On Tuesday Kali 2026.1 was released. You can find all the details here: https://www.kali.org/blog/kali-linux-2026-1-release/ #kali #2026.1 #backtrack #pentesting #danweis #nexon

I'm often asked by IT folk, sysadmins, soc staff, and pentesters alike about some free tools they can run across their environments (or their clients) to identify security risks associated with Local Active Directory (LAD) & Entra ID (Formerly AAD). There are a stack of tools out there, but this blog post will cover some nice simple toolsets you can use in between your next pentest to make it more difficult for the pentesters during your next pentest and to improve your IAM

Patch Tuesday is again upon us. This month the new SMB patch rolled out, enabling a new feature that enables support for auditing SMB...

Citrix has released the fixes to address the latest 3 security flaws in NetScaler ADC and NetScaler Gateway, including CVE-2025-7775 that...

Most organisations these days are very familiar with phishing and Spear Phishing campaigns and are typically included in annual...

If you are seeing an increase in probing and authentication attempts against your PA's of late, its probably associated with this:...

KnowBe4 have just put out their 2025 phishing threat trends report which has some interesting findings. One in particular: "at least one...

Microsoft just put out a blog today on Securing AI models and the security controls they employ for training/learning etc. I know a lot...

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that...

Took a long time for Australia to follow suit after the US and other countries, but we have now officially banned Kaspersky on government...

Patch Tuesday is here again folks (yes I know its thursday). This months' patches address 63 Flaws, Including Two Under Active...

The ACSC, NSA and other international partners just put out some really good guidance and governance information on content credentials...

ICYMI last week, the belsen hacking group leaked configuration data (including plaintext creds) for 15,000 fortigate firewalls on the...

This week Oracle released its quarterly Critical Patch Update to address 318 new vulnerabilities in their product suite. 9...

Patch Tuesday is here again, addressing 161 vulnerabilities. with 11 critical and 3 being actively exploited. Also Super critical this...

I blogged about this one earlier in the week, but all organisations need to be aware that the latest Palo Alto vulnerability...

A lot of people would have received the notification from haveibeenpwned last night regarding the DemandScience data breach. To explain...

A new vulnerability affecting all versions of Fortinet’s FortiManager device has been disclosed and is being actively exploited in the...

Microsoft have released their 2024 Digital Defense Report. A super interesting read on the threats, tactics and attacks they are seeing....

A new joint advisory came out on saturday from the FBI, CISA, the NSA, CSE, AFP and the ACSC warning that Iranian state-sponsored threat...