attack tools – Page 2 – WindowsTechs.com

Warshipping: Attackers can access corporate networks through the mailroom

Posted on August 7, 2019 by Zeljka Zorz

Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping? The expression has been coined by IBM X-Force Red researchers to describe a new attack vector, which consists of covertly delivering to the target&#821… Continue reading Warshipping: Attackers can access corporate networks through the mailroom→

SQL Injection Attacks: So Old, but Still So Relevant. Here’s Why (Charts)

Posted on June 13, 2019 by Ori Nakar

We’re living in the Golden Age of data. Some companies analyze it to better themselves, others trade it for profit, none give it up freely due to its value — for their business, and for criminals, as well. SQL (Structured Query Language) is… Continue reading SQL Injection Attacks: So Old, but Still So Relevant. Here’s Why (Charts)→

What State-Sponsored Attacks Can Teach Us About Conditional Access

Posted on May 3, 2019 by Nir Yosha

People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target public federal organizations in Western nations like the U.S. This is simply not the case. In fact, attacks… Continue reading What State-Sponsored Attacks Can Teach Us About Conditional Access→

Is your company leaking sensitive data via your Box account?

Posted on March 12, 2019 by Zeljka Zorz

Companies that use Box for sharing files and folders inside and outside the company are inadvertently leaving sensitive corporate and customer data exposed, cybersecurity firm Adversis warns. Their own research discovered much non-sensitive data but al… Continue reading Is your company leaking sensitive data via your Box account?→

Catching Bloodhound Before it Bites

Posted on January 3, 2019 by Nir Yosha

BloodHound is a public and freely available tool that uses graph theory to automate much of the confusion behind understanding relationships in an Active Directory (AD) environment. It allows hackers and pentesters to know precisely three things: … Continue reading Catching Bloodhound Before it Bites→

Top Ten List for 2018 – Enterprise Security Weekly #120

Posted on December 20, 2018 by Security Weekly Productions

Paul, Matt Alderman, and John Strand talk Paul’s Top Ten List of 2018! They talk about Paul’s personal favorite acquisitions, breaches, vulnerabilities, interviews, attack tools, news articles, and more! Paul’s Top Ten List for 2018: Top Producti… Continue reading Top Ten List for 2018 – Enterprise Security Weekly #120→

Python-based attack tools are the most common vector for launching exploit attempts

Posted on October 1, 2018 by Zeljka Zorz

Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was unsurprising – a large chunk, up to 77%, of the sites were attacked by a Pytho… Continue reading Python-based attack tools are the most common vector for launching exploit attempts→