IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 828 of 902
Maxwell Dulin's Resources ·

Browser extensions have extra capabilities compared to web pages but are still sandboxed from running full code on the system. Extensions have access to some extra APIs but it's still quite...

Chromium Information Technology Financial Services
maxwelldulin ·

Browser extensions have extra capabilities compared to web pages but are still sandboxed from running full code on the system. Extensions have access to some extra APIs but it's still quite...

Chromium Information Technology Financial Services
Cisco Talos Blog ·

Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a...

Communications
ASEC ·

ASEC Blog publishes “Android Malware & Security Issue 5st Week of October, 2024” 게시물 Android Malware & Security Issue 5st Week of October, 2024이 ASEC에 처음 등장했습니다.

WeLiveSecurity ·

Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories

Water Financial Services
Wiz Blog | RSS feed ·

Don’t get spooked: Navigate the risks of generative AI with proven strategies to protect your organization 👻

Financial Services
Cisco Talos Blog ·

Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan. The decoy email and fake PDF filenames are...

Information Technology Commercial Facilities
Wiz Blog | RSS feed ·

Supply chain attack in popular lottie-player library compromises websites with malicious Web3 wallet prompts – update or revert the library to avoid the compromised versions.

Critical Manufacturing Financial Services
Recorded Future ·

Insights from Recorded Future’s Predict: leaders tackle evolving threats, AI risks, ransomware, and resilience strategies to empower security teams globally.

GreyNoise Labs ·

Introduction The GreyNoise Labs team discovered the vulnerabilities below after pivoting off the payload flagged by Sift, an LLM-powered threat hunting tool we use to make Finding Signals in the...

Information Technology
Cloud Threat Landscape ·

On October 30, 2024, a supply chain attack was initiated against the popular JavaScript library lottie-player, injecting malicious code that populates a Web3 wallet connection prompt on legitimate...

Critical Manufacturing Financial Services
Cloud Threat Landscape ·

On 2024-10-31, an incident was reported, involving Volt Typhoon, APT31, APT41, gaining initial access via Unknown, while using SSM misconfiguration abuse, to achieve Data exfiltration. The...

Volt Typhoon
@BushidoToken Threat Intel ·

Introduction Cyber Threat Intelligence (CTI) analysts come from diverse backgrounds, and their roles can vary a lot depending on the type of organisation they work for. The path to becoming a CTI...

Government Facilities Commercial Facilities
Wiz Blog | RSS feed ·

Prioritizing vulnerabilities in the cloud can be overwhelming - Learn how teams adopt a workflow structured for speed and accuracy.

Chemical Transportation Systems
ASEC ·

ASEC Blog publishes Ransom & Dark Web Issues Week 5, October 2024 Data from the famous Saudi Arabian company Ajlan Bros Holding leaked on BreachForums New ransomware ‘PlayBoy’ discovered Dutch...

Krebs on Security ·

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that...

Scattered Spider Healthcare and Public Health Financial Services
Curated Intelligence ·

IntroductionThis CTI Research Guide aims to help practitioners learn more about how to effectively perform the collection, processing, analysis, and production stages of the CTI lifecycle.It...

Commercial Facilities Financial Services
Dragos ·

As industrial systems expand and become more connected, risk-based vulnerability management has become a cornerstone of OT cybersecurity. This approach... The post 5 Reasons Why Risk-Based...

Critical Manufacturing Transportation Systems
Threat Research Archives - Zimperium ·

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware...

RTM Financial Services Transportation Systems
Threat Research Archives - Zimperium ·

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware...

RTM Financial Services Transportation Systems
Bitdefender Labs ·

In a world ran by advertising, businesses and organizations are not the only ones using this powerful tool. Cybercriminals have a knack for exploiting the engine that powers online platforms by...

Bitdefender Labs ·

In a world ran by advertising, businesses and organizations are not the only ones using this powerful tool. Cybercriminals have a knack for exploiting the engine that powers online platforms by...

Checkmarx Zero - Medium ·

Cryptocurrency enthusiasts have been the target of another sophisticated and invasive malware campaign. This campaign was orchestrated through multiple attack vectors, including a malicious Python...

Financial Services Information Technology
Cisco Talos Blog ·

This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort.

Government Facilities Transportation Systems
WeLiveSecurity ·

Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results.

Cloud Threat Landscape ·

Researchers observed an attacker exploiting CVE-2024-38094—a vulnerability in Microsoft SharePoint. The attacker gained unauthorized access, escalated privileges, and moved laterally across the...

Cloud Threat Landscape ·

Research uncovered an operation named EMERALDWHALE that compromised over 15,000 cloud service credentials by exploiting exposed Git configurations and other misconfigured web services. The attack...

Information Technology
maxwelldulin ·

Bug bounty is great for finding bugs that stem across multiple products at a company that have massive impact. This is one of those vulnerabilities on Electronic Arts. At the beginning of the...

ASEC ·

The following is the information on Yara and Snort rules (week 5, October 2024) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source PK_EDD_prncpal...

Critical Manufacturing Financial Services
Pulsedive Blog ·

Explore the essential role of Cyber Threat Intelligence (CTI) in understanding and mitigating cybersecurity threats - detailing its types, processes, and effective implementation in enhancing...