- + MAR-10448362-1.v1 Volt Typhoon—Notification This report is provided "as is" for informational pur...
- + MAR-10478915-1.v1 Citrix Bleed— Notification This report is provided "as...
- + MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors — Notification This report is provided "...
- + MAR-10430311-1.v1 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475— Notification This report is provided "as...
- + Infamous Chisel Malware Analysis Report—Infamous Chisel–A collection of components associated with Sandworm de...
- + MAR-10459736.r1.v1 WHIRLPOOL Backdoor— Notification This report is provided "...
- + MAR-10454006.r4.v2 SEASPY and WHIRLPOOL Backdoors— Notification This report is provided "as is" f...
- + MAR-10454006-r3.v1 Exploit Payload Backdoor — Notification This report is provided "as...
- + MAR-10454006-r2.v1 SEASPY Backdoor — Notification This report is provided "as...
- + MAR-10454006-r1.v2 SUBMARINE Backdoor— Notification This report is provided "as is" ...
As of 10/5/24 11:29pm. Last new 10/1/24 12:24am. Score: 450
- + CISA Adds One Known Exploited Vulnerability to Catalog—CISA has added one new vulnerability to its Known Exploited Vuln...
- + Russian Military Cyber Actors Target US and Global Critical Infrastructure—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + #StopRansomware: RansomHub Ransomware—Summary Note: This joint Cybersecurity Advisory is part of an on...
- + Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs—Summary The U.S. Federal Bureau of Investigation (FBI) and the foll...
- + CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth—EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructur...
- + People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action —Overview Background This advisory, authored by the Australian Sig...
- + #StopRansomware: Black Basta—SUMMARY Note : This joint Cybersecurity Advisory (CSA) is part of...
- + #StopRansomware: Akira Ransomware—SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of...
- show more ...
As of 10/5/24 11:29pm. Last new 9/30/24 8:55pm. Score: 460
- + Election offices are preparing for a smooth voting process — and angry voters—html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org...
- + Former Mesa County clerk sentenced to 9 years for 2020 voting system breach—Former Mesa County clerk sentenced to 9 years for 2020 voting system b...
- + What’s new from this year’s Counter Ransomware Initiative summit, and what’s next—What’s new from this year’s Counter Ransomware Initiative summit, and ...
- + DOJ, Microsoft seize more than 100 domains used by the FSB—html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org...
- + Research reveals vulnerabilities in routers that left 700,000-plus exposed—Research reveals vulnerabilities in routers that left 700,000-plus exp...
- + Russian authorities arrest nearly 100 in raids tied to cybercriminal money laundering—Russian authorities arrest nearly 100 in raids tied to cybercriminal m...
- + America’s allies are shifting: Cyberspace is about persistence, not deterrence—America’s allies are shifting: Cyberspace is about persistence, not de...
- show more ...
As of 10/5/24 11:55pm. Last new 10/3/24 4:39pm. Score: 582
- + How To Scan a Website for Vulnerabilities: Top Tools and Techniques—Knowing how to scan a website for vulnerabilities can help keep you pr...
- + How Veeam Helped New Orleans Fight Ransomware—When faced with a ransomware attack, organizations and government agen...
- + Cohesity and Microsoft Tag Team To Improve Data Protection—Cohesity and Microsoft recently announced they have expanded their par...
- + NVIDIA CSO David Reber on AI and Cybersecurity—I spoke with David Reber, CSO of Nvidia , about how the modern cybers...
- + IBM’s Vision for Security in the Quantum Era—Enterprise technology solutions are predicated on the knowledge that l...
- + DigiCert Rolls Out Trust Lifecycle Manager—DigiCert this week launched a comprehensive digital trust solution t...
- + Tech Predictions for 2023: AI, Cloud, Edge, Cybersecurity, and More—So you think you can predict the course of technology in the year ahea...
- + Cynet’s George Tubin on XDR Cybersecurity—I spoke with George Tubin, Director of Product Strategy at Cynet , ab...
- + Understanding the Business Costs of Phishing Attacks—Phishing attacks—where hackers try to collect personal information usi...
- + Sophos CTO Joe Levy on AI in Cybersecurity—I spoke with Joe Levy, CTO at Sophos , about the challenges and poten...
As of 10/5/24 11:30pm. Last new 10/1/24 12:39am. Score: 421
- + GeoServer RCE Attack—A remote code execution vulnerability affecting GeoServer is under act...
- + Russian Cyber Espionage Attack—FortiGuard Labs continues to observe attack attempts exploiting the vu...
- + Jenkins RCE Attack—Cyber threat actors target Jenkins Arbitrary File Read vulnerability (...
- + ServiceNow Remote Code Execution Attack—FortiGuard Labs continue to observe attack attempts targeting the rece...
- + Apache OFBiz RCE Attack—FortiGuard Labs continues to observe attack attempts targeting the rec...
- + Ivanti Connect Secure and Policy Secure Attack—Widespread exploitation of zero-day vulnerabilities affecting Ivanti C...
- + PHP RCE Attack—FortiGuard Labs has observed significant level of exploitation attempt...
- + Check Point Quantum Security Gateways Information Disclosure Attack—Attackers exploit a zero-day vulnerability affecting Check Point Secur...
- + D-Link Multiple Devices Attack—Multiple D-link device vulnerabilities are being actively targeted. Ma...
- + Black Basta Ransomware—A new alert from CISA, the FBI, the Department of Health and Human Ser...
As of 10/5/24 11:31pm. Last new 10/1/24 12:41am. Score: 409
- + Pixel's Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems—Posted by Sherk Chung, Stephan Chen, Pixel team, and Roger Piqueras Jo...
