Mandiant releases rainbow table that cracks weak admin password in 12 hours

Security firm Mandiant has released a database that allows any administrative password protected by Microsoft’s NTLM.v1 hash ...

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...
CSO Online

Misconfigured demo environments are turning into cloud backdoors to the enterprise

Beyond this, Yaffe advised enterprises to “inventory everything” to establish a complete, up-to-date picture of all cloud ...