We are happy to announce the release of Kali Linux 2017.2, available now for your downloading pleasure. This release is a roll-up of all updates and fixes since our 2017.1 release in April. In tangible terms, if you were to install Kali from your 2017….
The Encryption That Businesses Need, But CISOs Forget About
By Joseph Steinberg CEO, SecureMySocial @JosephSteinberg
Many businesspeople put their firms’ data at risk because they fail to understand several important concepts about encryption. Simply understanding that data…
Why Your Data Security Strategy Should Include Data Masking
Data Masking/Tokenization/Anonymization replaces sensitive information with fictitious data while retaining the original data format. The data masking process lets you continue to work with your data as if it were not encrypted. Databa…
When Looking for SWIFT Audit Guidelines, Beware of the Customer Security Controls Framework
Blog Blog https://www.akamai.com/blog CySecBot CySecBot
Toolsmith Tidbit: Windows Auditing with WINspect
WINSpect recently hit the toolsmith radar screen via Twitter, and the author, Amine Mehdaoui, just posted an update a couple of days ago, so no time like the present to give you a walk-through. WINSpect is a Powershell-based Windows Security Audit…
If you are submitting a request for help or advice please read this first.
If you are posting a request for help or advice make sure you provide enough details so others can help you. Things like model numbers, pictures if you can provide them, relevant details about what you’re trying to protect, etc.
For example, if you’re asking for help with a pre-installed alarm system make sure you include the Make and Model in your post. If you don’t have that information provide pictures of the keypad / control panel.
That said, do not post personally identifiable information. Do not make yourself a target to doxxing. Don’t post pictures or information that contain names, address, or PINs. Keep yourself, your family, and your property safe.
submitted by /u/gh5046
[link] [comments]
Toolsmith Release Advisory: Magic Unicorn v2.8
David Kennedy and the TrustedSec crew have released Magic Unicorn v2.8.
Magic Unicorn is “a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory, based on Matthew Graeber’s PowerShell attacks and the Powe…
The WireX Botnet: An Example of Cross-Organizational Cooperation
On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protoco…
Court Rulings Limit Privacy Protections From Data Residency
Jurisdictions around the world, including the European Union and Canada, are enacting laws and creating regulations forcing companies that collect personally identifiable information (PII) to store the data of their residents within their nati…
Toolsmith #127: OSINT with Datasploit
I was reading an interesting Motherboard article, Legal Hacking Tools Can Be Useful for Journalists, Too, that includes reference to one of my all time OSINT favorites, Maltego. Joseph Cox’s article also mentions Datasploit, a 2016 favorite for fe…