Hot Topics

Application Security

Teach a Man to Phish

Teach a Man to Phish

| | Hacking, Penetration Testing, Phishing, Red Team, social engineering
PHISHING SCHOOLA Decade of Distilled Phishing WisdomI decided to give away all of my phishing secrets for free. I realized at some point that I have been giving away phishing secrets for years, ...
Posts By SpecterOps Team Members - Medium
A pair of work boots

Patch Tuesday not Done ’til LINUX Won’t Run?

| | CVE-2022-2601, Dual boot, GRUB2 Bootloader Secure Boot Bypass, Linux, Microsoft, Microsoft Patch Tuesday August 2024, Microsoft Windows, Patch Tuesday, SB Blogwatch, SBAT, secure boot, Secure Boot Advanced Targeting, Windows
Redmond reboot redux: “Something has gone seriously wrong.” You can say that again, Microsoft ...
Security Boulevard
SaaS, AppSec, bots standing AppSec DNSSEC web app security

Survey Surfaces Growing SaaS Application Security Concerns

| | AppSec, Cybersecurity, SaaS
A survey of 300 application and software development, IT and security leaders finds nearly half (45%) working for organizations that, in the past year, have experienced a cybersecurity incident involving a third-party ...
Security Boulevard
web application penetration testing

Web Application Penetration Testing: Steps & Test Cases

| | Application Security, Penetration Testing, penetration testing services, web application penetration testing
How secure are your web applications, really? Consider the risk of a malicious actor exploiting hidden vulnerabilities before you have the chance to address them. Web Application Penetration Testing is... The post ...
Strobes Security

That was then, this is now….Modernizing AppSec in Fast-Paced Development Environments

| | Application Security, OSC&R, software supply chain security
You are the weakest link. Hello.    Ninety-one percent of organizations experienced at least one software supply chain security incident in 2023. Chances are the other 9% are riding their luck: The ...
OX Security

0.0.0.0 Day: 18-Year-Old Browser Flaw Affects Linux and macOS

| | 0.0.0.0 Day, Browser Exploits, Browser Security, browser security flaw, browser vulnerability, Chromium-Based Browsers, Cybersecurity, Google Chrome, Linux & Open Source News, linux security, localhost API exploitation, macOS vulnerability, Mozilla, Network Security, Private Network Access, Remote Code Execution, Safari, ShadowRay exploitation campaign
Oligo Security’s research team recently uncovered a critical vulnerability dubbed the “0.0.0.0 Day” affecting Chromium, Firefox, and Safari browsers on macOS and Linux systems. This vulnerability allows malicious websites to bypass standard ...
TuxCare
Black Hat 2024: AI, AI, and Everything Else

Black Hat 2024: AI, AI, and Everything Else

| | Application Security
Chris Lindsey shares his takeaways from another exciting Black Hat conference ...
Mend

We wrote the code, and the code won

| | cryptography, open source
By Tjaden Hess Earlier this week, NIST officially announced three standards specifying FIPS-approved algorithms for post-quantum cryptography. The Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) is one of these standardized algorithms. The Trail ...
Trail of Bits Blog
image2

Five Gartner Reports. Four Categories. What Does OX Security Do Anyway?

| | Application Security, DevSecOps, software supply chain security
Analyst firms play an important role in the tech vendor landscape. Their reports help buyers and would-be buyers learn about vendors and their offerings. In cybersecurity, in particular, buyers use analysts’ outputs ...
OX Security
Strobes Integrates with Azure Repos: Enhancing Code Security

Strobes Integrates with Azure Repos: Enhancing Code Security

| | Attack Surface Management, CTEM, Penetration Testing, Vulnerability Management
As software development reaches new heights, ensuring the security and management of your code is more crucial than ever. Seeing the need of the hour, Strobes CTEM is now integrated... The post ...
Strobes Security
Load more

Application Security Check Up