At first glance, the term “ethical hacking” may
seem like an oxymoron. That’s because criminal “hacker” has become a pejorative
that’s closely tied to the bad guys — black hat threat actors looking to steal
or corrupt data or other assets within digital reach.The truth is, there are plenty of good guys in
the hacking business: professional penetration testers whose job it is to poke
holes in a client’s system for insights on how to make systems more secure.
Let’s take a closer look at how ethical hacking is indeed a valuable
activity — assuming it’s done right.The Ethical Hacker’s Playbook
The truth is, ethical hacking is not only a known
concept, but one that’s enshrined in cyber security training and practice.
There are even Certified Ethical Hacker programs and curricula across the
industry — all designed to leverage the improvisation and resourcefulness of a
hacker with the conscience and mission of a CISO or a SOC analyst.Part of this is understanding that good
intentions are not enough. Penetration tests by well-meaning whistleblowers may
contribute to our understanding of vulnerabilities, but that doesn’t mean the
incursions were ethical. Getting permission is a core requirement, and it’s not
the only one. Remaining ethical in your work is also about matching the right
skills to the nature of the job, and knowing how to find vulnerabilities
without inadvertently damaging systems.Following the Right MethodologySimulated hacking reaps more insight than simply
running a vulnerability scan on your systems. So what’s the process? Some of it
involves basic rules of engagement with a client for ethical hacking —
including documentation, reporting and selecting areas that are within, or off
limits, for penetration testing. But you’ll also typically see specific
methodological steps.These steps include footprinting and reconnaissance, involving the gathering of information about a target using open-source intelligence — scouring search engines and related sources using tools like Nikto, the Harvester and Maltego. The target normally has no clue you are looking in this phase. Next comes scanning and enumeration: Here you are touching the target in some capacity. This might be the common practice of running an NMAP scan and performing things like banner grabbing — all looking for vulnerabilities to exploit in this phase.Once we gain access through the vulnerabilities
we’ve found — or even social engineering, like leaving USBs in a parking lot in
hopes that an employee will pick it up and plug it in at work — we need
to maintain that access, so we can accomplish our goals. Many ethical and
criminal hackers maintain access by setting up hidden entry paths through
backdoors in the system. Finally, the ethical hacker’s job is to exfiltrate the
target data and escape without anyone knowing the ersatz bad deed was done.
This phase might include things like corrupting log files or deleting them.Feeding the Workforce PipelineTrue threat actors obviously have expertise in
these methodological areas. But despite the popular stereotype about the black
hat actor who gets caught and ultimately become a white hat penetration tester,
personal integrity is a core requirement for the job, and very few former
criminals end up as ethical hackers. Especially with valuable enterprise
data and systems in the balance, it’s much safer to train an ethical person to
be a hacker than to train a criminal hacker to be ethical.Teaching the right methodologies and skills is
crucial, but just as important is setting expectations. Folks drawn to the
field for the James Bond-style excitement need to remember that — for every
critical moment in a high-stakes penetration test, there may be hours of
mundane paperwork, meetings and drawing up contracts. As for finding the
right people, some come from development backgrounds, others from networking
backgrounds. Regardless of their
particular origins, the shared mindset is typically one of problem solving,
critical thinking and perseverance.Ultimately, ethical hacking is an essential tool
in keeping up with cyber threats. And there’s a growing appreciation for
the professionals who harness the creativity of a black hat actor in order for
us all to come up with defenses that are as creative as their digital
adversaries.
ASUS has disclosed that its routers with the AiCloud feature activated are affected by the critical authentication bypass vulnerability, tracked as CVE-2025-2492, which could be leveraged to facilitate unauthorized function execution, Security Affairs reports.
BleepingComputer reports that Google was discovered by Ethereum Name Service lead developer Nick Johnson to have had an OAuth vulnerability leveraged to facilitate the delivery of a bogus email purporting to be a security alert from the company with a valid DomainKeys Identified Mail authentication key as part of a DKIM replay phishing intrusion.