EDR or Endpoint Detection and Response refers to an integrated endpoint security solution which continuously monitors end-point user's devices and try to prevent anomalies like Malware, Ransomware by using automated rule based response method.

Introducing Dastardly - a free, lightweight web application security scanner for your CI/CD pipeline, from the makers of Burp Suite. Secure web development ain't easy Ensuring your code is written sec

Table of Contents

TL;DR A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing […]

Preparing for increasing cyber attacks and enhanced regulatory obligations

With the release of iOS 16 and MacOS Ventura, we are now in the age of passkeys. This is happening through WebAuthn, a specification written by the W3C and FIDO with the involvement of all of the major vendors such as Google, Mozilla, etc. The basic premise…

By James Forshaw, Project Zero I've been spending a lot of time researching Windows authentication implementations, specifically Kerberos. I...

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets - GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across a...

A critical vulnerability has been discovered in current versions of OpenSSL and will need to be patched immediately.

Automated pentest reporting with custom Word templates, project tracking, and client management tools. Streamline your security workflows effortlessly! - APTRS/APTRS

Watch the latest awesome security talks around the globe - GitHub - TalEliyahu/awesome-cybersecurity-conferences: Watch the latest awesome security talks around the globe

PrologueIn the last blog post, we understood what it is a callback routine, how to get basic information from user mode and for the finale created a driver t...

So there I was preparing a presentation with some pretty pictures and then I thought…after I give this presentation: How will the audience play with the data and see for themselves how these …

A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…

Leaders in Information Security

Today we are releasing several new challenges for the embedded security CTF, Microcorruption. These challenges highlight types of vulnerabilities that NCC Group’s Hardware and Embedded Systems practice have discovered in real products. The new challenges…

Earlier this year, I discovered a flaw in XNU, which is the kernel that Apple uses on both macOS and iOS. While it's not a particularly complicated flaw, I wanted to explain how I discovered it and how it works, both so that I can motivate others and so that…