Nation-state threat actors often discover…

An attacker changes the profile information of a particular user (victim) on the…

It is a vulnerability in GNUs bash shell, discovered in September of 2014, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of-servic…

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it.

The network administrator contacts you and tells you that she noticed the temperature on the…

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.

Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system.

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (D…

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. I…

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE-s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer security (TLS) protocols defined in RFC6520.