City and Flock Manipulate Security Scores

조지아주 던우디 시에서 Flock의 감시 카메라 시스템에 대한 보안 평가가 독립적이지 않고 Flock이 직접 점수를 조작하는 방식으로 이루어진 사실이 내부 이메일을 통해 드러났다. 시 기술 책임자가 Flock 측에 점수 상향을 요청하고, 평가 기준이 완화되어 위험도가 낮게 평가되도록 변경되었다. 이로 인해 시의회는 부정확한 정보에 기반해 계약 확장 여부를 결정했으며, 이는 공공 안전에 심각한 영향을 미칠 수 있다. 유사 사례로 2022년 NCS4와 Evolv 사건이 있으나, 이번 사건은 시 공무원이 직접 개입했다는 점에서 더 심각하다.

https://ipvm.com/reports/flock-review-dunwoody

#securityassessment #surveillance #vendorrisk #publicsector #datamanipulation

Israel assesses Iranian regime to survive protests

https://fed.brid.gy/r/https://www.israelhayom.com/2026/01/06/israel-assesses-iranian-regime-survival-protests/

🐈‍⬛ Hashcat – A Practical Guide to Password Auditing

Hashcat is a powerful GPU-accelerated password recovery tool used by security professionals to test the strength of passwords in authorized environments.

🧠 What Hashcat is used for:
• Auditing password hashes (e.g., from Windows, Linux, web apps)
• Testing password policies and complexity
• Identifying weak or reused credentials in simulated lab setups

🔐 Key Features:
• Supports a wide variety of hash types (MD5, SHA1, NTLM, bcrypt, etc.)
• Multiple attack modes: dictionary, brute-force, mask, hybrid, rule-based
• Highly customizable and efficient with GPU acceleration
• Works well for red teamers and defenders validating password hygiene

🎯 When to use it:
• During penetration tests (with permission)
• In password policy assessments
• For internal security audits and training exercises

Disclaimer: This guide is for educational and ethical use only. Only audit password hashes on systems you own or have explicit authorization to test.

#Hashcat #CyberSecurity #PasswordAuditing #EthicalHacking #InfoSec #EducationOnly #RedTeamTools #CredentialSecurity #GPUCracking #SecurityAssessment

Time to level up your data skills! Who’s using TISAX already? Let’s discuss!

#TISAX #TISAXCertification #InformationSecurity #AutomotiveSecurity #RiskManagement #VDAISA #AutomotiveIndustry #ThirdPartyRiskManagement #SecurityAssessment #GQSSingapore

Time to level up your data skills! Who’s using TSAX already? Let’s discuss!

#TISAX #TISAXCertification #InformationSecurity #AutomotiveSecurity #RiskManagement #VDAISA #AutomotiveIndustry #ThirdPartyRiskManagement #SecurityAssessment #GQSSingapore

Hello everyone.

In today's article, we examine the Penetration Testing Report process in detail.

I wish everyone a good read.
https://denizhalil.com/2024/11/25/penetration-testing-report-importance-template/

#cybersecurity #ethicalhacking #pentesting #penetrationtesting #securityassessment

What to look for when reviewing a company's infrastructure

https://blog.marcolancini.it/2022/blog-cloud-security-infrastructure-review/

#cloudsecurity #aws #azure #gcp #securityassessment