Red Team – WindowsTechs.com

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

Posted on December 17, 2024 by Charles Owen-Jackson

With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook. With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace […]

The post Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models appeared first on Security Intelligence.

Continue reading Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models→

How Red Teaming Helps Meet DORA Requirements

Posted on December 10, 2024 by Uzair Amir

The Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong… Continue reading How Red Teaming Helps Meet DORA Requirements→

New cybersecurity advisory highlights defense-in-depth strategies

Posted on September 20, 2024 by Josh Nadeau

In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team operation against an FCEB (Federal Civilian Executive Branch) organization. In July 2024, CISA released a new CSA that detailed the findings of this assessment along with key findings relevant to the security of the organization’s network. One of the interesting findings of […]

The post New cybersecurity advisory highlights defense-in-depth strategies appeared first on Security Intelligence.

Continue reading New cybersecurity advisory highlights defense-in-depth strategies→

EchoStrike: Generate undetectable reverse shells, perform process injection

Posted on September 16, 2024 by Mirko Zorz

EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be th… Continue reading EchoStrike: Generate undetectable reverse shells, perform process injection→

Realm: Open-source adversary emulation framework

Posted on July 15, 2024 by Mirko Zorz

Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm is unique in its custom interpreter written in Rust. This allows us to write… Continue reading Realm: Open-source adversary emulation framework→

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Posted on July 12, 2024 by Ionut Arghire

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.
The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on Sec… Continue reading CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency→

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Posted on July 12, 2024 by Ionut Arghire

Red teaming: The key ingredient for responsible AI

Posted on May 13, 2024 by Help Net Security

Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory re… Continue reading Red teaming: The key ingredient for responsible AI→

What we can learn from the best collegiate cyber defenders

Posted on May 3, 2024 by Evan Anderson

This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams […]

The post What we can learn from the best collegiate cyber defenders appeared first on Security Intelligence.

Continue reading What we can learn from the best collegiate cyber defenders→

LSA Whisperer: Open-source tools for interacting with authentication packages

Posted on April 26, 2024 by Mirko Zorz

LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap&#82… Continue reading LSA Whisperer: Open-source tools for interacting with authentication packages→