Tag: penetration-testing
-
LinuxFest Northwest: Beyond ARIA Labels What A Blind Film Enthusiast Can Teach Us About Open Source
Authors/Presenters: José Ibañez (CEO at Blind Penguin), Raissa Ibañez (Manager At Blind Penguin) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and…
-
LinuxFest Northwest: Clonezilla Live On RISC-V Crafting Open Source Live Systems For Open Hardware
Authors/Presenters: Steven Shiau (Clonezilla Project Leader); Yu-Chin Tsai (Clonezilla NCHC Partclone); Chen-Kai Sun (Clonezilla Project / Engineer In NCHC) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham…
-
LinuxFest Northwest: See How Far COSMIC Has Come This Year
Author/Presenter: Carl Richell (CEO and Founder, System76, Inc.) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/14/kali-linux-2025-2-released-bloodhound-ce-carsenal/
-
Unusual toolset used in recent Fog Ransomware attack
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual…
-
LinuxFest Northwest: Chaos Testing Of A Postgres Cluster On Kubernetes
Author/Presenter: Nikolay Sivko (Co-Founder And CEO At Coroot) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
TeamFiltration pentesting tool harnessed in global Microsoft Entra ID attack campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/teamfiltration-pentesting-tool-harnessed-in-global-microsoft-entra-id-attack-campaign
-
LinuxFest Northwest: Easy Modular Sensors And Automation
Author/Presenter: Sam Groveman (Research Associate) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel. Thanks and a…
-
Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers
Proofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/threat-actor-teamfiltration-entra-id-attacks
-
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
Tags: attack, china, cloud, control, corporate, encryption, espionage, exploit, google, group, intelligence, microsoft, monitoring, network, open-source, penetration-testing, ransomware, service, threat, toolOpen-source pen testers for executing commands: Another peculiarity observed in the attack was the use of open-source penetration testing tools, like GC2 and Adaptix C2, rarely seen with ransomware attacks.Google Command and Control (GC2) is an open-source post-exploitation tool that allows attackers to control compromised systems using legitimate cloud services like Google Sheets and Google…
-
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
Tags: attack, breach, cyber, cybercrime, cybersecurity, data, data-breach, finance, hacker, monitoring, network, open-source, penetration-testing, ransomware, software, tactics, toolFog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a…
-
Password Spraying Attacks Hit Entra ID Accounts
Hackers Use TeamFiltration Penetration Testing Tool. A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts – and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/password-spraying-attacks-hit-entra-id-accounts-a-28682
-
LinuxFest Northwest: LFNW 2025: In The Beginning…
Author/Presenter: Jon “maddog” Hall (Board Chair Emeritus: Linux Professional Institute, Founder: Project Cauã, Co-Founder: Caninos Loucos, Technical Advisor: QSentinel, Executive Director: Linux® International®) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events…
-
OffensiveCon25 Keynote: Automating Your Job? The Future Of AI and Exploit Development
Author/Presenter: Perri Adams Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/12/researchers-warn-of-ongoing-entra-id-account-takeover-campaign/
-
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/password-spraying-attacks-target-80-000-microsoft-entra-id-accounts/
-
OffensiveCon25 KernelGP: Racing Against The Android Kernel
Author/Presenter: Chariton Karamitas Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Windows Netzwerkschwachstelle CVE-2025-33073 (Reflective Kerberos Relay Attack)
Zum 10. Juni 2025 hat Microsoft mit den Sicherheits-Updates für Windows auch die Schwachstelle CVE-2025-33073 gepatcht. Es handelt sich um eine Schwachstelle im Kerberos-Netzwerkprotokoll, die im Januar 2025 von RedTeam Pentesting entdeckt wurde. Nachfolgende lege ich einige Informationen zur Schwachstelle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/11/windows-netzwerkschwachstelle-cve-2025-33073-reflective-kerberos-relay-attack/
-
OffensiveCon25 Breaking The Sound Barrier: Exploiting CoreAudio Via Mach Message Fuzzing
Author/Presenter: Dillon Franke Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Android InWild: Unexpectedly Excavating A Kernel Exploit
Author/Presenter: Seth Jenkins Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Penetration Testing Phases: Steps, Tools Methodology
Penetration testing simulates cyberattacks to find risks. Explore the 7 key phases, tools, and methods to strengthen your security. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/networks/penetration-testing-phases/
-
OffensiveCon25 Parser Differentials: When Interpretation Becomes a Vulnerability
Author/Presenter: Joernchen Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI,…
-
OffensiveCon25 Entrysign: Create Your Own x86 Microcode for Fun and Profit
Authors/Presenters: Matteo Rizzo, Kristoffer `spq` Janke, Eduardo Vela Nava and Josh Eads Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to…
-
Kali GPT Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly evolving digital world, cybersecurity professionals are continually seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation capabilities. Enter Kali GPT, a groundbreaking AI assistant explicitly tailored for the Kali Linux ecosystem, engineered by XIS10CIAL. This article examines the origins, capabilities, and tangible benefits of…
-
Kali GPT-Revolutionizing Penetration Testing with AI on Kali Linux
In the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT”, a groundbreaking AI assistant tailored specifically for the Kali Linux ecosystem, engineered by XIS10CIAL. This article explores the genesis, capabilities, and tangible advantages of Kali…
-
OffensiveCon25 Skin In The Game: Survival Of GPU IOMMU Irregular Damage
Authors/Presenters: Fish and Ling Hanqin Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists ::…
-
OffensiveCon25 No Signal, No Security: Dynamic Baseband Vulnerability Research
Authors/Presenters: Daniel Klischies and David Hirsch Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists…
-
Top AI-Driven Pentest Tools 2025
Artificial Intelligence, known to simplify complexities, is trending among organizations. Hence, AI being a buzzword is no more relevant in the context when looking at the near and far future of cybersecurity. The intricacy of cyber threats across industries increased the demand for AI-driven pentest tools in 2025. These smartest tools don’t just scan and……
-
OffensiveCon25 Attacking Browsers via WebGPU
Author/Presenter: Lukas Bernhard Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Keynote How Offensive Security Made Me Better at Defense
Author/Presenter: Dino Dai Zovi Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey…