With so many employees and contractors working remotely, security teams and CISOs grapple with the job of continuing to protect networks, systems, data, and people. One challenge: recognizing clues that something is wrong when nothing looks normal.
Cloudflare has open sourced Flan Scan, a “lightweight” network vulnerability scanner that it uses in-house to help identify vulnerable services running in its vast network. Early reactions suggest that it shouldn’t be the sole vulnerability management tool being used in the network.
Capsule8 is working to change the way enterprises think about attack detection and response.
FireEye has released PwnAuth, an open source tool designed to help security professionals test their organization's ability to detect and respond to attacks abusing OAuth.
In this illustrated Hacker History video, security researcher Dan Kaminsky goes back to 2008 and describes how he found the vulnerability in DNS and almost broke the Internet. Unfortunately, DNS still needs to be fixed.