Collecting Cyber-News from over 60 sources

Tag: RedTeam

OMEN Improvements

Aug 10, 2025 5:12 AM

Tags: attack, control, data, linkedin, password, RedTeam, tool, training

“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.” – Albert Einstein Introduction: I’m a big fan of graphing password cracking sessions. It’s a good way to figure out what’s working and what isn’t by highlighting trends that get lost in…
What is a CISO? The top IT security leader role explained

Aug 8, 2025 9:12 AM

Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust

. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
10 Best Red Teaming Companies for Advanced Attack Simulation in 2025

Aug 7, 2025 10:11 PM

Tags: attack, cyber, cybersecurity, defense, penetration-testing, RedTeam, tactics, threat, vulnerability

Red teaming companies are specialized cybersecurity firms that use a proactive, adversarial approach to test an organization’s defenses by simulating a real-world cyberattack. Unlike traditional penetration testing, which typically focuses on finding specific vulnerabilities, red teaming emulates the tactics, techniques, and procedures (TTPs) of an advanced persistent threat (APT) actor. The goal is to evaluate…
6 ways hackers hide their tracks

Aug 7, 2025 10:11 AM

Tags: access, ai, antivirus, api, attack, backdoor, breach, captcha, ceo, computer, control, credentials, crypto, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, github, hacker, injection, intelligence, jobs, law, linux, LLM, login, malicious, malware, monitoring, network, open-source, openai, phishing, programming, RedTeam, resilience, reverse-engineering, risk, rust, service, social-engineering, software, supply-chain, threat, tool, virus, windows

Backdoors in legitimate software libraries: In April 2024, it was revealed that the XZ Utils library had been covertly backdoored as part of years-long supply-chain compromise effort. The widely used data compression library that ships as a part of major Linux distributions had malicious code inserted into it by a trusted maintainer.Over the last decade,…
MCP: securing the backbone of Agentic AI

Aug 4, 2025 11:56 AM

Tags: access, ai, attack, authentication, business, ciso, control, credentials, cyber, data, detection, injection, least-privilege, mfa, monitoring, RedTeam, risk, security-incident, service, supply-chain, training

Four cornerstones for securing MCP servers: CISOs can largely rely on the proven basic principles of cyber security for MCP they just need to adapt them in a few places. Pure checklists fall short here. Instead, a clear, principles-based approach is required. Four central pillars have proven themselves in practice: Strong authentication and clean credential…
How AI red teams find hidden flaws before attackers do

Jul 29, 2025 9:28 AM

Tags: access, ai, api, attack, authentication, ceo, computer, control, cyber, data, data-breach, exploit, flaw, guide, hacker, identity, infrastructure, injection, LLM, malicious, microsoft, psychology, RedTeam, risk, service, skills, social-engineering, sql, technology, threat, tool, training, vulnerability

A red teaming sequence in action Connor Tumbleson, director of engineering at Sourcetoad, breaks down a common AI pen testing workflow: Prompt extraction: Use known tricks to reveal hidden prompts or system instructions. “That’s going to give you details to go further.”Endpoint targeting: Bypass frontend logic and directly access the model’s backend interface. “We’re hitting…
Cervantes: Open-source, collaborative platform for pentesters and red teams

Jul 23, 2025 9:12 PM

Tags: open-source, RedTeam, vulnerability

Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/23/cervantes-open-source-collaborative-platform-pentesters-red-teams/
Red Teaming AI Systems: Why Traditional Security Testing Falls Short

Jul 16, 2025 9:40 PM

Tags: ai, data, data-breach, LLM, RedTeam, tool

What if your AI-powered application leaked sensitive data, generated harmful content, or revealed internal instructions and none of your security tools caught it? This isn’t hypothetical. It’s happening now and exposing critical gaps in how we secure modern AI systems. When AI systems like LLMs, agents, or AI-driven applications reach production, many security teams.. First…
Octalyn Stealer Harvests VPN Configs, Passwords, and Cookies in Organized Folder Structure

Jul 15, 2025 3:40 PM

Tags: credentials, cyber, github, organized, password, RedTeam, tool, vpn

The Octalyn Forensic Toolkit, which is openly accessible on GitHub, has been revealed as a powerful credential stealer that poses as a research tool for red teaming and digital forensics. This is a worrying development for cybersecurity. Developed with a C++-based payload module and a Delphi-built graphical user interface (GUI) builder, the toolkit lowers the…
AI poisoning and the CISO’s crisis of trust

