IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 841 of 902
Orange Cyberdefense ·

Introduction

Maxwell Dulin's Resources ·

Kraken is a cryptocurrency exchange similar to Coinbase. Recently, CertiK found and exploited a vulnerability on Kraken to create arbitrary funds within their account. This is the drama that...

Information Technology
Infostealers Archives | InfoStealers ·

Learn about Infostealers with actual real life breaches caused by Infostealer infections with Leonid Rozenberg, Hudson Rock’s Head of Partnerships & Integrations. To discover how your organization...

Financial Services
Pulsedive Blog ·

Quantitative and qualitative insights inform our roadmap and best practices to achieve success in CTI networking.

Wiz Blog | RSS feed ·

We are excited to be ‘in-process’ for DoD IL4, continuing our commitment to helping public sector secure everything they build and run in the cloud

Defense Industrial Base Information Technology
Maxwell Dulin's Resources ·

Going from unicode to ASCII is required for some applications. How is this done though? This is a document that explains how this is done in the many different forms. Canonical equivalence is when...

Maxwell Dulin's Resources ·

The author was playing around with some functionality on a website. While doing this, they realized that part of the URL was being copied into an open graph tag. Given that open graph tags are...

GreyNoise Labs ·

On June 5, 2024, SolarWinds published an advisory detailing CVE-2024-28995 - a path-traversal vulnerability in Serv-U, discovered by Hussein Daher. The affected versions are: SolarWinds Serv-U...

Transportation Systems solarwinds serv-u
Maxwell Dulin's Resources ·

Sei Network is a layer 1 blockchain built on Cosmos with some pretty crazy functionality. In particular, there are two execution runtimes for smart contracts in both EVM and CosmWasm. The EVM can...

Energy
Maxwell Dulin's Resources ·

Orange Tsai (of course) found a vulnerability within PHP. In particular, they found an issue that affects XAMPP (a popular way for admins to deploy PHP apps) to get RCE. The original post did not...

Maxwell Dulin's Resources ·

HTTP Smuggling is just a difference in understanding of HTML parsers. What about differences in parsers for other things? The Bishop Fox article dives into differences between JSON...

Financial Services Government Facilities
Maxwell Dulin's Resources ·

Constant time cryptography is a method of preventing side channel leaks via timing differences on various operations. Without this, it'd be possible to learn about the cryptographic operations...

Defense Industrial Base Critical Manufacturing
Maxwell Dulin's Resources ·

While testing, Sam Curry noticed that his modem was compromised. All requests being sent through it were being forwarded to a different domain. Years later, he decided to investigate the Cox ISP...

Communications Commercial Facilities
maxwelldulin ·

SinSinology saw an advisory for an RCE bug via deserialization in Telerik, a report management solution. Although it was authenticated, it was interesting to the author of the post. Hence, they...

maxwelldulin ·

Veeam published a CVSS 9.8 score for a complete authentication bypass vulnerability on their product. The author decided to take the time to understand the issue and write it up. Since they only...

Cloud Threat Landscape ·

UNC3944, a financially motivated threat group linked to "0ktapus," "Octo Tempest," "Scatter Swine," and "Scattered Spider," has evolved its tactics to include data theft from SaaS applications,...

Scattered Spider Scatter Swine Octo Tempest Information Technology
Blog | Threat Intelligence & Memory Forensics | Volexity ·

Note: Volexity has reported the activity described in this blog and details of the impacted systems to CERT at the National Informatics Centre (NIC) in India. In 2024, Volexity identified a...

Defense Industrial Base
Wiz Blog | RSS feed ·

See what’s new with Wiz at Re:Inforce 2024 with this year’s recap

Financial Services
Kaspersky ICS CERT ·

In the course of the modem security analysis, we found seven locally exploited vulnerabilities and one remotely exploited vulnerability. The combination of these vulnerabilities could allow an...

Publications
GreyNoise Labs ·

Introduction It’s been almost a week since DEVCORE published the technical details of CVE-2024-4577, a remote code execution vulnerability in PHP, closely followed by watchTowr’s PoC. Rest...

Information Technology vulnerabilities cybersecurity
Cloud Threat Landscape ·

On 2024-06-13, an incident was reported, involving , gaining initial access via Insider threat, to achieve Data destruction.

Wiz Blog | RSS feed ·

Wiz's custom runtime rules and runtime response policies add new layers to your defense-in-depth strategy.

Information Technology Financial Services
Wiz Blog | RSS feed ·

Powerful new remediation and response capabilities enable the real-time enforcement of organizational security policies and streamline incident management.

Information Technology
@BushidoToken Threat Intel ·

This blog is part of my Tracking Adversaries blog series, whereby I perform a summary analysis of a particular adversary that has caught my attention and made me feel like they deserve special...

ALPHV Healthcare and Public Health Financial Services
ICS Medical Advisories ·

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Improper Authorization in Handler for...

Critical Manufacturing Healthcare and Public Health
security – Ars Technica ·

And publicly reviewable server code means experts can "verify this privacy promise."

Nuclear Communications
Wiz Blog | RSS feed ·

Detect and mitigate CVE-2024-4577, a critical remote code execution vulnerability in PHP CGI. Organizations are advised to patch urgently.

Kaspersky ICS CERT ·

This summary provides an overview of the reports of APT and financial attacks on industrial enterprises, as well as the related activities of groups that have been observed attacking industrial...

Financial Services Publications
The DFIR Report ·

Key Takeaways The DFIR Report Services → Click here to access the DFIR Lab related to this report ← Five new sigma rules were created from this report and added … Read More

ALPHV Financial Services Information Technology
Cloud Threat Landscape ·

The TellYouThePass ransomware gang has been exploiting the recently patched vulnerability (CVE-2024-4577) in PHP to deploy webshells and execute their encryptor payload on target systems. Attacks...