
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »
Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems 2025-02-25 at 19:11 By Ryan Naraine Dreadnode is building “offensive machine learning” tools to safely simulate how AI models might be exploited in the wild. The post Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems appeared first on SecurityWeek. This article is an
React to this headline:
Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems Read More »
EchoStrike: Generate undetectable reverse shells, perform process injection 2024-09-16 at 07:31 By Mirko Zorz EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be the first entry point into a company.
React to this headline:
EchoStrike: Generate undetectable reverse shells, perform process injection Read More »
Realm: Open-source adversary emulation framework 2024-07-15 at 07:32 By Mirko Zorz Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm is unique in its custom interpreter written in Rust. This allows us to write complex TTPs as code. With these actions as code,
React to this headline:
Realm: Open-source adversary emulation framework Read More »
CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency 2024-07-12 at 17:31 By Ionut Arghire CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek.
React to this headline:
CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency Read More »
Red teaming: The key ingredient for responsible AI 2024-05-13 at 08:31 By Help Net Security Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory requirements. Organizations attempting to balance
React to this headline:
Red teaming: The key ingredient for responsible AI Read More »
LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided
React to this headline:
LSA Whisperer: Open-source tools for interacting with authentication packages Read More »
5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.
React to this headline:
5 free red teaming resources to get you started Read More »
How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible
React to this headline:
How to design and deliver an effective cybersecurity exercise Read More »
Red teaming in the AI era 2024-03-20 at 07:31 By Help Net Security As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is red teaming: the effort to
React to this headline:
Red teaming in the AI era Read More »
PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection
React to this headline:
PyRIT: Open-source framework to find risks in generative AI systems Read More »
Artificial Arms Race: What Can Automation and AI do to Advance Red Teams 2024-02-27 at 14:31 By Tom Eston The best Red Team engagements are a balanced mix of technology, tools and human operators. The post Artificial Arms Race: What Can Automation and AI do to Advance Red Teams appeared first on SecurityWeek. This article
React to this headline:
Artificial Arms Race: What Can Automation and AI do to Advance Red Teams Read More »
Microsoft Releases Red Teaming Tool for Generative AI 2024-02-23 at 12:31 By Ionut Arghire Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation. The post Microsoft Releases Red Teaming Tool for Generative AI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
React to this headline:
Microsoft Releases Red Teaming Tool for Generative AI Read More »
How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity 2024-02-13 at 07:01 By Help Net Security In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longer about
React to this headline:
How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity Read More »
Enhancing adversary simulations: Learn the business to attack the business 2024-02-07 at 07:01 By Mirko Zorz In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats. Unveiling the interplay between red and blue teams, O’Reilly talks
React to this headline:
Enhancing adversary simulations: Learn the business to attack the business Read More »
Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments
React to this headline:
Purple teaming and the role of threat categorization Read More »
Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security
React to this headline:
Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »
MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros 26/09/2023 at 07:32 By Mirko Zorz MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Adam Pennington discusses
React to this headline:
MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros Read More »
Hands-on threat simulations: empower cybersecurity teams to confidently combat threats 25/09/2023 at 08:05 By Help Net Security Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human generated threat detections efficiently identify vulnerabilities, they cannot detect every single threat. With the rising number
React to this headline:
Hands-on threat simulations: empower cybersecurity teams to confidently combat threats Read More »