Collaborate Disseminate
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A downgrade attack exploiting the Windows Update process The direction of Safe… Continue reading “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days
Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
The post Windows Update Flaws Allow Undetectable Downgrade Attacks appeared first on SecurityWeek.
Continue reading Windows Update Flaws Allow Undetectable Downgrade Attacks
SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection tec… Continue reading “Pool Party” process injection techniques evade EDRs
Help Net Security is attending the Cybertech Tel Aviv 2023 conference and exhibition, which gathers cybersecurity experts, businesses and startups from around the world. Here are a few photos from the event, featured vendors include: DarkOwl, ThriveDX,… Continue reading Photos: Cybertech Tel Aviv 2023, part 2
Help Net Security is in Israel this week for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry and businesses from a wide range of sectors, who gathered to exchange knowledge, to network, and learn about technological … Continue reading Video walkthrough: Cybertech Tel Aviv 2023
Help Net Security is attending Cybersecurity Marketing Society’s Cyber Marketing Con 2022 in Arlington, VA. Here’s a look at the event. Nathan Burke, CMO, Axonius Carmen Harris, Director, Product and Technology Communications, Sumo Logic Ro… Continue reading Photos: Cybersecurity marketers gather at Cyber Marketing Con 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Arcserve, Black Kite, Cavelo, Code42, ComplyCube, Cynet, Elastic, ESET, Feroot, Fusion Risk Management, G-Core Labs, Hillstone Networks, Incognia, Liv… Continue reading Infosec products of the month: June 2022
Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Code42, Cynet, Elastic, Living Security, Lumu, NetWitness, Qualys, SafeBreach, and Swimlane. Acronis Advanced DLP protects businesses and MSPs from data… Continue reading New infosec products of the week: June 10, 2022
At RSA Conference 2022, SafeBreach announced SafeBreach Studio, a no-code red-team automation platform security teams of all skill levels can use to create, customize and execute sophisticated attack scenarios that replicate real-world adversary behavi… Continue reading SafeBreach Studio enables security teams to automate and scale red-team exercises
“Red Team” is an expression coined in the 19th century, related to German military preparedness exercises conducted as realistic board games between two adversaries operating under time constraints and certain rules. In cybersecurity, Red Team exercise… Continue reading Cybersecurity Red Team 101