IM
IronMonkey Threat Research
LIVE
|
Articles 27,084
|
CVEs 348,609
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,052 articles — Page 838 of 902
Bitdefender Labs ·

The electricity grid – the buzzing, crackling marvel that supplies the lifeblood of modernity - is by far the largest structure humanity ever built. It’s so big, in fact, that few people even...

Energy Information Technology
Bitdefender Labs ·

The electricity grid – the buzzing, crackling marvel that supplies the lifeblood of modernity - is by far the largest structure humanity ever built. It’s so big, in fact, that few people even...

Energy Information Technology
Data and computer security | The Guardian ·

Watchdog provisionally finds Advanced failed to act to protect data of 82,946 after ransomware attack in EnglandA software provider faces being fined more than £6m over a 2022 ransomware attack...

Healthcare and Public Health
Maxwell Dulin's Resources ·

My co-worker Jason just published a super sick bug in the main implementation of EVM integration in Cosmos. Under the hood, the execution is done with Geth but the integration with Cosmos is...

Financial Services Healthcare and Public Health
Maxwell Dulin's Resources ·

Pwn2Own has an automotive category for hacking cars. They decided to tackle the CHARX system because A) the product was very different from other similar products and B) the firmware was easy to...

Critical Manufacturing Communications
Maxwell Dulin's Resources ·

A large amount of crypto companies had their domains stolen. The only similarity between the domains was that they were all SquareSpace domains that were migrated over from Google Domains after...

Maxwell Dulin's Resources ·

Akash is a decentralized cloud computing platform built for the Cosmos ecosystem. It appears to have offer a product similar to EC2 instances on AWS. There are four main parties involved:...

Information Technology
Maxwell Dulin's Resources ·

Cato Network has a client application that allows access to access to resources from the Internet, cloud, SaaS or data center. The authors of this post looked into the application and found many...

Information Technology
Maxwell Dulin's Resources ·

When hunting for zero days, where do you even start? According to the author, sticking to target is good. In this case, their had been several reference counting bugs recently. When they...

Wiz Blog | RSS feed ·

The Wiz INtegration (WIN) Platform has come a long way in the year since it launched.

Information Technology Chemical
Data and computer security | The Guardian ·

Paul Givan says details of 407 people mistakenly sent out included names, addresses and personal commentsThe education minister in Northern Ireland has “unreservedly” apologised after the personal...

Maxwell Dulin's Resources ·

The contract CvxRewardDistributor was exploited for 210K in value. This contracts job is to mint rewards for eligible stakers. When calling claimMultipleStaking on the contract, there is a...

Energy
Blog | Threat Intelligence & Memory Forensics | Volexity ·

KEY TAKEAWAYS StormBamboo successfully compromised an internet service provider (ISP) in order to poison DNS responses for target organizations. Insecure software update mechanisms were targeted...

Evasive Panda StormBamboo Information Technology Communications
Cloud Threat Landscape ·

On 2024-08-02, a campaign was reported, involving an unknown actor, gaining initial access via Software misconfig, while using Jupyter Notebook misconfig abuse, targeting Jupyter Notebook to...

Maxwell Dulin's Resources ·

UTF-8 is annoying to look at. Am I looking at the characters or the codepoints? So, Sonar source (after some research that would have benefited from this) built the UTF-8 Visualizer. Just adding...

Wiz Blog | RSS feed ·

Wiz is expanding our existing detection capabilities to include pattern-based malware detection using YARA rules written by the Wiz Research team

Cloud Threat Landscape ·

The Apache Foundation's OFBiz, an open-source Java-based ERP framework, addressed in May 2024 a critical security vulnerability (CVE-2024-32113) involving path traversal that could lead to remote...

Wiz Blog | RSS feed ·

Protecting your assets: the fundamentals of physical security and enterprise resilience at Wiz

Emergency Services Financial Services
Pulsedive Blog ·

What we know about the CrowdStrike BSOD outage.

Wiz Blog | RSS feed ·

How the market is evolving and why now, more than ever, you need a CNAPP.

Information Technology
McAfee Labs | McAfee Blogs ·

Authored by Lakshya Mathur, Vallabh Chole & Abhishek Karnik Recently we witnessed one of the most significant IT disruptions in... The post The Scam Strikes Back: Exploiting the CrowdStrike Outage...

Financial Services Commercial Facilities
Cloud Threat Landscape ·

Microsoft researchers have discovered a vulnerability in ESXi hypervisors, identified as CVE-2024-37085. This flaw is being exploited by ransomware operators to gain full administrative access to...

Manatee Tempest
McAfee Labs | McAfee Blogs ·

Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the 2024 Paris Olympics, excitement is building,... The post Olympics Has Fallen – A Misinformation Campaign Featuring a...

Financial Services Commercial Facilities
Terrorism Archives - Security Affairs ·

Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray...

Lotus Blossom Silk Typhoon Communications Critical Manufacturing
Wiz Blog | RSS feed ·

Discover how Wiz extends its existing RBAC with the Custom Roles feature, enabling you to tailor user permissions, maintain security, and stay aligned with business needs.

Information Technology Energy
Pulsedive Blog ·

Phishing kits are "as-a-service" tools that help threat actors rapidly deploy phishing pages and campaigns. This blog examines key components, how they work, helpful resources, and a dive into the...

Data and computer security | The Guardian ·

Officials seized documents from NSO Group to try to stop handover of information about notorious hacking tool, files suggestThe Israeli government took extraordinary measures to frustrate a...

Critical Manufacturing Government Facilities
Wiz Blog | RSS feed ·

Wiz researchers discover ongoing threat to popular testing framework.

Energy Chemical
Research & Threat Intel News- Outpost24 Blog ·

The threat group USDoD posted on a dark web forum on July 24th to claim they’ve got hold of a large database of threat actors compiled by CrowdStrike. So far, the threat actor has released only a...

USDoD Energy Information Technology
Cloud Threat Landscape ·

On 2024-07-25, an incident was reported, involving IntelBroker, gaining initial access via 1-day vulnerability, while using Network lateral movement, SSH key compromise, Local privilege escalation...

Critical Manufacturing