#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Penetration Testing | Breaking Cybersecurity News | The Hacker News

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike
Nov 23, 2022
A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 by a red team with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2." However, there are no indications that a leaked or cracked version of Nighthawk is being weaponized by threat actors in the wild, Proofpoint researcher Alexander Rausch  said  in a write-up. Nighthawk, launched in December 2021 by a company called MDSec, is analogous to its counterparts  Cobalt Strike ,  Sliver , and  Brute Ratel , offering a red team toolset for adversary threat simulation. It's licensed for £7,500 (or $10,000) per user for a year. "Nighthawk is the most advanced and evasive command-and-control framework available on the market," MDSec  notes . &qu

What is an External Penetration Test?

What is an External Penetration Test?
Nov 14, 2022
A penetration test (also known as a pentest) is a security assessment that simulates the activities of real-world attackers to identify security holes in your IT systems or applications.  The aim of the test is to understand what vulnerabilities you have, how they could be exploited, and what the impact would be if an attacker was successful. Usually performed first, an external pentest (also known as external network penetration testing) is an assessment of your perimeter systems. Your perimeter is all the systems that are directly reachable from the internet. By definition, they are exposed and are, therefore the most easily and regularly attacked. Testing for weaknesses External pentests look for ways to compromise these external, accessible systems and services to access sensitive information and see how an attacker could target your clients, customers or users.  In a high-quality external pentest, the security professional(s) will copy the activities of real hackers, like ex

Penetration Testing or Vulnerability Scanning? What's the Difference?

Penetration Testing or Vulnerability Scanning? What's the Difference?
Aug 18, 2022
Pentesting and vulnerability scanning are often confused for the same service. The problem is, business owners often use one when they really need the other. Let's dive in and explain the differences. People frequently confuse penetration testing and vulnerability scanning, and it's easy to see why. Both look for weaknesses in your IT infrastructure by exploring your systems in the same way an actual hacker would. However, there is a very important distinction between the two - and when each is the better option. Manual or automated? Penetration testing is a  manual  security assessment where cyber security professional attempts to find a way to break into your systems. It's a hands-on, in-depth test to evaluate security controls across a variety of systems, including web application, network and cloud environments. This kind of testing could take several weeks to complete, and due to its complexity and cost, is commonly carried out once a year. Vulnerability scanning,

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface
Jul 26, 2022
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobile banking apps, chat-based customer service, and other digital tools.  Adobe's 2022 FIS Trends Report ,  for instance, found that more than half of the financial services and insurance firms surveyed experienced a notable increase in digital/mobile visitors in the first half of 2020. The same report found that four out of ten financial executives say that digital and mobile channels account for more than half of their sales – a trend that's only expected to continue in the next few years. As financial institutions expand their digital footprint, they have more opportunities to better serve their customers – but are also more exposed to security threats. Every new tool increases the attack surface. A higher number of potential security gaps, may potentially lead to a higher number of security breaches. According to the  Cisco CI

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning
Jun 16, 2022
For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the strengths and weaknesses of each approach, but let's wind it back a second for those who aren't sure why they should even do internal scanning in the first place. Why should you perform internal vulnerability scanning? While  external vulnerability scanning  can give a great overview of what you look like to a hacker, the information that can be gleaned without access to your systems can be limited. Some serious vulnerabilities can be discovered at this stage, so it's a must for many organizations, but that's not where hackers stop.  Techniques like phishing, targeted malware,

Everything you need to know to create a Vulnerability Assessment Report

Everything you need to know to create a Vulnerability Assessment Report
Apr 28, 2022
You've been asked for a Vulnerability Assessment Report for your organisation and for some of you reading this article, your first thought is likely to be "What is that?" Worry not. This article will answer that very question as well as why you need a Vulnerability Assessment Report and where you can get one from.  As it's likely the request for such a report came from an important source such as the Board, a partner, a client or an auditor, there isn't a moment to waste. So let's drive straight in. What is a Vulnerability Assessment Report and why do you need one? A Vulnerability Assessment Report is simply a document that illustrates how you are managing your organisation's vulnerabilities. It's important because, with tens of thousands of new technology flaws being discovered every year, you need to be able to prove that your organisation does its best to avoid attack if you want to be trusted by partners and customers.  A best security practi

