Julien Maury Avatar
  • Kali Linux Penetration Testing Tutorial: Step-By-Step Process

    Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source security tools what Kali Linux has done for open source pentesting, but the addition of […]

  • UPX compression detection evasion

    How UPX Compression Is Used to Evade Detection Tools

    Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that.

  • XSS example

    How to Use Input Sanitization to Prevent Web Attacks

    Despite all of our investments in security tools, the codebase can be the weakest link for any organization’s cybersecurity. Sanitizing and validating inputs is usually the first layer of defense. Attackers have been using classic flaws for years with a pretty high success rate. While advanced threat actors have more sophisticated approaches such as adversarial […]

  • John the Ripper password cracker.

    John the Ripper: Password Cracking Tutorial and Review

    John the Ripper is a popular password cracking tool that can be used to perform brute-force attacks using different encryption technologies and helpful wordlists. It’s often what pen-testers and ethical hackers use to find the true passwords behind hashes. This open-source package is free to download and has several modules for generating hashes from a […]

  • Developers working on a project.

    Open Source Security Index Lists Top Projects

    Two venture investors have launched an index to track the most popular open source security projects. Chenxi Wang of Rain Capital and Andrew Smyth of Atlantic Bridge unveiled the Open Source Security Index last month. The website leverages GitHub application programming interfaces (APIs) to make “finding open-source security projects easier for everyone.” Anyone can go […]

  • VSCode Extensions as attack vector

    Cybercriminals Use VSCode Extensions as New Attack Vector

    Microsoft’s Visual Studio Code integrated development environment (IDE) is used by as much as 75% of developers, so any security issue has widespread implications. And Aqua Nautilus researchers have discovered a big one. The researchers reported earlier this month that the VSCode editor could be vulnerable to attacks targeting its extensions. The free open source […]

  • app security

    GitHub Adds New Security Features for Open Source Community

    GitHub has announced new features that could improve both developers’ experience and supply chain security. The “private vulnerability” reports announced at GitHub Universe 2022 will allow open-source maintainers to receive private issues from the community. Maintainers will be able to receive reports and collaborate with security professionals and all other issuers to patch vulnerabilities. Also […]

  • remnux

    REMnux: The Linux Toolkit for Reverse Engineering and Malware Analysis

    REMnux is a free community distribution that ethical hackers, security researchers, and many other security pros can leverage to build their own labs and speed up malware analysis. Whether you’re new to these specialties or an experienced investigator, REMnux contains many helpful Debian packages and configurations to perform advanced tasks, such as: We’ll examine the […]

  • lodeinfo malware

    Threat Group Continuously Updates Malware to Evade Antivirus Software

    Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. Kaspersky revealed that APT10, also known as the Cicada hacking group, has successfully deployed the LODEINFO malware in government, media, public sector, and diplomatic organizations in Japan. LODEINFO has been […]

  • Hacker at computer

    Cybercriminals Use Fake Public PoCs to Spread Malware and Steal Data

    GitHub proofs of concept (PoCs) for known vulnerabilities could themselves contain malware as often as 10% of the time, security researchers have found. Researchers at the Leiden Institute of Advanced Computer Science have alerted security professionals about risks associated with GitHub and other platforms like pastebin that host public PoCs of exploits for known vulnerabilities. […]

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis