IM
IronMonkey Threat Research
LIVE
|
Articles 27,093
|
CVEs 348,840
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,061 articles — Page 776 of 903
CERT Polska ·

The Dangerous websites Warning List will soon be five years old. Over this time it stopped millions of attempts to connect to malicious domains and has become our most effective tool in the fight...

News phishing
The Hacker News ·

German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of...

Cloud Atlas Defense Industrial Base Transportation Systems
CERT Polska ·

XSS (Cross-site Scripting) vulnerability has been found in Kentico CMS software (CVE-2024-12907).

CVE vulnerability
infosecurity-magazine ·

The State of Rhode Island has confirmed that cybercriminals have begun publishing data stolen from its social services portal, the RIBridges system

Salt Typhoon Financial Services Transportation Systems
CERT Polska ·

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-11716 and CVE-2024-11717) found in CTFd software.

CVE vulnerability
BleepingComputer ·

Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks. [...]

Salt Typhoon Commercial Facilities
infosecurity-magazine ·

Over 2.5 million end users are at risk as researchers discover 36 compromised Chrome extensions

Salt Typhoon Commercial Facilities Financial Services
Malpedia Library (Latest) ·

2024-12-20 • Orange Cyberdefense • Alexandre Matousek, Marine PICHON • win.emmenhtal Open article on Malpedia

Malpedia Library (Latest) ·

2024-12-16 • Zscaler • ThreatLabZ research team • win.riseloader Open article on Malpedia

Information Technology
Malpedia Library (Latest) ·

2024-12-24 • NTT Security Holdings • NTT Security Holdings • js.beavertail, py.invisibleferret Open article on Malpedia

Malpedia Library (Latest) ·

2024-12-12 • Elastic • Daniel Stepanic, Elastic Security Labs, Jia Yu Chan, Salim Bitam, Seth Goodwin • win.quasar_rat Open article on Malpedia

Malpedia Library (Latest) ·

2024-12-20 • Team Cymru • Lewis Henderson Open article on Malpedia

infosecurity-magazine ·

Chinese hackers appear to have compromised Treasury machines via a trusted third party

Salt Typhoon Critical Manufacturing Communications
Security News | TechCrunch ·

Chinese government hackers targeted the U.S. Treasury’s highly sensitive sanctions office during a December cyberattack, according to reports. According to The Washington Post, the state-sponsored...

Salt Typhoon Financial Services Commercial Facilities
Industrial Cyber ·

The U.S. government has unveiled a cybersecurity implementation plan for energy modernization, addressing the evolving energy landscape as... The post New US cybersecurity implementation plan for...

Energy Critical Manufacturing
Industrial Cyber ·

The Infrastructure Security Division (ISD) of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is set to submit... The post CISA seeks public input on new ChemLock information...

Chemical Critical Manufacturing
Cloud Threat Landscape ·

Kong Ingress Controller is a popular ingress controller for Kubernetes. The Kong Ingress Controller version 3.4 instances have been experiencing a significant performance regression causing...

Critical Manufacturing
Security News | TechCrunch ·

A Tesla Cybertruck that exploded and burst into flames Wednesday morning just outside the Trump International Hotel Las Vegas has left one person dead and several injured, according to the Las...

Commercial Facilities Financial Services
The Hacker News ·

Threat hunters have disclosed a new "widespread timing-based vulnerability class" that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all...

Cloud Atlas Information Technology Healthcare and Public Health
The Hacker News ·

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024...

Charming Kitten Government Facilities
Security | TechRepublic ·

Patch Tuesday is Microsoft’s monthly update day for fixing vulnerabilities. Learn its purpose, benefits, and how it enhances system security.

Information Technology
ASEC ·

ASEC Blog publishes Ransom & Dark Web Issues Week 1, January 2025 Customer information data from a South Korean children’s bookstore has been leaked on BreachForums. RDP access credentials for a...

Financial Services
ASEC ·

The following is the information on Yara and Snort rules (week 1, January 2025) collected and shared by the AhnLab TIP service. 0 YARA Rules 5 Snort Rules Detection name Source ET TROJAN Observed...

ASEC ·

Play ransomware, also known as Balloonfly or PlayCrypt, was first identified in June 2022 and has reportedly attacked over 300 organizations worldwide since then. A notable characteristic of the...

Andariel Defense Industrial Base
Wiz Blog | RSS feed ·

Let’s explore some common missteps in securing your AWS OIDC.

Energy Information Technology
BleepingComputer ·

2024 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Below are fourteen of what...

Midnight Blizzard Salt Typhoon Healthcare and Public Health Communications
Security Latest ·

Your messages going back years are likely still lurking online, potentially exposing sensitive information you forgot existed. But there's no time like the present to do some digital decluttering.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News ·

Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools.

Cozy Bear Unfading Sea Haze Financial Services Defense Industrial Base
maxwelldulin ·

TrustSec has contributed to the Optimism ecosystem both in contributing to contests, and audits and two paid bug bounties. In this post, they talk about the security of Optimism and some of the...

Transportation Systems Energy
Unit 42 ·

The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails. The post Bad Likert Judge: A Novel Multi-Turn...