Jul 15, 2025 10:40 AM

Tags: access, ai, breach, ceo, ciso, compliance, control, cybersecurity, data, defense, detection, disinformation, exploit, framework, healthcare, identity, infosec, injection, LLM, monitoring, network, privacy, RedTeam, resilience, risk, russia, saas, threat, tool, training

Foundation models began parroting Kremlin-aligned propaganda after ingesting material seeded by a large-scale Russian network known as the “Pravda Network.”A high-profile AI-generated reading list published by two American news outlets included 10 hallucinated book titles mistakenly attributed to real authors.Researchers showed that imperceptible perturbations in training images could trigger misclassification. Researchers in the healthcare domain demonstrated…
Why skipping security prompting on Grok’s newest model is a huge mistake

Jul 14, 2025 10:40 PM

Tags: ai, RedTeam

An AI red-teaming company found that xAI’s Grok 4 is “not suitable for enterprises” without substantial security prompting. First seen on cyberscoop.com Jump to article: cyberscoop.com/grok4-security-flaws-prompts-splxai-research/
MCP is fueling agentic AI, and introducing new security risks

Jul 10, 2025 9:40 AM

Tags: access, ai, api, attack, authentication, best-practice, ceo, cloud, corporate, cybersecurity, gartner, injection, LLM, malicious, monitoring, network, office, open-source, penetration-testing, RedTeam, risk, service, supply-chain, technology, threat, tool, vulnerability

Mitigating MCP server risks: When it comes to using MCP servers there’s a big difference between developers using it for personal productivity and enterprises putting them into production use cases.Derek Ashmore, application transformation principal at Asperitas Consulting, suggests that corporate customers don’t rush on MCP adoption until the technology is safer and more of the…
A Practical Guide to Building a Red Teaming Strategy for AI

Jul 9, 2025 6:39 PM

Tags: ai, guide, RedTeam, strategy

Start your red teaming journey with intent, not ambition. Designate a lead with both AI literacy and a security mindset. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/a-practical-guide-to-building-a-red-teaming-strategy-for-ai/
Hackers weaponize Shellter red teaming tool to spread infostealers

Jul 9, 2025 6:39 PM

Tags: hacker, malware, RedTeam, threat, tool

Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures…
Hackers ‘Shellter’ Various Stealers in Red-Team Tool to Evade Detection

Jul 8, 2025 8:34 PM

Tags: detection, hacker, malware, RedTeam, tool

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hackers-shellter-red-team-tool-evade-detection
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Jul 8, 2025 8:34 PM

Tags: data-breach, exploit, hacker, malicious, malware, RedTeam, software, threat, tool

In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware.The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize the…
Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection

Jul 8, 2025 5:34 PM

Tags: detection, hacker, malware, RedTeam, tool

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hackers-shellter-red-team-tool-evade-detection
Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

Jul 8, 2025 12:34 PM

Tags: RedTeam, threat, tool

The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/red-team-tool-dev-shellter-misuse/
Hackers abuse leaked Shellter red team tool to deploy infostealers

Jul 7, 2025 5:34 PM

Tags: attack, data-breach, hacker, penetration-testing, RedTeam, tool

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-leaked-shellter-red-team-tool-to-deploy-infostealers/
How cybersecurity leaders can defend against the spur of AI-driven NHI

Jul 2, 2025 10:34 AM

Tags: access, ai, attack, automation, breach, business, ciso, cloud, credentials, cybersecurity, data, data-breach, email, exploit, framework, gartner, governance, group, guide, identity, infrastructure, least-privilege, LLM, login, monitoring, password, phishing, RedTeam, risk, sans, service, software, technology, tool, vulnerability

Visibility Yageo Group had so many problematic machine identities that information security operations manager Terrick Taylor says he is almost embarrassed to say this, even though the group has now automated the monitoring of both human and non-human identities and has a process for managing identity lifecycles. “Last time I looked at the portal, there…
OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Jul 1, 2025 1:34 PM

Tags: backdoor, china, cybersecurity, microsoft, RedTeam, software, technology, threat

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.”The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo First seen on thehackernews.com Jump to article: thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
AI supply chain threats loom, as security practices lag

