IM
IronMonkey Threat Research
LIVE
|
Articles 27,088
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,056 articles — Page 665 of 902
ASEC ·

1. Overview In June 2024, the security company CheckPoint-Research (CPR) published a post on a security threat that used the Legacy Driver Exploitation technique. This attack mostly focused on...

BleepingComputer ·

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers...

Industrial Cyber ·

Evolving cyber threat landscapes have led to OT/ICS incident response priorities being under significant pressure. By stressing the... The post Strengthening OT/ICS incident response to address...

Critical Manufacturing Emergency Services
BleepingComputer ·

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]

Communications Commercial Facilities
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News ·

The US extradites LockBit ransomware developer, Rostislav Panev, from Israel. Learn how his arrest impacts the fight against…

Financial Services Government Facilities
Cloud Threat Landscape ·

Cado Security Labs has uncovered a cryptomining campaign exploiting misconfigured Jupyter Notebooks, affecting both Windows and Linux environments. The attackers use Jupyter as an entry point to...

Wiz Blog | RSS feed ·

A supply chain attack on popular GitHub Action tj-actions/changed-files caused many repositories to leak their secrets. Discover how it unfolded and the steps to mitigate the risk.

Critical Manufacturing Energy
Orange Cyberdefense ·

TL;DR How to do NoSQL error-based injection

Energy
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News ·

Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…

Financial Services
The Hacker News ·

Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but...

Information Technology Commercial Facilities
Security Latest ·

Plus: A nominee to lead CISA emerges, Elon Musk visits the NSA, a renowned crypto cracking firm’s secret (and problematic) cofounder is revealed, and more.

Silicon Government Facilities Financial Services
BleepingComputer ·

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. [...]

Communications
Maxwell Dulin's Resources ·

1Inch is a limit order swap DeFi platform. 1Inch Fusion is a gasless swap protocol built on top of the core Limit Order Protocol. This version was deprecated in 2023 but was kept alive for...

Energy
Maxwell Dulin's Resources ·

This is just a bunch of slides but a ton can still be learned from it. The target is an In-Vehicle Entertainment system that has things like Amazon Alexa and things built into it. The first part...

Commercial Facilities
maxwelldulin ·

The initial research for this post started with an attack vector as opposed to a real issue: ruby-saml used two different SAML libraries. During signature verification, the element is first read...

Cloud Threat Landscape ·

The compromised version of tj-actions/changed-files injects malicious code into CI workflows, potentially capturing and exposing secrets from affected repositories. On public repositories, the...

Critical Manufacturing
Krebs on Security ·

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to...

Commercial Facilities Healthcare and Public Health
Security | TechRepublic ·

The vulnerability allowed malicious code running inside the Web Content sandbox, an isolated environment for web processes designed to limit security risks, to impact other parts of the device.

Financial Services
Security | TechRepublic ·

Cisco’s training through its Networking Academy will help “build a resilient and skilled workforce ready to meet Europe’s digital transformation and AI objectives.”

Transportation Systems
The Hacker News ·

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally...

Healthcare and Public Health
Security | TechRepublic ·

The British side reportedly said they would have to produce warrants for each individual data access request, so they will always have to be made as part of an investigation into serious crime.

Financial Services
The Hacker News ·

The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed...

Sharp insights on cybersecurity ·

Barracuda Email Protection offers a one-stop-shop solution to free LCA's IT team from manual effort. Read about LCA's story in this case study blog.

Financial Services Critical Manufacturing
Security News | TechCrunch ·

Klein, a former AT&T technician turned whistleblower, exposed mass surveillance by the U.S. government in 2006. © 2024 TechCrunch. All rights reserved. For personal use only.

Financial Services Government Facilities
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News ·

Symantec demonstrates OpenAI's Operator Agent in PoC phishing attack, highlighting AI security risks and the need for proper cybersecurity.

Financial Services
BleepingComputer ·

A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. [...]

Financial Services Information Technology
Firewall Daily – The Cyber Express ·

The U.S. has succeeded in extraditing a suspected LockBit ransomware developer who was arrested last year. Rostislav Panev, 51, a dual Russian and Israeli national, was arrested last year in...

Healthcare and Public Health Financial Services
CyberScoop ·

An investigation by California’s attorney general into use of location data could rein in the worst abusers, but should also be able to determine legitimate business use. The post California’s...

Commercial Facilities Government Facilities
The Hacker News ·

Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief...

The Hacker News ·

Most microsegmentation projects fail before they even get off the ground—too complex, too slow, too disruptive. But Andelyn Biosciences proved it doesn’t have to be that way. Microsegmentation:...

Critical Manufacturing Healthcare and Public Health