New cybersecurity advisory highlights defense-in-depth strategies

In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team operation against an FCEB (Federal Civilian Executive Branch) organization. In July 2024, CISA released a new CSA that detailed the findings of this assessment along with key findings relevant to the security of the organization’s network. One of the interesting findings of […]

The post New cybersecurity advisory highlights defense-in-depth strategies appeared first on Security Intelligence.

Continue reading New cybersecurity advisory highlights defense-in-depth strategies

EchoStrike: Generate undetectable reverse shells, perform process injection

EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be th… Continue reading EchoStrike: Generate undetectable reverse shells, perform process injection

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.
The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on Sec… Continue reading CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.
The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on Sec… Continue reading CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Red teaming: The key ingredient for responsible AI

Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory re… Continue reading Red teaming: The key ingredient for responsible AI

What we can learn from the best collegiate cyber defenders

This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams […]

The post What we can learn from the best collegiate cyber defenders appeared first on Security Intelligence.

Continue reading What we can learn from the best collegiate cyber defenders

LSA Whisperer: Open-source tools for interacting with authentication packages

LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap&#82… Continue reading LSA Whisperer: Open-source tools for interacting with authentication packages

5 free red teaming resources to get you started

Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simul… Continue reading 5 free red teaming resources to get you started

How to design and deliver an effective cybersecurity exercise

Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations base… Continue reading How to design and deliver an effective cybersecurity exercise