🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Is your cybersecurity strategy keeping up with modern threats? Continuous threat exposure management (CTEM) is a five-step framework to stay ahead of threat actors. Learn the basics and how to get started here: ow.ly/Uu9F50Ux4y5 #ExposureManagement #CTEM #pentesting

How can security gaps can emerge in Azure Machine Learning? Karl's latest blog covers: • Code execution via Storage Account permissions • A privilege escalation bug (now fixed) • A tool for automating credential dumping Read the full blog 👉 ow.ly/HTfF50UBQQe

The countdown to DORA compliance is on! ⏳ Are you ready for the 17 January 2025 deadline? Check on your progress toward compliance with our interactive checklist. Get your copy. ➡️ ow.ly/MB4150SOEaM #DORA #digitalresilience #TIBEREU

Simplify your steps toward compliance with the Digital Operational Resilience Act (DORA). Our interactive checklist guides you through establishing a robust testing program & maintaining compliance. Get the free tool: ow.ly/MB4150SOEaM #DORA #digitalresilience #TIBEREU

Help us define the future of Trustworthy AI by contributing to our expanding benchmarks, from fairness to ethical alignment and beyond. Your insights could drive the next breakthroughs in balancing security and usability. ow.ly/S81y50Ux3nr

NetSPI Security Hardware Pentesting Team gives a starting point for those wanting to learn how to decap chips for optical viewing & reversal of integrated controller. Read the article: ow.ly/1hmZ50UGU3M

How resilient is your AI to adversarial attacks? We’re exploring cutting-edge jailbreaking techniques and invite you to collaborate in advancing testing methodologies for safer AI systems. ow.ly/qJfz50Ux3sa

🚀 Speaker Spotlight: Kurtis Shelton 🚀 Kurtis Shelton AI vulnerabilities aren’t binary—they exist on a spectrum. Join Kurtis Shelton, Principal AI Security Researcher NetSPI , at Apres-Cyber Slopes Summit as he breaks down AI security benchmarks, bias detection & red teaming

Cloud environments, ESXi servers, and remote access tools are prime ransomware targets. Join NetSPI's Ben Lister & Maril Vernon on Thurs. 3/13 at 1pm ET as they reveal security gaps attackers exploit & how to protect your business: ow.ly/a8FB50V9lw7

An attacker with access to a Web Help Desk backup file could recover some encrypted passwords stored within it. NetSPI Principal Security Consultant Jamie Riden wrote to tell about it. Check out his latest blog post to learn more: ow.ly/HFZC50VflwC

Beacon Object Files (BOFs) in C2 platforms limit developers. ow.ly/rQ2e50VjZBU Read NetSPI's blog post to explore a reference design for a new BOF portable executable (PE) concept that bridges the gap between modern C++ development and memory-executable C2 integration.

The overall attack surface of Salesforce is often overlooked, and the result could be disastrous for your organization. ow.ly/CYZ350VrvEz NetSPI's Weylon Solis explores authorization issues & common bad practices to avoid. Learn more! #salesforce #proactivesecurity

CVE-2025-27590 Oxidized Web: Local File Overwrite is a vulnerability where an attacker w/ access to the /migration page of Oxidized Web v0.14 can overwrite any local file that the ‘oxidized’ user can write to & gain remote code execution on the web server. ow.ly/C1R350VxKLJ

Microsoft patched critical vulnerabilities (CVE-2025-21299, CVE-2025-29809) in Q1 2025. NetSPI research reveals Kerberos canonicalization bypasses Hyper-V isolation of credentials, compromising Windows security. Read the full article: ow.ly/WcuW50VAOTg

NetSPI just released a new tool, Wopper (WordPress Privilege Escalation Rapidly) - a faster way to execute code during WordPress security assessments. Check out this new blog post by NetSPI Security Consultant II Joe Grassl to learn more: ow.ly/srOC50VEQXC

NetSPI security experts Sam. Beaumont & Larry Trowell will show how they made advanced hardware attacks possible using everyday lasers & readily available parts at BSides Tokyo. ow.ly/CcHM50VPqzU #BSidesTokyo #TeamNetSPI #Speaker #proactivesecurity

Read the details on how multiple arbitrary SYSTEM file delete flaws (CVE-2025-23009, CVE-2025-23010) can be exploited for privilege escalation. ✅ SonicWall has patched these issues in NetExtender v10.3.2 ow.ly/UxPT50W0xWA

⚡️ Introducing our latest e-book, Continuous Threat Exposure Management (CTEM) For Dummies, NetSPI Special Edition – your ultimate intro to #CTEM! Dive into the world of #proactivesecurity with this comprehensive guide. Get your free copy now ⬇️ ow.ly/Gkem50VZAkS

NetSPI's Sam. Beaumont and Larry Trowell developed RayV Lite—a low-cost laser fault injection tool that makes advanced hardware security testing accessible beyond nation-states using open-source hardware & inexpensive IR-leaking lasers. ➡️ ow.ly/Nqtm50W4fjT

Microsoft Defender for Identity vulnerability (CVE-2025-26685) allows unauthenticated attackers to capture Net-NTLM hashes and potentially gain AD access. Security tools can become attack vectors - understanding this risk is crucial: ow.ly/UOc050W8inY