red team - Security Ticks

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Application Security, attack surface management, CISA, Government, Incident Response, red team, spear-phishing / SecurityTicks

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency 2024-07-12 at 17:31 By Ionut Arghire CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek. […]

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency Read More »

Red teaming: The key ingredient for responsible AI

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, News, opinion, red team, regulation / SecurityTicks

Red teaming: The key ingredient for responsible AI 2024-05-13 at 08:31 By Help Net Security Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory requirements. Organizations attempting to balance

Red teaming: The key ingredient for responsible AI Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software / SecurityTicks

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

5 free red teaming resources to get you started

cybersecurity, Don't miss, GitHub, Hot stuff, how-to, News, red team, strategy, tips / SecurityTicks

5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.

5 free red teaming resources to get you started Read More »

How to design and deliver an effective cybersecurity exercise

cyberattacks, cybersecurity, digital transformation, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, Information Security Forum, News, opinion, penetration testing, red team / SecurityTicks

How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible

How to design and deliver an effective cybersecurity exercise Read More »

Red teaming in the AI era

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Lakera, News, opinion, red team, software / SecurityTicks

Red teaming in the AI era 2024-03-20 at 07:31 By Help Net Security As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is red teaming: the effort to

Red teaming in the AI era Read More »

PyRIT: Open-source framework to find risks in generative AI systems

Adversa AI, AppOmni, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft, News, open source, Python, red team, software / SecurityTicks

PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection

PyRIT: Open-source framework to find risks in generative AI systems Read More »

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams

AI, Artificial Intelligence, automation, Network Security, red team / SecurityTicks

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams 2024-02-27 at 14:31 By Tom Eston The best Red Team engagements are a balanced mix of technology, tools and human operators. The post Artificial Arms Race: What Can Automation and AI do to Advance Red Teams appeared first on SecurityWeek. This article

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams Read More »

Microsoft Releases Red Teaming Tool for Generative AI

AI, Artificial Intelligence, Microsoft, red team / SecurityTicks

Microsoft Releases Red Teaming Tool for Generative AI 2024-02-23 at 12:31 By Ionut Arghire Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation. The post Microsoft Releases Red Teaming Tool for Generative AI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Microsoft Releases Red Teaming Tool for Generative AI Read More »

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

AttackIQ, collaboration, cybersecurity, Don't miss, Hot stuff, penetration testing, red team, security controls, Video / SecurityTicks

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity 2024-02-13 at 07:01 By Help Net Security In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longer about

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity Read More »

Enhancing adversary simulations: Learn the business to attack the business

attacks, cybersecurity, Don't miss, DVULN, Features, Hot stuff, News, red team, strategy / SecurityTicks

Enhancing adversary simulations: Learn the business to attack the business 2024-02-07 at 07:01 By Mirko Zorz In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats. Unveiling the interplay between red and blue teams, O’Reilly talks

Enhancing adversary simulations: Learn the business to attack the business Read More »

Purple teaming and the role of threat categorization

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, penetration testing, red team, SpecterOps, threats / SecurityTicks

Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments

Purple teaming and the role of threat categorization Read More »

Embracing offensive cybersecurity tactics for defense against dynamic threats

bug bounty, cloud computing, cybersecurity, Don't miss, Features, Hot stuff, opinion, penetration testing, red team, regulation, SIX, strategy, Threat Intelligence / SecurityTicks

Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security

Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

attacks, Cloud, cybersecurity, Don't miss, education, Features, framework, Government, honeypots, Hot stuff, Incident Response, MITRE, MITRE ATT&CK, network, News, opinion, professional, red team, social media, threats / SecurityTicks

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros 26/09/2023 at 07:32 By Mirko Zorz MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Adam Pennington discusses

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros Read More »

Hands-on threat simulations: empower cybersecurity teams to confidently combat threats

Artificial Intelligence, attacks, automation, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, Malware, News, opinion, Pluralsight, red team, skill development, software, threat detection, vulnerability / SecurityTicks

Hands-on threat simulations: empower cybersecurity teams to confidently combat threats 25/09/2023 at 08:05 By Help Net Security Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human generated threat detections efficiently identify vulnerabilities, they cannot detect every single threat. With the rising number

Hands-on threat simulations: empower cybersecurity teams to confidently combat threats Read More »

What makes a good ASM solution stand out

CISO, Cloud, Cloudflare, cybersecurity, Don't miss, Features, Hot stuff, network, News, ONYPHE, opinion, red team, strategy, Threat Intelligence, tips / SecurityTicks

What makes a good ASM solution stand out 29/08/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Patrice Auffret, CTO at Onyphe, explains how the traditional perimeter-based security view is becoming obsolete. He suggests that organizations should redefine their attack surface concept and discusses proactive measures they can take to strengthen their

What makes a good ASM solution stand out Read More »

Google’s AI Red Team: Advancing cybersecurity on the AI frontier

Artificial Intelligence, cybersecurity, Don't miss, Features, Google, Hot stuff, machine learning, News, opinion, red team / SecurityTicks

Google’s AI Red Team: Advancing cybersecurity on the AI frontier 03/08/2023 at 08:02 By Help Net Security With the rise of ML, traditional red teams tasked with probing and exposing security vulnerabilities found themselves facing a new set of challenges that required a deep and comprehensive understanding of machine learning. Google’s recent announcement about the

Google’s AI Red Team: Advancing cybersecurity on the AI frontier Read More »

Google Creates Red Team to Test Attacks Against AI Systems

AI, artificial inteligence, Artificial Intelligence, red team / SecurityTicks

Google Creates Red Team to Test Attacks Against AI Systems 21/07/2023 at 18:03 By Eduard Kovacs Google has created a dedicated AI Red Team tasked with carrying out complex technical attacks on artificial intelligence systems. The post Google Creates Red Team to Test Attacks Against AI Systems appeared first on SecurityWeek. This article is an

Google Creates Red Team to Test Attacks Against AI Systems Read More »

Malware delivery to Microsoft Teams users made easy

collaboration, Don't miss, enterprise, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Malware delivery to Microsoft Teams users made easy 10/07/2023 at 14:33 By Zeljka Zorz A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default

Malware delivery to Microsoft Teams users made easy Read More »

Microsoft Teams vulnerability allows attackers to deliver malware to employees

collaboration, Don't miss, enterprise, Hot stuff, Jumpsec, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Microsoft Teams vulnerability allows attackers to deliver malware to employees 23/06/2023 at 15:24 By Zeljka Zorz Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out

Microsoft Teams vulnerability allows attackers to deliver malware to employees Read More »