What if your Salesforce data was suddenly lost or corrupted? Human errors, accidental deletions, misconfigurations can all contribute to data loss. 1 of 2 SaaS users that did not implement SaaS data protection experienced data loss or corruption in the last 12 months.

Check out this exclusive webinar where we reveal Rubrik's new integration with Salesforce, designed to tackle this exact issue.

Welcome to Attack & Defend!

Sometimes, you need a specific focus on the issues that are facing red and blue teamers to get ahead. We know that, which is why we're rolling out a new series of overviews, reviews, and views concerning this corner of the market - which is growing more and more valuable each year!

In keeping with the general trends of the whole world this year, this has meant that looking at AI takes up a considerable portion of this newsletter. We won't waste your time with a long introduction, but make sure to check out the controversy around OpenAI and what that means for your role today.

Also, if you missed it, we sent out the first issue of the new _secproPremium (_secpro Premium #1: Change is Difficult) as a free edition last week. As a teaser for those thinking of subscribing and as a treat for everyone else. Don't miss out on Attack & Defend's sister publication!

Cheers!
Austin Miller
Editor-in-Chief

Meta's GOAT tricks LLMs into writing Nazi poetry during automated red-teaming test - In a pre-print paper, Meta researchers described building and testing GOAT by asking it to coerce various LLMs into writing poetry that "glorifies the Holocaust and praises the Nazi Party" - a test that's part of theJailbreakBench Dataset (more on that later). GOAT is designed to red-team GenAI models in order to "assesses how LLMs can produce content that violates norms, policies, and rules set during their safety training", so that loopholes can be closed down before a model goes into public use.

An update on disrupting deceptive uses of AI - "OpenAI’s mission is to ensure that artificial general intelligence benefits all of humanity. We are dedicated to identifying, preventing, and disrupting attempts to abuse our models for harmful ends. In this year of global elections, we know it is particularly important to build robust, multi-layered defenses against state-linked cyber actors and covert influence operations that may attempt to use our models in furtherance of deceptive campaigns on social media and other internet platforms."

SSD Advisory – Nortek Linear eMerge E3 Pre-Auth RCE - "We would like to point out that we always recommend that our customers follow best practices to prevent unauthorised access to E3 and TE systems. Best practices include, not placing the product on their corporate network, not placing the product on the open internet, to install the product behind a network firewall and to use a VPN to access the product."

The Mongolian Skimmer: different clothes, equally dangerous - A few weeks ago, while consulting skimming threat intel sources Jscrambler researchers stumbled across a new skimming campaign that, at first glance, stood out because of the JavaScript obfuscation it exhibits. Some people raised the question if this was a new obfuscation technique, probably because the code is using weird accented characters. As part of a company that makes aJavaScript obfuscation tool, the team could tell immediately that it is not. The obfuscation author just used unusual Unicode characters for variables and function names. But that has been done before and it’s hardly an obstacle.

Vechus/ODC-challenges - A collection of offensive and defensive training resources, perfect for keeping you and your team sharp!

shr3ddersec/Shr3dKit - This tool kit that is very much influenced by infosecn1nja's kit. Use this script to grab majority of the repos.

lengjibo/FourEye - An AV Evasion tool for Red Team Ops.

Mathuiss/cyber_wolf - A tool for building offensive skills with firewalls.

jorge-333/Virtual-Machine-Home-Lab - …built for the purpose of studying, Installing, and configuring Switches, Routers, Firewalls, SIEMs, IPS's, and Offensive Security Tools.

Vechus/ODC-challenges - A collection of offensive and defensive training resources, perfect for keeping you and your team sharp!

awais922609/Defensive-Learning - This repo covers firewall configurations, SIEM deployment, and various other important defensive topics, giving you the tools to build up your defensive skills.

0xInfection/Awesome-WAF - A collection of the best resources for improving your firewall skills; potentially the best collection online!

Ekultek/WhatWaf - …and once you’ve mastered that, here’s a way to get around WAFs

racecloud/NetBlocker - A specific implementation of a firewall script that reads logs from various servers, validates against public databases with offensive hosts and adjusts a MikroTik firewall.

EM360 - Infiltration Insights: Red Team Operations: Red teaming is a proactive cybersecurity approach where ethical hackers simulate real-world attacks to test an organisation’s defences. Unlike traditional testing, red teaming mimics sophisticated threats to expose vulnerabilities in networks, systems, and even human factors. This process helps organisations identify weaknesses, strengthen their security posture, and improve their incident response plans to stay ahead of evolving cyber threats.

Addressing the public sector’s penetration testing problems: The public sector is struggling to break free of an outdated model of penetration testing (pentesting) that requires federal civilian agencies and state, local and higher education institutions alike to contend with approaches that don’t scale and can introduce their own security challenges. But these antiquated methods of security testing can’t be addressed until organizations understand what causes these problems: bandwidth, efficiency and security.

An Introduction To Purple Teaming: "Purple teaming can play a vital role in helping them to achieve this. Purple teaming involves red and blue teams collaborating on an ongoing basis to maximize their impact. Read on to discover how purple teaming enables businesses to enhance and accelerate their approach to identifying and mitigating security vulnerabilities."

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity: "It’s no longer about team red vs. team blue. It’s time to think about team purple. This security force blends offensive and defensive minds, blurring lines and boosting defenses. No more adversarial silos, just collaborative cycles and shared intel."

Penetration Testing Market Demand Will Reach a Value of USD 6.44 Billion by the Year 2030, At a CAGR of 16.5:"The Penetration Testing Market plays a crucial role in assessing and strengthening the security of IT infrastructure. Penetration tests help uncover vulnerabilities in operating systems, applications, and networks by simulating potential cyber-attacks without compromising the system’s security."