IM
IronMonkey Threat Research
LIVE
|
Articles 27,088
|
CVEs 348,712
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,056 articles — Page 847 of 902
Bitdefender Labs ·

The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...

Healthcare and Public Health Financial Services
Maxwell Dulin's Resources ·

Morpho Blue is a lending protocol that took security extremely serious from the ground up. So, their perspective on how to make a protocol unhackable is truly interesting. For their security...

Maxwell Dulin's Resources ·

The Ethereum Virtual Machine (EVM) has EIPs for various large or VM breaking changing. At some specific point, these changes are made to the VM and are there until some other change is made. When...

Energy Healthcare and Public Health
Cloud Threat Landscape ·

Wiz found two critical security risks that were present in Hugging Face’s environment:Specifically, Wiz Research showed that an attacker targeting Hugging Face could have achieved the...

Critical Manufacturing
Wiz Blog | RSS feed ·

We explore assessment, prevention, and detection strategies for protecting your organization from the XZ Utils vulnerability.

Information Technology Financial Services
@BushidoToken Threat Intel ·

Those who have worked in our industry for a certain amount of time will be acutely aware that executives often encounter information security media articles and flag them to their teams. This is...

Financial Services Energy
Maxwell Dulin's Resources ·

At hacker congress this year, some of the folks found a vulnerability in the check in kiosk. Shocker! When checking in at the hotel terminal, the lookup function required an alphanumeric booking...

Commercial Facilities
Maxwell Dulin's Resources ·

Cryptographic signatures are super useful in Ethereum Solidity smart contracts for proving that a user approves an action. However, it'd be nice to do this for smart contracts but there is no key....

Transportation Systems
security – Ars Technica ·

Outage occurs on same day as special election, but election offices remain open.

Nuclear Communications
McAfee Labs | McAfee Blogs ·

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor that has been active since early 2023. Its modular... The post Distinctive Campaign Evolution of Pikabot Malware...

Financial Services Commercial Facilities
Wiz Blog | RSS feed ·

Wiz practices what it preaches. Let’s look at how the security team at Wiz uses the power of the Wiz platform to monitor all its cloud-based infrastructure and services.

Information Technology Chemical
Wiz Blog | RSS feed ·

KubeCon Europe is the largest open source community conference in Europe with hundreds of talks, many of them about security. All the sessions are available online; in this blog, we’ll discuss our...

Kaspersky ICS CERT ·

An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical...

Financial Services Publications
Maxwell Dulin's Resources ·

Recently, there was a bypass in DOMPurify when it's used to sanitize XML documents. Since bugs come in pairs, the author looked and found two more variants of the bug in the codebase. For context,...

Cloud Threat Landscape ·

In April 2020, Microsoft acquired Affirmed Networks. Sometime prior to that, Storm-0558 likely gained access to a device used by one of the company’s engineer, and retained that access following...

Virus reviews ·

April 1, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, February 2024 saw a significant increase in Android.HiddenAds trojan family activity―it was up...

Energy Financial Services
Virus reviews ·

April 1, 2024 An analysis of Dr.Web anti-virus detection statistics for February 2024 revealed a 1.26% increase in the total number of threats detected, compared to January. At the same time, the...

Energy Financial Services
The DFIR Report ·

Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic,...

Communications Financial Services
Wiz Blog | RSS feed ·

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgently.

Transportation Systems
Maxwell Dulin's Resources ·

The staking module is at the core of the Cosmos SDK ecosystem. If the security of this can be broken, then all is lost. The economic security of the Cosmos SDK relies on four related concepts:...

Virus reviews ·

March 29, 2024 An analysis of Dr.Web anti-virus detection statistics for January 2024 revealed a 95.66% increase in the total number of threats detected, compared to December 2023. At the same...

Energy Financial Services
Virus reviews ·

March 29, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, in January 2024, users were most likely to encounter Android.HiddenAds trojan applications; these...

Energy Commercial Facilities
Maxwell Dulin's Resources ·

This is part 3 of a series about IBC (interblockchain communication) token rate limiting. They have a nice dashboard that shows all of the rate limits on Osmosis. In this article, they attempt to...

Financial Services Transportation Systems
Cloud Threat Landscape ·

A backdoor has been identified in versions 5.6.0 and 5.6.1 of XZ Utils (assigned CVE-2024-3094), which under some conditions may allow SSH authentication bypass in specific versions of certain...

Critical Manufacturing Transportation Systems
Wiz Blog | RSS feed ·

Wiz SPM for version control systems helps you find and fix risks in your GitHub instance.

Critical Manufacturing
Blue Team Archives - Black Hills Information Security, Inc. ·

While social engineering attacks such as phishing are a great way to gain a foothold in a target environment, direct attacks against externally exploitable services are continuing to make...

Defense Industrial Base General InfoSec Tips & Tricks Incident Response
Threat Intelligence ·

Written by: Andrew Oliveau Over the last several years, the security community has witnessed an uptick in System Center Configuration Manager (SCCM)-related attacks. From extracting network access...

Information Technology Threat Intelligence
Threat Intelligence ·

Written by: Alden Wahlstrom, David Mainor, Daniel Kapellmann Zafra In June 2023, Russian businessman Yevgeniy Prigozhin and his private military company (PMC) “Wagner” carried out an armed mutiny...

Information Technology Government Facilities Threat Intelligence
Fox-IT International blog ·

Authored by Joshua Kamp Executive summary The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely...

Financial Services Healthcare and Public Health Uncategorized
Fox-IT International blog ·

Authored by Joshua Kamp Executive summary The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely...

Financial Services Information Technology Uncategorized