The ultimate SOC-in-a-box community project

Bootkit sample for firmware attack. Contribute to hardenedvault/bootkit-samples development by creating an account on GitHub.

Passwords are a common form of authentication and are used to grant access to online accounts, devices, and other resources. However, passwords are also a common target for attackers, who may use a variety of techniques to try to guess or capture them. This…

An in-depth analysis of OpenSSH's attack surface and security measures. Read our research findings and analysis >

Date: 14th March 2023 Today saw Microsoft patch an interesting vulnerability in Microsoft Outlook. The vulnerability is described as follows: Microsoft Office Outlook contains a privilege escalation vulnerability that allows...

Tl;dr: Trail of Bits has launched a practice focused on machine learning and artificial intelligence, bringing together safety and security methodologies to create a new risk assessment and assuran…

Federal and local government officials, including Utah Gov. Spencer Cox, cite national security risk concerns.

This article uses some of the most infamous breaches in prominent CI/CD tools to illustrate the pipeline’s vulnerability as an attack vector and how to defend it

Keep calm and grab a shell

Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.

Rapid7’s Vulnerability Intelligence Report is an annual research report that highlights CVE exploitation trends, explores attacker use cases, and offers a practical framework for risk-based vulnerability prioritization. With the release of a new edition of…