Critical Vulnerability in OpenSSH server componentEvolve Security reports a critical vulnerability, CVE-2024-6387, affecting OpenSSH server on glibc-based Linux systems, allowing remote code execution as root. Immediate actions are required. July 3, 2024ByRob Kraus,Vice President, Security Services
Tools of the Trade: Taming Burp SuiteBurp Suite is one of the most popular tools released when discussing web application penetration testing. With an easily understandable user-friendly interface, Burp Suite streamlines the process of identifying and exploiting vulnerabilities within a web application.
Tools of the Trade: Tracking Security Misconfigurations with BloodHoundLearn how to use SharpHound and AzureHound for data collection, interpret results with the BloodHound interface, and adopt strategic approaches for effective penetration testing or security remediation.
Tools of the Trade: Your Ally in Uncovering SQL Injection VulnerabilitiesUncover and exploit SQL Injection vulnerabilities with SQLmap, an open-source tool featured in this blog post. Explore the significance of understanding SQL Injection, discover key features, and follow a practical guide using Damn Vulnerable Web Application (DVWA). Enhance your penetration testing skills to identify and address critical weaknesses, mitigating the risk of data breaches effectively.
Understanding the Evolving Cyber Threat Landscape with External Attack Surface Management (EASM)EASM offers a methodical strategy to detect, evaluate, and manage cyber vulnerabilities, identifying potential entry points for adversaries. Discover the latest in vulnerability reporting and the rise of proactive security monitoring capabilities. Evolve Security's clients are shifting towards continuous testing, real-time reporting, and seamless integration, reducing the gap between detection and remediation.
Tools of the Trade: IPv6 DNS Takeover with MitM6Learn how attackers exploit IPv6 misconfigurations to perform DNS takeover and gain access to a Domain Controller using mitm6 and ntlmrelayx. Discover mitigation strategies to secure your network against these threats.
Evolve Security Lands 3 High Performer Badges, Including Americas Regional Grid Report for Penetration Testing Evolve Security is proud to announce that their Darwin Attack® platform has received three High Performer badges for Fall 2023 from G2. This recognition highlights the company's commitment to delivering top-tier cybersecurity services and its dedication to client success.