Bugs can be exploited to extract info, potentially insert rootkits

Safe Secure Solutions

Safe Secure Solutions is a wholly owed Irish business established to provide cost effective security solutions to both residential and commercial customers.

Our highly skilled team has over 30 years experience in the security…

The way Microsoft patched a recent security bug has made several security and software experts believe the company might have lost the source code to one of its Office components.

In this blog post, we introduce a new attack vector discovered by CyberArk Labs and dubbed “golden SAML.” The vector enables an attacker to create a golden SAML, which is basically a forged SAML “authentication object,” and authenticate across every service…

In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself « what are the coolest command lines an a…

Continuing with the OWASP Top 10 mini-series we are up to number 6, Sensitive Data Exposure. This episode reviews the challenge of figuring out what data you deem sensitive and all the areas you need to worry about securing properly to prevent leaking any…

The Cobham 'Sailor 900' system is a bit more interesting from an information disclosure perspective: Search 'noscript:"sailor 900"' and you'll get the satellite

A US senator has asked the White House to look into the threat that malicious ads —also known as malvertising— pose to US government networks and computers.

1 points and 0 comments so far on reddit

I’m proud to announce the Qaclana project, a Web Application Firewall (WAF) built for cloud-native workloads.

Focus on hiring talent with the following security skills and your team will be equipped to prevent, protect and mitigate the damage of cybersecurity attacks — and speed recovery efforts.

Congratulations to all the participants! This year's contest resulted in a ton of new and exciting functionality available to law enforcem...

Ransomware is rapidly becoming one of the biggest Android malware threats.

According to research by FirstData, millennials are less concerned with cybersecurity than older generations...

2017-11882_Generator - CVE-2017-11882 File Generator PoC

Inside Google, BeyondCorp is core infrastructure that employees use every day. Outside of Google, whether BeyondCorp is an architecture, a security philosophy, a positioning statement, a product you can just buy, a movement, or just common sense is hard to…

The Intel
Management Engine (ME), which is a separate processor and operating
system running outside of user control on most x86 systems, has long been
of concern to users who are security and privacy conscious. Google and
others have
been working on ways…

Empire is a popular open source post-exploitation framework.

Learn how to use security orchestration for certificate management operations (like checking for expired certificates) by integrating Venafi and Demisto.

Alexei Kulikov was charged with looting a small Moscow bank. His trial turned into a window on the shadowy world of money laundering in Russia.