What Can We Help You Find?

Netwrix Account Lockout Examiner (versions prior to 5.1) allows an unauthenticated remote adversary to capture the NTLMv1/v2 challenge response....

An attacker could use a poisoned docker image to break out of a container.

Optiv is releasing REST API Goat, a vulnerable API, to help boost AppSec skills.

Here is current analysis insight and a YARA rule to help you detect HiddenTear ransomware variants.

How to prioritize efforts based on alert information from Microsoft Defender ATP, Logic Apps, and Log Analytics.

Burp Suite’s Intruder tool can be used to automate testing for weak/default passwords.

Talon automates a password guessing technique targeting Kerberos and LDAP within the Windows Active Directory environment.

A how to guide using Gitlab, Hashicorp Terraform Cloud, AWS EKS and Palo Alto Networks Prisma Cloud to build and secure a Kubernetes cluster.

The Visual Lock Picking Workstation displays the inner workings of a lock while teaching lock picking.

This paper explores the Burp Suite extension for Azure API Management to automatically identify gateway misconfigurations and to display the tracing....

Part 3 of series: Prioritizing Microsoft Defender ATP endpoint alert telemetry with MITRE ATT&CK.