Red teaming in the AI era

As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is … Continue reading Red teaming in the AI era

PyRIT: Open-source framework to find risks in generative AI systems

Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s A… Continue reading PyRIT: Open-source framework to find risks in generative AI systems

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longe… Continue reading How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longe… Continue reading How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

Enhancing adversary simulations: Learn the business to attack the business

In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats. Unveiling the interplay between … Continue reading Enhancing adversary simulations: Learn the business to attack the business

Purple teaming and the role of threat categorization

Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and eve… Continue reading Purple teaming and the role of threat categorization

Embracing offensive cybersecurity tactics for defense against dynamic threats

In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creatin… Continue reading Embracing offensive cybersecurity tactics for defense against dynamic threats

Reflective call stack detections and evasions

In a blog published this March, we explored reflective loading through the lens of an offensive security tool developer, highlighting detection and evasion opportunities along the way. This time we are diving into call stack detections and evasions, and how BokuLoader reflectively loads call stack spoofing capabilities into beacon. We created this blog and public […]

The post Reflective call stack detections and evasions appeared first on Security Intelligence.

Continue reading Reflective call stack detections and evasions