Iranian Hackers Exploiting VMware RCE Bug to Deploy 'Core Impact' Backdoor

Iranian Hackers Exploiting VMware RCE Bug to Deploy 'Core Impact' Backdoor
Apr 26, 2022
An Iranian-linked threat actor known as  Rocket Kitten  has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as  CVE-2022-22954  (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager. While the issue was patched by the virtualization services provider on April 6, 2022, the company  cautioned users  of confirmed exploitation of the flaw occurring in the wild a week later. "A malicious actor exploiting this RCE vulnerability potentially gains an unlimited attack surface," researchers from Morphisec Labs  said  in a new report. "This means highest privileged access into any components of the virtualized host and guest environment." Attack chains exploiting the flaw involve the distribution of a PowerShell-based stager, which is the

PECB Certified Lead Ethical Hacker: Take Your Career to the Next Level

PECB Certified Lead Ethical Hacker: Take Your Career to the Next Level
Dec 27, 2022
Cybercrime is increasing exponentially and presents devastating risks for most organizations. According to Cybercrime Magazine, global cybercrime damage is predicted to hit $10.5 trillion annually as of 2025. One of the more recent and increasingly popular forms of tackling such issues by identifying is ethical hacking. This method identifies potential security vulnerabilities in its early stages. Certified ethical hackers use advanced tools and strategies to prevent cyberattacks and help organizations strengthen their cybersecurity. Why Companies Should Hire Ethical Hackers As cyberattacks constantly evolve and improve, organizations must ensure that their defense systems and approach can keep up with the level and complexity of cyberattacks. In today's business era, organizations cannot afford to operate without identifying the vulnerabilities in their system and taking preventive measures. As such, ethical hackers provide several advantages: they offer a unique outsider's persp

Vulnerability Scanning Frequency Best Practices

Vulnerability Scanning Frequency Best Practices
Dec 06, 2021
So you've decided to set up a vulnerability scanning programme, great. That's one of the best ways to avoid data breaches. How often you should run your scans, though, isn't such a simple question. The answers aren't the same for every type of organization or every type of system you're scanning. This guide will help you understand the questions you should be asking and help you come up with the answers that are right for you. How often should vulnerability scans be run A lot of the advice below depends on what exactly you're scanning. If you're not sure about that yet - check out this comprehensive  vulnerability scanning guide . Once you've decided which systems should be in scope, and what type of scanner you need, you're ready to start scanning. So how often should you ideally be running vulnerability scans? Here are five strategies to consider, and we'll discuss in which scenarios they work best: Change-based Hygiene-based Complian

Types of Penetration Testing

Types of Penetration Testing
Nov 08, 2021
If you are thinking about performing a penetration test on your organization, you might be interested in learning about the different types of tests available. With that knowledge, you'll be better equipped to define the scope for your project, hire the right expert and, ultimately, achieve your security objectives. What is penetration testing? Penetration testing, commonly referred to as "pen testing," is a technique that simulates real-life attacks on your IT systems to find weaknesses that could be exploited by hackers. Whether to comply with security regulations such as ISO 27001, gain customer and 3rd party trust, or achieve your own peace of mind, penetration testing is an effective method used by modern organizations to strengthen their cyber security posture and prevent data breaches.  Read about the different types of penetration testing to find out which type you can benefit from the most: Network penetration testing As the name suggests, a network penetra

Before and After a Pen Test: Steps to Get Through It

Before and After a Pen Test: Steps to Get Through It
Oct 21, 2021
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial efforts and solutions put in place to overcome previously discovered security vulnerabilities.  Let's look more closely at the pen test. What is included in a penetration test? How are they performed, and by whom? What steps should be taken after a penetration test? What is a penetration test? 1 — Simulated cyberattack A penetration test is, for all practical purposes, a simulated cyberattack on your business. However, it is carried out by the "good guys." An outside resource often conducts a penetration test, whether a third-party security consulting company or another security entity. Securit
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.