Red Team – WindowsTechs.com

New cybersecurity advisory highlights defense-in-depth strategies

Posted on September 20, 2024 by Josh Nadeau

In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team operation against an FCEB (Federal Civilian Executive Branch) organization. In July 2024, CISA released a new CSA that detailed the findings of this assessment along with key findings relevant to the security of the organization’s network. One of the interesting findings of […]

The post New cybersecurity advisory highlights defense-in-depth strategies appeared first on Security Intelligence.

Continue reading New cybersecurity advisory highlights defense-in-depth strategies→

EchoStrike: Generate undetectable reverse shells, perform process injection

Posted on September 16, 2024 by Mirko Zorz

EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be th… Continue reading EchoStrike: Generate undetectable reverse shells, perform process injection→

Realm: Open-source adversary emulation framework

Posted on July 15, 2024 by Mirko Zorz

Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm is unique in its custom interpreter written in Rust. This allows us to write… Continue reading Realm: Open-source adversary emulation framework→

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Posted on July 12, 2024 by Ionut Arghire

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.
The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on Sec… Continue reading CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency→

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Posted on July 12, 2024 by Ionut Arghire

Red teaming: The key ingredient for responsible AI

Posted on May 13, 2024 by Help Net Security

Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory re… Continue reading Red teaming: The key ingredient for responsible AI→

What we can learn from the best collegiate cyber defenders

Posted on May 3, 2024 by Evan Anderson

This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams […]

The post What we can learn from the best collegiate cyber defenders appeared first on Security Intelligence.

Continue reading What we can learn from the best collegiate cyber defenders→

LSA Whisperer: Open-source tools for interacting with authentication packages

Posted on April 26, 2024 by Mirko Zorz

LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap&#82… Continue reading LSA Whisperer: Open-source tools for interacting with authentication packages→

5 free red teaming resources to get you started

Posted on April 16, 2024 by Help Net Security

Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simul… Continue reading 5 free red teaming resources to get you started→

How to design and deliver an effective cybersecurity exercise

Posted on April 1, 2024 by Help Net Security

Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations base… Continue reading How to design and deliver an effective cybersecurity exercise→