article thumbnail

9 Best Penetration Testing Tools for 2022

eSecurity Planet

Pen tests are often performed by third parties, but as these outside tests can be expensive and become dated quickly, many organizations perform their own tests with pen testing tools, using their own IT personnel for their red teams (attackers). Others include vulnerability scanning tools and vulnerability management solutions.

article thumbnail

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

ChatGPT and other generative AI tools have been used by cybercriminals to create convincing spoofing emails, resulting in a dramatic rise in business email compromise (BEC) attacks. They found a tool called WormGPT “through a prominent online forum that’s often associated with cybercrime,” Kelley wrote in a blog post.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

What’s more, it will likely take a blend of legacy security technologies – in advanced iterations – combined with a new class of smart security tools to cut through the complexities of defending contemporary business networks. Its rather mundane function is to record events in a log for a system administrator to review and act upon, later.

Security 223
article thumbnail

Linux Patch Management: Tools, Issues & Best Practices

eSecurity Planet

Here we’ll discuss how patch management works on Linux, best practices, and the best patch management tools for Linux. Each operating system has its own unique approach to patch management based on their underlying philosophies and target audiences. Manually updating each system can be tedious, complex and prone to human error.

Cloud 80
article thumbnail

Automated Patch Management: Definition, Tools & How It Works

eSecurity Planet

Automated patch management can help prevent security breaches by automatically identifying, downloading, testing, and delivering software and firmware updates to devices and applications through the use of specialized software tools. Software updates are critical for keeping a system’s integrity and security intact.

IT 82
article thumbnail

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. Scripts to execute legitimate native Windows tools [T1047], such as PsExec and Nltest. Scripts to execute legitimate native Windows tools [T1047], such as PsExec and Nltest.

article thumbnail

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.”