Red team exercises set goals to see if a particular outcome can be accomplished through a simulated attack, but the ultimate outcome should be educating the org about how to improve tools and processes that make attacks more difficult to succeed. Gwyddon "Data" Owen shares his experience building a red team, creating an exercise, and leveraging the...
In this segment, we will explore some pretty awesome tools for scanning the Internet, with a focus on network edge devices. We'll bring it all together with Claude Code and look at some sample results. Tools include:
Shodan | Passive recon — query existing scan data for exposed devices, services, and vulns | Passive (API) | Instant (no packets se...
The crew makes suggestions for building a hacking lab today! We will tackle:
What is recommended today to build a lab, given the latest advancements in tech
Hardware hacking devices and gadgets that are a must-have
Which operating systems should you learn
Virtualization technology that works well for a lab build
Using AI to help build your lab
Are you walking around with a phone in your hand? Probably, are you ready for the day when it gets grabbed and disappears. Aaran, Doug, and Josh talk about phone strategies on this episode of the Security Weekly News.
HackRead reports that GitHub has explained that its internal red team was behind the typosquatted npm packages believed by Veracode Threat Research to have been targeting GitHub code base credentials.
We're thrilled to have Frank Duff on to discuss threat-informed defense. As one of the MITRE folks that helped create MITRE ATT&CK and ATT&CK evaluations, Frank has been working on how best to define and communicate attack language for many years now. The company he founded, Tidal Cyber is in a unique position to both leverage what MITRE ha...
Semperis’ Hybrid Identity show kicks off with a Microsoft mea culpa, hospital war games and an appeal for a coalition of the willing among cyber defenders.
Using simple prompts, the AI-powered tool generates tailored scenarios that address varied cyberattack types such as ransomware and supply chain threats, enabling security teams to prepare for specific threat actors and industry-related risks.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
