IM
IronMonkey Threat Research
LIVE
|
Articles 27,086
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 718 of 902
Threat Research Archives - Zimperium ·

Our security research team looked at the top 50 apps from iOS App store and Android Play Store and identified one app from each category that exhibited a high security or privacy vulnerability...

Financial Services Transportation Systems
Threat Research Archives - Zimperium ·

Our security research team looked at the top 50 apps from iOS App store and Android Play Store and identified one app from each category that exhibited a high security or privacy vulnerability...

Financial Services Transportation Systems
BleepingComputer ·

North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns. [...]

Velvet Chollima Emerald Sleet Government Facilities
Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News ·

Apple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks.…

Financial Services
Research & Threat Intel News- Outpost24 Blog ·

On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have...

Communications Financial Services
Industrial Cyber ·

The International Maritime Cyber Security Organisation (IMCSO), an independent maritime standards organization, released Monday its new cybersecurity assessment... The post IMCSO issues...

Transportation Systems Critical Manufacturing
Lumen Blog ·

Investing in network enhancements for multi-cloud connectivity is essential for modern enterprises in the digital age. This strategic move is not just about keeping up with technological...

Financial Services Commercial Facilities
SOC Prime Blog ·

For over a decade, russia-backed Sandworm APT group (also tracked as UAC-0145, APT44) has consistently targeted Ukrainian organizations, with a primary focus on state bodies and critical...

BleepingComputer ·

Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three...

Security | TechRepublic ·

Find out what GRC stands for, its history, and where it can be used today.

Financial Services Government Facilities
infosecurity-magazine ·

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them

Salt Typhoon Information Technology Healthcare and Public Health
BleepingComputer ·

A subgroup of the Russian state-sponsored hacking group APT44, also known as 'Seashell Blizzard' and 'Sandworm', has been targeting critical organizations and governments in a multi-year campaign...

Seashell Blizzard Critical Manufacturing Energy
Wiz Blog | RSS feed ·

Enhanced collaboration deepens cloud security capabilities, democratizes security across cloud businesses.

Information Technology
The Hacker News ·

Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve...

Information Technology
BleepingComputer ·

Cloud-based RDP Remote Desktop Protocol solutions offer a centralized dashboard to manage user access, security policies, and monitor usage from one location. Learn more from TruGrid about how...

Healthcare and Public Health Financial Services
WeLiveSecurity ·

Ever wondered what it's like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security.

infosecurity-magazine ·

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation

Salt Typhoon Information Technology Healthcare and Public Health
infosecurity-magazine ·

The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks

Evil Corp Salt Typhoon Healthcare and Public Health Information Technology
Firewall Daily – The Cyber Express ·

A West London council has revealed that it is the target of around 20,000 attempted cyberattacks every day. Hammersmith and Fulham Council, one of the boroughs in the capital, is no stranger to...

Healthcare and Public Health Government Facilities
BleepingComputer ·

Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. [...]

Krebs on Security ·

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.

Lazarus Group Financial Services Transportation Systems
CyberScoop ·

Cairncross doesn’t have any obvious major cyber experience, but has served at the RNC and White House. The post Trump picks Sean Cairncross for national cyber director appeared first on CyberScoop.

Salt Typhoon Financial Services Government Facilities
Security Latest ·

In a letter to a US senator, a Florida-based data broker says it obtained sensitive data on US military members in Germany from a Lithuanian firm, revealing the global nature of online ad surveillance.

Defense Industrial Base Communications
nao_sec ·

Initial Access Amedey is installed by msiexec.exe when you open a malicious excel file. From the document file technique, the threat actor is considered TA505. Excel 4.0 Macro Utilized by TA505 to...

nao_sec ·

First We have been observing the Fallout Exploit Kit since August 2018. Fallout is using non-characteristic URL and heavily obfuscated landing page. The user still exists and attacks are observed...

nao_sec ·

First Since July 11 2019, we have observed a new Drive-by Download attack. It is redirected from the ad-network. It does not use a conventional Exploit Kit such as RIG or Fallout, but uses its own...

nao_sec ·

First On December 11, 2019, we were strolling through ad-networks. As before, we observed RIG, Fallout and Underminer Exploit Kit, but observed other interesting Drive-by Download attack. We call...

CyberScoop ·

A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began. The post U.S. adversaries increasingly turning to cybercriminals and...

Financial Services Government Facilities
Recorded Future ·

Prepare your business for potential geopolitical disruptions from a Taiwan invasion. Assess evolving risks, global economic impacts, and strategic measures to safeguard supply chains and critical...

Cloud Threat Landscape ·

Microsoft Threat Intelligence identified a threat actor exploiting publicly disclosed ASP.NET machine keys to perform ViewState code injection attacks. This technique enables attackers to inject...