IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 843 of 902
maxwelldulin ·

CVE-2023-34992 was for FortiSIEM command injection vulnerability. The phMonitor takes in a server_ip variable. This was being used to execute a python script via os.system that led to a command...

Financial Services Critical Manufacturing
Cloud Threat Landscape ·

The RedTail cryptomining malware has been updated to exploit CVE-2024-3400, a vulnerability in PAN-OS. The attackers are using private cryptomining pools for greater control, and the malware now...

Maxwell Dulin's Resources ·

A while ago, Jacob reported a bug named p2p storms that ICF deemed wasn't worth fixing. If the blocks are 20mb each and the mempool is full, then the chain liveness are severely impacted. The...

Information Technology
Pulsedive Blog ·

Pulsedive's latest V3 update to our Chrome, Firefox, and Edge add-on include new features and improved user experience.

Nuclear
Cloud Threat Landscape ·

On May 30, 2024, researchers published a report concerning activity by a threat actor dubbed UNC5537, involving abuse of stolen credentials to gain illicit access to Snowflake accounts unprotected...

ShinyHunters Information Technology
Wiz Blog | RSS feed ·

Organizations in the region can now benefit from Wiz's cloud security platform while maintaining their data sovereignty and privacy requirements.

Information Technology Energy
Wiz Blog | RSS feed ·

Wiz announces integration with Google Security Operations to help SecOps teams identify critical cloud security issues.

Information Technology Chemical
Kaspersky ICS CERT ·

In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 21.4%. Compared to the first quarter of 2023,...

Critical Manufacturing Publications
Kaspersky ICS CERT ·

The percentage of ICS computers on which malicious objects were blocked during the quarter varied regionally from 34.2% in Africa to 11.5% in Northern Europe. Africa and South-East Asia saw their...

Critical Manufacturing Publications
maxwelldulin ·

In bug bounties, judges are a party between the auditor and the development team who reviews and handles disputes on the findings. Trust, the author of the post, has audited thousands of findings...

maxwelldulin ·

An iFrame tag is used to bring in other web pages into your own. Some pages restrict this (to prevent clickjackin and phishing, among other things) but can be awesome for developers. The src...

Wiz Blog | RSS feed ·

The Wiz Research team's investigations into AI-as-a-service providers reveals a major risk to AI systems.

Information Technology
Bitdefender Labs ·

Bitdefender researchers investigated a series of incidents at high-level organizations in countries of the South China Sea region, all performed by the same threat actor we track as Unfading Sea...

Unfading Sea Haze Defense Industrial Base
Bitdefender Labs ·

Bitdefender researchers investigated a series of incidents at high-level organizations in countries of the South China Sea region, all performed by the same threat actor we track as Unfading Sea...

Unfading Sea Haze Defense Industrial Base
Threat Intelligence ·

Written by: Michael Raggi Mandiant Intelligence is tracking a growing trend among China-nexus cyber espionage operations where advanced persistent threat (APT) actors utilize proxy networks known...

Information Technology Communications Threat Intelligence
Wiz Blog | RSS feed ·

Learn where CNAPP and CWPP overlap, where they differ, and how the market is shifting to the more comprehensive and integrated CNAPP.

Information Technology Financial Services
Threat Intelligence ·

Written by: Mark Swindle While investigating recent exposures of Amazon Web Services (AWS) secrets, Mandiant identified a scenario in which client-specific secrets have been leaked from...

Information Technology Threat Intelligence
Maxwell Dulin's Resources ·

Apache Guacamole is a remote Desktop gateway used for accessing hosts and isolated applications from the webs browser. The application itself contains a client facing server written in Java and a...

Commercial Facilities
Wiz Blog | RSS feed ·

Wiz’s vulnerability scanning is now certified by Red Hat, providing customers with refined assessment of vulnerabilities for Red Hat Products

maxwelldulin ·

Across protocol allows users to bridge funds between various EVM chains very fast - faster than finality. There are a couple of main users. First, the relayer who has funds on all chains. Second,...

Transportation Systems
Wiz Blog | RSS feed ·

Empowering every cloud security stakeholder by eliminating barriers.

Information Technology Transportation Systems
Maxwell Dulin's Resources ·

The Graph is a decentralized indexing protocol. Developers can access and query data across different blockchain using web2 APIs. Many projects, use this for UIs but also for backend services. It...

Energy Healthcare and Public Health
Maxwell Dulin's Resources ·

Compound and AAVE both have a bug that allows the entire protocol to be drained IF there's empty market open. Apparently, this has destroyed a large amount of forks. Sonne was aware of this issue...

Cloud Threat Landscape ·

Researchers observed recent activities surrounding the Kinsing malware, which primarily targets Linux-based cloud infrastructure. Kinsing exploits various vulnerabilities to gain unauthorized...

Information Technology
Blog | Threat Intelligence & Memory Forensics | Volexity ·

Last month, Volexity reported on its discovery of zero-day, in-the-wild exploitation of CVE-2024-3400 in the GlobalProtect feature of Palo Alto Networks PAN-OS by a threat actor Volexity tracks as...

Bitdefender Labs ·

Since 2014, Bitdefender IoT researchers have been looking into the world's most popular IoT devices, hunting for vulnerabilities and undocumented attack avenues. This report documents four...

Bitdefender Labs ·

Since 2014, Bitdefender IoT researchers have been looking into the world's most popular IoT devices, hunting for vulnerabilities and undocumented attack avenues. This report documents four...

Low-level adventures ·

During one of the recent working days, I was tasked with fuzzing some Go applications. That's something I had not done in a while, so my first course of action was to research the current state of...

Information Technology
Wiz Blog | RSS feed ·

Prevent misconfigurations in your environment from being exploited with Wiz’s real-time CSPM.

Information Technology
Wiz Blog | RSS feed ·

Wiz assists Incident Response (IR) and SOC teams with containment through automated assessment of security incidents by identifying possible root causes and calculating the potential blast radius...

Information Technology