Red Team – Page 7 – WindowsTechs.com

Cymulate nabs $45M to test and improve cybersecurity defenses via attack simulations

Posted on May 5, 2021 by Ingrid Lunden

With cybercrime on course to be a $6 trillion problem this year, organizations are throwing ever more resources at the issue to avoid being a target. Now, a startup that’s built a platform to help them stress-test the investments that they have made into their security IT is announcing some funding on the back of […] Continue reading Cymulate nabs $45M to test and improve cybersecurity defenses via attack simulations→

MythBusters: What pentesting is (and what it is not)

Posted on April 29, 2021 by Help Net Security

You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security assessment, analysis and a progression of simulated attacks on an application or netw… Continue reading MythBusters: What pentesting is (and what it is not)→

How micro-segmentation creates an uphill battle for intruders

Posted on April 22, 2021 by Help Net Security

The past few years have seen a major shift in security strategies from looking outward for external threats to detecting and defending against adversaries that have already breached the network. One of the biggest dangers is that, after having gained a… Continue reading How micro-segmentation creates an uphill battle for intruders→

How (and why) cyber specialists hacked a North American utility’s smart meter

Posted on April 16, 2021 by Sean Lyngaas

The hackers behind some of the most impactful intrusions of industrial organizations in the last five years have meticulously searched for ways to move from facilities’ IT networks to the more sensitive computers that interact with machinery. Before alleged Russian hackers cut power in Ukraine in 2015, for example, they spent many months mapping out utility computer networks and gathering grid workers’ credentials. And the hackers that triggered the 2017 shutdown of a Saudi petrochemical plant with the so-called Triton malware are known for using dozens of different tools to maintain access to IT and industrial networks. As state-sponsored hackers continue to probe U.S. infrastructure, cybersecurity experts regularly emulate those landmark attacks today to break into their clients’ networks in order to protect them. The latest example comes from Mandiant, FireEye’s incident response unit, which this week publicized the techniques it used to infiltrate a North American utility’s industrial control systems […]

The post How (and why) cyber specialists hacked a North American utility’s smart meter appeared first on CyberScoop.

Continue reading How (and why) cyber specialists hacked a North American utility’s smart meter→

PlexTrac raises $10M Series A round for its collaboration-centric security platform

Posted on April 14, 2021 by Frederic Lardinois

PlexTrac, a Boise, ID-based security service that aims to provide a unified workflow automation platform for red and blue teams, today announced that it has raised a $10 million Series A funding round led by Noro-Moseley Partners and Madrona Venture Group. StageDot0 ventures also participated in this round, which the company plans to use to […] Continue reading PlexTrac raises $10M Series A round for its collaboration-centric security platform→

Learn Pipe Fitting for all of your Offense Projects

Posted on February 9, 2021 by rsmudge

Named pipes are a method of inter-process communication in Windows. They’re used primarily for local processes to communicate with eachother. They can also facilitate communication between two processes on separate hosts. This traffic is encapsulated in the Microsoft SMB Protocol. If you ever hear someone refer to a named pipe transport as an SMB channel, […] Continue reading Learn Pipe Fitting for all of your Offense Projects→

Pushing back on userland hooks with Cobalt Strike

Posted on January 13, 2021 by rsmudge

When I think about defense in the current era, I think of it as a game of instrumentation and telemetry. A well-instrumented endpoint provides a defense team and an automated security solution with the potential to react to or have visibility into a lot of events on a system. I say a lot, because certainly […] Continue reading Pushing back on userland hooks with Cobalt Strike→

Simplifying Proactive Defense With Threat Playbooks

Posted on December 21, 2020 by Lindsey O'Donnell

FortiGuard Labs’ Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs. Continue reading Simplifying Proactive Defense With Threat Playbooks→

Agent Deployed: Core Impact and Cobalt Strike Interoperability

Posted on December 15, 2020 by rsmudge

Core Impact 20.3 has shipped this week. With this release, we’re revealing patterns for interoperability between Core Impact and Cobalt Strike. In this post, I’ll walk you through these patterns and provide advice on how to get benefit using Cobalt Strike and Core Impact together. A Red Team Operator’s Introduction to Core Impact Prior to […] Continue reading Agent Deployed: Core Impact and Cobalt Strike Interoperability→

FireEye Hacked, Foxconn Ransomware Attack, Apple’s New Privacy Features

Posted on December 14, 2020 by Tom Eston

In episode 151 for December 14th 2020: What you need to know about the stolen FireEye “Red Team” tools and the FUD going on in the media about the attack, Foxconn gets hit with a ransomware attack plus details on how ransomware attacks are evolving, an… Continue reading FireEye Hacked, Foxconn Ransomware Attack, Apple’s New Privacy Features→