IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 844 of 902
McAfee Labs | McAfee Blogs ·

Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user base and dynamic platform, has become a hotbed for... The post How Scammers Hijack Your Instagram appeared first on...

Financial Services Commercial Facilities
maxwelldulin ·

Within the VGAState struct of VirtualBox there is a bitmap used for tracking dirty pages of a VRAM buffer. This bitmap is large enough to use the maximum vram allowed by vbox at 256MB. When...

maxwelldulin ·

Using the drag and drop functionality with invalid data, innerHTML was being set. Johan Carlsson was approached about needing a CSP bypass on Github.com for this XSS in order to make it...

Maxwell Dulin's Resources ·

The web browser attempts to isolate all pages by default but allows some cross-domain communication. An interesting, yet new to me, method is by using the hash. This has been documented for a long...

Information Technology
Virus reviews ·

May 13, 2024 In 2023, Trojan.AutoIt trojan apps, created with the AutoIt scripting language, were once again among the most active threats. They are distributed as part of other malicious software...

Energy Financial Services
Pulsedive Blog ·

In part 3, we examine the challenges, organizational context, and issues with methods used for cyber threat intelligence sharing.

maxwelldulin ·

Apache Guacamole is a remote desktop gateway server. The architecture consists of a Java component with a C backend server. So, they go through a classic difference between two parsers to create...

Information Technology
maxwelldulin ·

NextJS is an extremely popular 'static' site generator, which this website actually uses. So, finding configuration issues or straight up vulnerabilities in NextJS is awesome for bug hunting,...

Nuclear
maxwelldulin ·

Pike Finance integrated with Circles cross chain USDC protocol CCTP. This works by off-chain signers sending an attestation that an event occurred once finality has been reached out chain A to the...

maxwelldulin ·

UTF8 is the standard variable length encoding format with over 1M possible characters. There are other standards for UTF like UTF1, UTF16 and UTF32 but this is the most well-used standard. A code...

Financial Services Healthcare and Public Health
maxwelldulin ·

Curvance appears to be a lending and borrowing protocol. In order to ensure their protocol was secure, they asked Trail of Bits to write a large amount of fuzz tests for their project. This...

Financial Services
maxwelldulin ·

Mutation XSS (mXSS) is a type of XSS that occurs from browser quirks in HTML parsing. In particular, how the browser will rewrite HTML that is considered invalid or what happens when they change...

Maxwell Dulin's Resources ·

GitHub Enterprise Servers (GHES) is a locally hosted version of Github that teams can run. It runs functionality the same as the regular Github service and is written in Ruby. Reflections in Ruby...

Maxwell Dulin's Resources ·

The author of this post decided to take a trip down memory lane by reviewing a vulnerability they found in VirtualBox 5 years ago. The post is heavy into the methodology, which I always...

Maxwell Dulin's Resources ·

Cryptography feels like black magic. When auditing code at QuarksLab, there are many little things that they report but don't just kill the security of the implementation immediately. In this...

Government Facilities
McAfee Labs | McAfee Blogs ·

Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous Remote Access Trojan,” represents a highly sophisticated malware... The post From Spam to AsyncRAT: Tracking the...

Financial Services Commercial Facilities
Wiz Blog | RSS feed ·

Extending a heartfelt thanks to our customers, investors, and Wizards

Energy
Cloud Threat Landscape ·

On 2024-05-07, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting Ivanti Connect Secure VPN to achieve Resource hijacking. The following...

Wiz Blog | RSS feed ·

Enabling security outcomes for cloud builders and defenders, from code to cloud to defense.

Information Technology Energy
Cloud Threat Landscape ·

Microsoft has identified a Morocco-based cybercrime group, Storm-0539, known for sophisticated phishing attacks to steal and sell gift cards. Active since 2021, the group targets large retailers...

Information Technology
Cloud Threat Landscape ·

Threat actors are attempting to monetize their illicit access to LLMs while the cloud account owner bears the costs. The attackers target a variety of LLM services across AWS, Azure, and GCP. In...

Cloud Threat Landscape ·

On 2024-05-03, a research was reported, involving , gaining initial access via Cloud native misconfig, targeting Google Cloud Storage to achieve Data exfiltration.

Blue Team Archives - Black Hills Information Security, Inc. ·

| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]...

Blue Team Guest Author
Cloud Threat Landscape ·

Researchers investigated a series of ransomware attacks targeting poorly managed MS-SQL servers by the TargetCompany ransomware group. This group primarily installs Mallox ransomware, with recent...

Threat Intelligence ·

Written by: Ofir Rozmann, Asli Koksal, Adrian Hernandez, Sarah Bock, Jonathan Leathery APT42, an Iranian state-sponsored cyber espionage actor, is using enhanced social engineering schemes to gain...

Charming Kitten Yellow Garuda Mint Sandstorm Government Facilities Information Technology Threat Intelligence
Threat Intelligence ·

Written by: Matthew McWhirt, Omar ElAhdan, Glenn Staniforth, Brian Meyer Multi-faceted extortion via ransomware and/or data theft is a popular end goal for attackers, representing a global threat...

Information Technology Security & Identity Threat Intelligence
McAfee Labs | McAfee Blogs ·

Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has recently uncovered a novel infection chain associated with... The post The Darkgate Menace: Leveraging Autohotkey &...

Financial Services Government Facilities
Threat Intelligence ·

Executive Summary A growing amount of malware has naturally increased workloads for defenders and particularly malware analysts, creating a need for improved automation and approaches to dealing...

Information Technology Security & Identity Threat Intelligence
The DFIR Report ·

Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was...

Information Technology Healthcare and Public Health
FalconForce - Medium ·

TL;DRIn this blog post I explain how reply URLs in Azure Applications can be used as a vector for phishing. The impact of this can range from data leaks to complete tenant takeover; just by luring...

Information Technology