Jul 1, 2025 10:34 AM

Tags: access, ai, attack, breach, cloud, computing, data, defense, exploit, framework, group, guide, least-privilege, LLM, malicious, mitigation, monitoring, RedTeam, risk, software, supply-chain, threat, tool, unauthorized

Security tools still catching up to AI supply chain risks: “Most tools today aren’t fully equipped to scan AI models or prompts for malicious code, and attackers are already exploiting that gap,” Sonatype’s Fox says. “While some early solutions are emerging, organizations shouldn’t wait. They need to extend existing security policies to cover these new…
Anton’s Security Blog Quarterly Q2 2025

Jun 24, 2025 7:35 PM

Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, google, governance, guide, metric, office, RedTeam, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trust

Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe). Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”, “Šwow, this…
Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass

Jun 24, 2025 9:35 AM

Tags: attack, authentication, cloud, cyber, flaw, injection, mandiant, password, RedTeam, remote-code-execution, software, vulnerability

A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller”, cloud networking software used to manage multi-cloud environments. The flaws enable full system compromise through an authentication bypass (CVE-2025-2171) followed by authenticated command injection (CVE-2025-2172). Authentication Bypass (CVE-2025-2171) The attack chain begins with a weak password reset mechanism. Attackers can brute-force 6-digit…
Review: Redefining Hacking

Jun 23, 2025 8:35 AM

Tags: ai, bug-bounty, hacking, RedTeam

Redefining Hacking takes a look at how red teaming and bug bounty hunting are changing, especially now that AI is becoming a bigger part of the job. About the authors Omar … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/23/review-redefining-hacking/
35 open-source security tools to power your red team, SOC, and cloud security

Jun 18, 2025 7:54 AM

Tags: cloud, incident response, open-source, RedTeam, soc, threat, tool, vulnerability

This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/free-open-source-security-tools/
35 open-source security tools to power your red team, SOC, and cloud security

Jun 18, 2025 7:54 AM

Tags: cloud, incident response, open-source, RedTeam, soc, threat, tool, vulnerability

This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/free-open-source-security-tools/
Operation 999: Ransomware tabletop tests cyber execs’ response

Jun 17, 2025 10:54 AM

Tags: access, attack, blueteam, breach, computer, conference, cyber, cyberattack, cybersecurity, data, data-breach, extortion, group, hacker, incident, incident response, infrastructure, leak, military, network, ransom, ransomware, RedTeam, resilience, risk, service, threat, tool, training

Extortion attempts rebuffed: As the exercise moved on, the blue team refuse to pay a ransom after consulting with the authorities, legal teams, and crisis management experts. Instead of upping the ante by threatening to sabotage the water treatment algorithms or chemical pumps, potentially tainting the supply, the attackers decide to leak customer records online…
Erster Zero-Click-Angriff auf Microsoft 365 Copilot

Jun 16, 2025 3:54 PM

Tags: access, ai, bug, cio, ciso, cyberattack, exploit, gartner, group, injection, LLM, mail, microsoft, RedTeam, vulnerability

Eine Lücke in Microsoft 365 Copilot ermöglicht es, sensible Daten zu stehlen.Stellen Sie sich einen Angriff vor, der so heimlich ist, dass er keine Klicks, keine Downloads und keine Warnungen erfordert es reicht eine einzelne E-Mail, die in Ihrem Posteingang landet. Das ist der Fall bei EchoLeak, einer kritischen Sicherheitslücke in Microsoft 365 Copilot. Sie…
Operationelle Resilienz Koordination & Kooperation im Fokus

Jun 16, 2025 6:57 AM

Tags: bsi, business, ciso, cloud, cyber, cyberattack, cyersecurity, edr, iam, incident response, infrastructure, intelligence, RedTeam, resilience, strategy, threat, tool, zero-trust

Um Unternehmen auf Cybervorfälle vorzubereiten, brauchen CISOs operationelle Resilienz.Die Aufgabe des CISOs besteht darin, sowohl technologische als auch prozessuale und organisatorische Voraussetzungen für die IT-Sicherheit seines Unternehmens zu schaffen. CISOs schaffen eine auf Resilienz abzielende Sicherheitsarchitektur, treiben die Integration interoperabler Plattformen voran und etablieren Prozesse zur kontinuierlichen Risikoüberwachung.Darüber hinaus sorgen sie für den Aufbau von…