Tag: penetration-testing
-
Mattermost Vulnerabilities Let Attackers Execute Remote Code Via Path Traversal
by
in SecurityNewsMattermost, a widely-used open-source collaboration platform, has recently disclosed critical vulnerabilities in its software that could allow attackers to execute remote code through path traversal exploits. As detailed on the official Mattermost Security Updates page, these flaws have been identified through rigorous security reviews and penetration testing conducted by global security research communities, deploying organizations,…
-
LinuxFest Northwest: The First Black Software Engineer in America: Technology and Race
by
in SecurityNewsAuthor/Presenter: Clyde Ford (Author And Software Consultant) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel. Thanks…
-
LinuxFest Northwest: The Geology of Open Source
by
in SecurityNewsAuthor/Presenter: Hazel Weakly (Nivenly Foundation; Director, Haskell Foundation; Infrastructure Witch of Hachyderm) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via…
-
LinuxFest Northwest: The Intersectionality Of Human Psychology, Security And The Era Of AI And Misinfo
by
in SecurityNewsAuthor/Presenter: Autumn Nash (Product Manager At Microsoft, Specializing In Linux Security Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the…
-
How Agentic AI Can Secure Network Infrastructure?
by
in SecurityNewsWe’ve officially entered the era of agentic AI”, where systems do more than just follow instructions. These AI agents can now act autonomously, make decisions, execute tasks, and learn continuously from their interactions within digital environments. In the context of network infrastructure and penetration testing, agentic AI marks a major leap forward. Instead of waiting…
-
LinuxFest Northwest: How To Linuxfest
by
in SecurityNewsAuthor/Presenter: Angela Fischer (Jupiter Broadcasting Co-Owner) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel. Thanks and…
-
LinuxFest Northwest: Running WASM Workloads On k8s: The Future Of Cloud-Native Apps
by
in SecurityNewsAuthor/Presenter: Christopher Valerio (Senior Software Engineer, Veritas Automata) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
The highest-paying jobs in cybersecurity today
by
in SecurityNews
Tags: access, ai, application-security, cisco, cloud, compliance, control, corporate, cybersecurity, data, defense, detection, firewall, governance, grc, hacker, identity, incident response, infrastructure, intelligence, jobs, network, penetration-testing, privacy, risk, risk-assessment, risk-management, skills, soc, threat, tool, training, vulnerability, vulnerability-managementSee “Top 12 cloud security certifications”See “CISSP certification: Requirements, training, exam, and cost”See “CCSP certification: Exam, cost, requirements, training, salary” Security engineer: After security architects, security engineers receive the second-highest annual cash compensation ($191,000), with a base salary of $168,000. Nearly a third (31%) of security engineers surveyed also received annual equity grants.Like their architect…
-
LinuxFest Northwest: Challenges of Managing Community Meetup Post-Pandemic
by
in SecurityNewsAuthor/Presenter: Mariatta Wijaya (Python Core Developer) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel. Thanks and…
-
LinuxFest Northwest: Guarding Your Digital Treasure A Quest for Secure Credential Management
by
in SecurityNewsAuthor/Presenter: Shelby Palmersheim CEH & CISSP (Technical Marketing Manager) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube…
-
LinuxFest Northwest: Code-By-Mail: A Rough And Tumble Guide To Submitting To Mailing Lists
by
in SecurityNewsAuthors/Presenters: Sen Hastings (Software Dev And SBC Enthusiast) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
LinuxFest Northwest: Beyond ARIA Labels What A Blind Film Enthusiast Can Teach Us About Open Source
by
in SecurityNewsAuthors/Presenters: José Ibañez (CEO at Blind Penguin), Raissa Ibañez (Manager At Blind Penguin) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and…
-
LinuxFest Northwest: Clonezilla Live On RISC-V Crafting Open Source Live Systems For Open Hardware
by
in SecurityNewsAuthors/Presenters: Steven Shiau (Clonezilla Project Leader); Yu-Chin Tsai (Clonezilla NCHC Partclone); Chen-Kai Sun (Clonezilla Project / Engineer In NCHC) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham…
-
LinuxFest Northwest: See How Far COSMIC Has Come This Year
by
in SecurityNewsAuthor/Presenter: Carl Richell (CEO and Founder, System76, Inc.) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
by
in SecurityNewsOffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/14/kali-linux-2025-2-released-bloodhound-ce-carsenal/
-
Unusual toolset used in recent Fog Ransomware attack
by
in SecurityNewsFog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual…
-
LinuxFest Northwest: Chaos Testing Of A Postgres Cluster On Kubernetes
by
in SecurityNewsAuthor/Presenter: Nikolay Sivko (Co-Founder And CEO At Coroot) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
TeamFiltration pentesting tool harnessed in global Microsoft Entra ID attack campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/teamfiltration-pentesting-tool-harnessed-in-global-microsoft-entra-id-attack-campaign
-
LinuxFest Northwest: Easy Modular Sensors And Automation
by
in SecurityNewsAuthor/Presenter: Sam Groveman (Research Associate) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel. Thanks and a…
-
Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers
by
in SecurityNewsProofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/threat-actor-teamfiltration-entra-id-attacks
-
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
by
in SecurityNews
Tags: attack, china, cloud, control, corporate, encryption, espionage, exploit, google, group, intelligence, microsoft, monitoring, network, open-source, penetration-testing, ransomware, service, threat, toolOpen-source pen testers for executing commands: Another peculiarity observed in the attack was the use of open-source penetration testing tools, like GC2 and Adaptix C2, rarely seen with ransomware attacks.Google Command and Control (GC2) is an open-source post-exploitation tool that allows attackers to control compromised systems using legitimate cloud services like Google Sheets and Google…
-
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
by
in SecurityNews
Tags: attack, breach, cyber, cybercrime, cybersecurity, data, data-breach, finance, hacker, monitoring, network, open-source, penetration-testing, ransomware, software, tactics, toolFog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a…
-
Password Spraying Attacks Hit Entra ID Accounts
by
in SecurityNewsHackers Use TeamFiltration Penetration Testing Tool. A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts – and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/password-spraying-attacks-hit-entra-id-accounts-a-28682
-
LinuxFest Northwest: LFNW 2025: In The Beginning…
by
in SecurityNewsAuthor/Presenter: Jon “maddog” Hall (Board Chair Emeritus: Linux Professional Institute, Founder: Project Cauã, Co-Founder: Caninos Loucos, Technical Advisor: QSentinel, Executive Director: Linux® International®) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events…
-
OffensiveCon25 Keynote: Automating Your Job? The Future Of AI and Exploit Development
by
in SecurityNewsAuthor/Presenter: Perri Adams Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Researchers warn of ongoing Entra ID account takeover campaign
by
in SecurityNewsAttackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/12/researchers-warn-of-ongoing-entra-id-account-takeover-campaign/
-
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
by
in SecurityNewsHackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/password-spraying-attacks-target-80-000-microsoft-entra-id-accounts/
-
OffensiveCon25 KernelGP: Racing Against The Android Kernel
by
in SecurityNewsAuthor/Presenter: Chariton Karamitas Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Windows Netzwerkschwachstelle CVE-2025-33073 (Reflective Kerberos Relay Attack)
by
in SecurityNewsZum 10. Juni 2025 hat Microsoft mit den Sicherheits-Updates für Windows auch die Schwachstelle CVE-2025-33073 gepatcht. Es handelt sich um eine Schwachstelle im Kerberos-Netzwerkprotokoll, die im Januar 2025 von RedTeam Pentesting entdeckt wurde. Nachfolgende lege ich einige Informationen zur Schwachstelle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/11/windows-netzwerkschwachstelle-cve-2025-33073-reflective-kerberos-relay-attack/
-
OffensiveCon25 Breaking The Sound Barrier: Exploiting CoreAudio Via Mach Message Fuzzing
by
in SecurityNewsAuthor/Presenter: Dillon Franke Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…