IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 826 of 902
Krebs on Security ·

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that...

Scattered Spider Financial Services
Wiz Blog | RSS feed ·

Explore Kubernetes control plane access vectors, risks, and security strategies to prevent unauthorized access and protect your clusters from potential threats.

Information Technology
ASEC ·

The following is the information on Yara and Snort rules (week 2, November 2024) collected and shared by the AhnLab TIP service. 3 YARA Rules Detection name Description Source...

Threat Intelligence – ReliaQuest ·
Checkmarx Zero - Medium ·

October 2024 heralded a new chapter in supply chain security challenges, characterized by innovative attack techniques and cryptocurrency-focused threats. A groundbreaking entry point exploitation...

Critical Manufacturing Financial Services
Security Latest ·

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take...

Silicon Financial Services Information Technology
Security Latest ·

Privacy advocates worry banning masks at protests will encourage harassment, while cops’ high-tech tools render the rules unnecessary.

Transportation Systems Defense Industrial Base
WeLiveSecurity ·

Artificial intelligence is reshaping the music landscape, turning listeners into creators and sparking new debates over creativity, copyright, and the future of music

Commercial Facilities
Recorded Future ·

China-based TAG-112 exploited Tibetan sites to spread Cobalt Strike malware. Recorded Future reveals targeted threats by state-sponsored actors.

Recorded Future ·

Explore why identity is the new security frontier. Learn how credential-based attacks dominate and discover proactive strategies for safeguarding SaaS environments.

Information Technology
ASEC ·

The following are the main APT groups and their cases based on the analysis reports released by security companies and organizations in October 2024. 1. Andariel Symantec’s Threat Hunter Team has...

Andariel Government Facilities Information Technology
Security Latest ·

The Pentagon is pursuing every available option to keep US troops safe from the rising tide of adversary drones, including a robotic twist on its standard-issue small arms.

Defense Industrial Base Critical Manufacturing
WeLiveSecurity ·

In an era of escalating digital threats, cybersecurity compliance goes beyond ticking a legal box – it’s a crucial shield safeguarding assets, reputation, and the very survival of your business

Healthcare and Public Health Financial Services
ASEC ·

Overview Ransomware attacks are still on the rise in 2024. Threat actors continue to launch ransomware attacks because victims infected with ransomware often pay a ransom to recover their data,...

Healthcare and Public Health Financial Services
Krebs on Security ·

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services...

Financial Services Government Facilities
Security Latest ·

Plus: Hot Topic confirms a customer data breach, Germany arrests a US citizen for allegedly passing military secrets to Chinese intelligence, and more.

Salt Typhoon Defense Industrial Base Government Facilities
Maxwell Dulin's Resources ·

AWS WAF only supports plain text and JSON by default. When invalid JSON is found (such as a duplicate key), the default option is to proceed on with the JSON. Another option is to evaluate as...

Energy
Maxwell Dulin's Resources ·

multipart/form-data is used for forms that include binary data, which can be broken into multiple parts. Each part has a boundary string (declared in the actual requests headers) that contains its...

Energy Information Technology
Maxwell Dulin's Resources ·

In macOS, most processes run in a restricted sandbox with the com.apple.security.app-sandbox entitlement. These sandbox restrictions are applied before the app's main function via containerization...

Healthcare and Public Health
Threat Intelligence ·

Written by: Nick Harbour The eleventh Flare-On challenge is now over! This year proved to be a tough challenge for the over 5,300 players, with only 275 completing all 10 stages. We had a blast...

WeLiveSecurity ·

Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules

Communications Nuclear
Kaspersky ICS CERT ·

A total of 35 incidents were confirmed by victims. Half of the attacks reportedly resulted in the denial of IT systems and the denial of operations. There is a case of a company that was unable to...

Critical Manufacturing Publications
Infostealers Archives | InfoStealers ·

Phishing email campaign targets Taiwan Talos observed an unknown threat actor conducting a malicious phishing campaign targeting victims in Taiwan since at least July 2024. The campaign...

Financial Services Information Technology
Cloud Threat Landscape ·

Palo Alto Networks has confirmed the active exploitation of a critical remote code execution vulnerability (CVE-2024-0012) in the PAN-OS management interface. This vulnerability allows an...

Security Latest ·

The 47-year-old Michigan man, who pleaded guilty to sexually exploiting a child, was highly active in the online criminal network called 764, which the FBI now considers a “tier one” terrorism threat.

Commercial Facilities Defense Industrial Base
Wiz Blog | RSS feed ·

Wiz Research looks at phishing tactics, along with how to trace and investigate these campaigns.

Scattered Spider Muddled Libra Scatter Swine Financial Services Information Technology
ASEC ·

ASEC Blog publishes “Android Malware & Security Issue 1st Week of November, 2024” 게시물 Android Malware & Security Issue 1st Week of November, 2024이 ASEC에 처음 등장했습니다.

Infostealers Archives | InfoStealers ·

In this new episode of the mnemonic security podcast, Robby Peralta is joined by Leonid Rozenberg, a cybersecurity expert and dark web researcher at Hudson Rock, to discuss infostealers. Rozenberg...

Financial Services
Cisco Talos Blog ·

Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware.

Critical Manufacturing Energy
WeLiveSecurity ·

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024

Flax Typhoon APT-C-60 Financial Services Transportation Systems