IM
IronMonkey Threat Research
LIVE
|
Articles 27,093
|
CVEs 348,840
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,061 articles — Page 847 of 903
Maxwell Dulin's Resources ·

Chromium, the underlining browser engine that powers Edge, is highly customizable. For instance, there is a file called _api_features.json that stores permissions for vendor-specific APIs....

Chromium Government Facilities
Wiz Blog | RSS feed ·

Wiz researchers discovered architecture risks that may compromise AI-as-a-Service providers and put customer data at risk. Wiz and Hugging Face worked together to mitigate the issue.

Energy Information Technology
Maxwell Dulin's Resources ·

IBC on Cosmos is a generalized way for crosschain communication. In the case of Comdex, they were using IBC to get oracle price updates from Band. The IBC protocol itself is trustless and...

Transportation Systems Healthcare and Public Health
Threat Intelligence ·

Written by: Matt Lin, Austin Larsen, John Wolfram, Ashley Pearson, Josh Murchie, Lukasz Lamparski, Joseph Pisano, Ryan Hall, Ron Craft, Shawn Chew, Billy Wong, Tyler McLellan Since the initial...

UNC5221 Volt Typhoon Information Technology Threat Intelligence
Bitdefender Labs ·

The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...

Healthcare and Public Health Financial Services
Bitdefender Labs ·

The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...

Healthcare and Public Health Financial Services
Maxwell Dulin's Resources ·

Morpho Blue is a lending protocol that took security extremely serious from the ground up. So, their perspective on how to make a protocol unhackable is truly interesting. For their security...

Maxwell Dulin's Resources ·

The Ethereum Virtual Machine (EVM) has EIPs for various large or VM breaking changing. At some specific point, these changes are made to the VM and are there until some other change is made. When...

Energy Healthcare and Public Health
Cloud Threat Landscape ·

Wiz found two critical security risks that were present in Hugging Face’s environment:Specifically, Wiz Research showed that an attacker targeting Hugging Face could have achieved the...

Critical Manufacturing
Wiz Blog | RSS feed ·

We explore assessment, prevention, and detection strategies for protecting your organization from the XZ Utils vulnerability.

Information Technology Financial Services
@BushidoToken Threat Intel ·

Those who have worked in our industry for a certain amount of time will be acutely aware that executives often encounter information security media articles and flag them to their teams. This is...

Financial Services Energy
Maxwell Dulin's Resources ·

At hacker congress this year, some of the folks found a vulnerability in the check in kiosk. Shocker! When checking in at the hotel terminal, the lookup function required an alphanumeric booking...

Commercial Facilities
Maxwell Dulin's Resources ·

Cryptographic signatures are super useful in Ethereum Solidity smart contracts for proving that a user approves an action. However, it'd be nice to do this for smart contracts but there is no key....

Transportation Systems
security – Ars Technica ·

Outage occurs on same day as special election, but election offices remain open.

Nuclear Communications
McAfee Labs | McAfee Blogs ·

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor that has been active since early 2023. Its modular... The post Distinctive Campaign Evolution of Pikabot Malware...

Financial Services Commercial Facilities
Wiz Blog | RSS feed ·

Wiz practices what it preaches. Let’s look at how the security team at Wiz uses the power of the Wiz platform to monitor all its cloud-based infrastructure and services.

Information Technology Chemical
Wiz Blog | RSS feed ·

KubeCon Europe is the largest open source community conference in Europe with hundreds of talks, many of them about security. All the sessions are available online; in this blog, we’ll discuss our...

Kaspersky ICS CERT ·

An overview of reports of APT and financial attacks on industrial enterprises, as well as related activities of groups that have been observed attacking industrial organizations and critical...

Financial Services Publications
Maxwell Dulin's Resources ·

Recently, there was a bypass in DOMPurify when it's used to sanitize XML documents. Since bugs come in pairs, the author looked and found two more variants of the bug in the codebase. For context,...

Cloud Threat Landscape ·

In April 2020, Microsoft acquired Affirmed Networks. Sometime prior to that, Storm-0558 likely gained access to a device used by one of the company’s engineer, and retained that access following...

Virus reviews ·

April 1, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, February 2024 saw a significant increase in Android.HiddenAds trojan family activity―it was up...

Energy Financial Services
Virus reviews ·

April 1, 2024 An analysis of Dr.Web anti-virus detection statistics for February 2024 revealed a 1.26% increase in the total number of threats detected, compared to January. At the same time, the...

Energy Financial Services
The DFIR Report ·

Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic,...

Communications Financial Services
Wiz Blog | RSS feed ·

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgently.

Transportation Systems
Maxwell Dulin's Resources ·

The staking module is at the core of the Cosmos SDK ecosystem. If the security of this can be broken, then all is lost. The economic security of the Cosmos SDK relies on four related concepts:...

Virus reviews ·

March 29, 2024 An analysis of Dr.Web anti-virus detection statistics for January 2024 revealed a 95.66% increase in the total number of threats detected, compared to December 2023. At the same...

Energy Financial Services
Virus reviews ·

March 29, 2024 According to detection statistics collected by the Dr.Web for Android anti-virus, in January 2024, users were most likely to encounter Android.HiddenAds trojan applications; these...

Energy Commercial Facilities
Maxwell Dulin's Resources ·

This is part 3 of a series about IBC (interblockchain communication) token rate limiting. They have a nice dashboard that shows all of the rate limits on Osmosis. In this article, they attempt to...

Financial Services Transportation Systems
Cloud Threat Landscape ·

A backdoor has been identified in versions 5.6.0 and 5.6.1 of XZ Utils (assigned CVE-2024-3094), which under some conditions may allow SSH authentication bypass in specific versions of certain...

Critical Manufacturing Transportation Systems
Wiz Blog | RSS feed ·

Wiz SPM for version control systems helps you find and fix risks in your GitHub instance.

Critical Manufacturing