CISA: Community Collaboration to Advance Emergency Response Efforts

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

Vulnerability in TikTok Android app could lead to one-click account hijacking

Microsoft discovered a high-severity vulnerability in the TikTok Android application, which could have allowed attackers to compromise users’ accounts with a single click. The vulnerability, which would have required several issues to be chained together to exploit, has been fixed and we did not...

Cybersecurity threats are always changing—staying on top of them is vital, getting ahead of them is paramount

With a 1,070 percent increase in ransomware attacks year-over-year between July 2020 and June 2021, staying on top of attack trends—such as ransomware and supply chain threats—is more important than ever.1 To successfully detect and defend against security threats, we need to come together as a...

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

We are excited to share that Microsoft has been named a Leader in The Forrester Wave: Endpoint Security Software as a Service, Q2 20211, receiving one of the highest scores in the strategy category and among the top three scores in the current offering category. Forrester notes that “the focus on...

Microsoft Internal Solorigate Investigation – Final Update

We believe the Solorigate incident is an opportunity to work with the community, to share information, strengthen defenses and respond to attacks. We have now completed our internal investigation into the activity of the actor and want to share our findings, which confirm that we found no evidenc...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary purpose of Vulhub is to provide a simple and easy-to-use platform for...

The Results Are In: Defender Confidence Is On The Rise

Recently, I spent two weeks traveling across Europe talking with defenders, reporters, and leaders of security programs. While each country faces its own unique challenges and has its own needs, there were a few themes that were consistently present. Threat Outlook Report 2020. Naturally, we...

Getting Better Together in Cybersecurity

As the wheels lift up on my latest flight I am left reflecting on another year in infosec. We are moving toward “something” and some days I can’t figure out if that something is disaster or safety. The tea leaves become hard to read with the cyber war that has been raging over into the mainstream...

Sharing research and discoveries at PWN2OWN

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate world-class skills and vie for...

Faraday v2.6 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

Faraday 1.0.15 - Collaborative Penetration Test and Vulnerability Management Platform

A brand new version is ready for you to enjoy! Faraday v1.0.15 Community, Pro & Corp was published today with new exciting features. As a part of our constant commitment to the IT sec community we added a tool that runs several other tools to all IPs in a given list. This results in a major scan ...