IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 846 of 902
Maxwell Dulin's Resources ·

Solana is a proof of stake network. So, the more value you provide in Solana, the more power you have in the voting process. With 2/3 of the control, changes to the state can be made. Clearly,...

maxwelldulin ·

Solana is a blockchain that allows for the execution of arbitrary Rust code. The main difference is that information is stored in accounts - both code and data. Program Derived Addresses (PDAs)...

Blog | Threat Intelligence & Memory Forensics | Volexity ·

Volexity would like to thank Palo Alto Networks for their partnership, cooperation, and rapid response to this critical issue. Their research can be found here. On April 10, 2024, Volexity...

Communications
Wiz Blog | RSS feed ·

Due to the unprecedented growth of cloud technology, the democratization of cloud security -- making everyone in an organization a stakeholder in security practices -- has become a necessity. But...

Information Technology
Kaspersky ICS CERT ·

In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.

Critical Manufacturing Publications
Cloud Threat Landscape ·

On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via Cloud native misconfig, while using Launch new cloud resources, Create or modify firewall or...

Cloud Threat Landscape ·

On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Password spraying, Launch new cloud resources, MFA enrollment,...

Cloud Threat Landscape ·

On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via Supply chain vector, while using Cloud key compromise, Cloud to on-prem lateral movement, to achieve...

Cloud Threat Landscape ·

On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Cloud key compromise, Phishing, to achieve RansomOp.

Cloud Threat Landscape ·

On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Cloud key compromise, to achieve Data exfiltration.

Cloud Threat Landscape ·

An unknown threat actor gained access to a self-hosted Gitlab instance used by Sisense, which stored credentials for an S3 bucket containing customer access tokens, passwords and SSL certificates.

Maxwell Dulin's Resources ·

Jet Protocol was a lending and borrowing protocol built on Solana. The function _market_value() is used to determine the total market value of the loans that had been taken out. So, if this...

Wiz Blog | RSS feed ·

We’re pushing for consolidation, bolstering our Cloud Detection and Response capabilities, and delivering on the promise of security operations for the cloud era.

Information Technology
Wiz Blog | RSS feed ·

The Wiz and Tines partnership combines the benefits of visibility and automation, creating an improved cloud security strategy.

Information Technology Chemical
Pulsedive Blog ·

Learn how to use the versatile, open source utility CyberChef. This 101 includes an overview, operations, real-world walkthrough, and resources.

Defense Industrial Base
Threat Intelligence ·

Written by: Jacob Thompson The Apache XML Security for C++ library, code named xml-security-c, is part of the Apache Santuario project. The library implements the XML Digital Signature and the XML...

Information Technology Threat Intelligence
Bitdefender Labs ·

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims...

Bitdefender Labs ·

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims...

Cloud Threat Landscape ·

Researchers has uncovered a decade-long botnet operation by a Romanian group dubbed RUBYCARP. This group focuses on financial gain through cryptomining, phishing, and DDoS attacks, utilizing...

Cloud Threat Landscape ·

On 2024-04-09, a campaign was reported, involving 0ktapus, gaining initial access via End-user compromise, while using Exfiltration via AWS Transfer, Exfiltration via AWS DataSync, Cloud API e, to...

Muddled Libra
Cloud Threat Landscape ·

On 2024-04-09, a research was reported, involving , gaining initial access via Cloud native misconfig, targeting Azure Storage to achieve Resp. disclosure.

Maxwell Dulin's Resources ·

Web servers are not exposing files on a server in a simple way anymore. Instead, they use proxy's, load balancers and fetch responses from other servers locally. Weird application routing can be...

Wiz Blog | RSS feed ·

Find out quickly where OS and open-source packages or libraries are deployed in your cloud environments and secure them before potential issues arise.

Information Technology Communications
Maxwell Dulin's Resources ·

Chromium, the underlining browser engine that powers Opera, is highly customizable as a browser. The developers of the user facing browser can add custom APIs to it. Additionally, browsers have...

Chromium Financial Services
Maxwell Dulin's Resources ·

Chromium, the underlining browser engine that powers Edge, is highly customizable. For instance, there is a file called _api_features.json that stores permissions for vendor-specific APIs....

Chromium Government Facilities
Wiz Blog | RSS feed ·

Wiz researchers discovered architecture risks that may compromise AI-as-a-Service providers and put customer data at risk. Wiz and Hugging Face worked together to mitigate the issue.

Energy Information Technology
Maxwell Dulin's Resources ·

IBC on Cosmos is a generalized way for crosschain communication. In the case of Comdex, they were using IBC to get oracle price updates from Band. The IBC protocol itself is trustless and...

Transportation Systems Healthcare and Public Health
Threat Intelligence ·

Written by: Matt Lin, Austin Larsen, John Wolfram, Ashley Pearson, Josh Murchie, Lukasz Lamparski, Joseph Pisano, Ryan Hall, Ron Craft, Shawn Chew, Billy Wong, Tyler McLellan Since the initial...

UNC5221 Volt Typhoon Information Technology Threat Intelligence
Bitdefender Labs ·

The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...

Healthcare and Public Health Financial Services
Bitdefender Labs ·

The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...

Healthcare and Public Health Financial Services