- + Evaluating Mitigations & Vulnerabilities in Chrome—Posted by Alex Gough, Chrome Security Team The Chrome Security Tea...
- + A new path for Kyber on the web—Posted by David Adrian, David Benjamin, Bob Beck & Devon O'Brien, ...
- + Deploying Rust in Existing Firmware Codebases—Posted by Ivan Lozano and Dominik Maier, Android Team Android's use...
- + Private AI For All: Our End-To-End Approach to AI Privacy on Android—Posted by Dave Kleidermacher, VP Engineering, Android Security and Pri...
- + Post-Quantum Cryptography: Standards and Progress—Posted by Royal Hansen, VP, Privacy, Safety and Security Engineering, ...
- + Keeping your Android device safe from text message fraud—Posted by Nataliya Stanetsky and Roger Piqueras Jover, Android Securit...
- + Improving the security of Chrome cookies on Windows—Posted by Will Harris, Chrome Security Team Cybercriminals using c...
- + Building security into the redesigned Chrome downloads experience—Posted by Jasika Bawa, Lily Chen, and Daniel Rubery, Chrome Security ...
- + Sustaining Digital Certificate Security - Entrust Certificate Distrust—Posted by Chrome Root Program, Chrome Security Team Update (09/1...
- show more ...
As of 10/5/24 11:29pm. Last new 10/3/24 1:03pm. Score: 459
- + 100+ domains seized to stymie Russian Star Blizzard hackers—Microsoft and the US Justice Department have seized over 100 domains u...
- + October 2024 Patch Tuesday forecast: Recall can be recalled—October arrived, and Microsoft started the month by announcing the rel...
- + Best practices for implementing threat exposure management, reducing cyber risk exposure—In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, disc...
- + MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!—MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, ...
- + Cybercriminals capitalize on poorly configured cloud environments—Off-the-shelf offensive security tools and poorly configured cloud env...
- + New infosec products of the week: October 4, 2024—Here’s a look at the most interesting products from the past week, fea...
- + Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)—CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivan...
- + Malwarebytes Browser Guard updates block unwanted and unsafe content—Malwarebytes released new features for Browser Guard, its free browser...
- + Darktrace brings real-time cloud detection and response to Microsoft Azure customers—Darktrace announced the expansion of Darktrace / CLOUD to support Micr...
- + CUPS vulnerabilities could be abused for DDoS attacks—While the Common UNIX Printing System (CUPS) vulnerabilities recently ...
- show more ...
As of 10/5/24 11:35pm. Last new 10/5/24 9:17am. Score: 393
- + Crime Is Down, FBI Says, but Politicians Still Choose Statistics to Fit Their Narratives—10/5/24 ...
- + In 2019, Congress Finally Funded Gun Violence Research. Here’s How It’s Changed the Field—10/5/24 ...
- + Taiwan Mobilizes Civil society to Bolster Civil Defense—10/5/24 ...
- + Research Sheds Light on Impact and Bias of Voter Purging in Michigan—10/5/24 ...
- + Fact-Checking the Viral Conspiracies in the Wake of Hurricane Helene—10/5/24 ...
- + Some Online Conspiracy-Spreaders Don’t Even Believe the Lies They’re Spewing—10/5/24 ...
- + Hurricanes Linked to Higher Death Rates Long After Storms Pass—10/5/24 ...
- + Counties Call for Rural Groundwater Management Despite Some Voters Rejecting It—10/5/24 ...
- + Why Trump Is Lying About Disaster Relief | U.S. Migration Is More Complex Than Politics Show | Florida Communities Hit by 3 Hurricanes Grapple with Whether to Rebuild, and more—10/5/24 ...
- + The Mother of All Security Crises | The Lessons and Legacy of October 7 | Austria’s Far Right Did Not Win, and more—10/5/24 ...
- show more ...
As of 10/5/24 11:32pm. Last new 10/5/24 11:32pm. Score: 394
- + OISF 2023 Videos—OISF 2023 Videos These are the videos from the OISF Anniversary Ev...
- + OISF 2022—OISF 2022 These are the videos from the OISF Anniversary Event . ...
- + Brian Rea (DeviantOllam Deviant) and Lesley Carhart (Hacks4Pancakes) continue their harassment of me—Please notice I left these people alone for a long period of time and ...
- + OSInt, Doxing And Cyberstalking Page Updated—Link: http://www.irongeek.com/i.php?page=security/doxing-footprinting...
- + OISF 2021 Videos—OISF 2021 Videos These are the videos from the OISF Anniversary E...
- + BSides Cleveland 2021 Videos—BSides Cleveland 2021 Videos These are the videos from the Bsides ...
- + Who's Your Hacker —Who's Your Hacker Con Webinar Series Who's Your Hacker Con is putting...
- + BSides Tampa 2020 Videos —Link: http://www.irongeek.com/i.php?page=videos/bsidestampa2020/mainl...
- + Louisville Infosec 2019 Videos—Link: http://www.irongeek.com/i.php?page=videos/louisvilleinfosec2019...
- + BSidesCT 2019 Video —Link: http://www.irongeek.com/i.php?page=videos/bsidesct2019/mainlist...
- show more ...
As of 10/5/24 11:36pm. Last new 9/30/24 11:47pm. Score: 299
- + Windows Essentials - Microsoft Support—Windows Essentials reached end of support on January 10, 2017 and is n...
- + Windows XP support has ended - Microsoft Support—Get end of support information for Windows XP and find out what you ne...
- + Unlock your Windows 10 phone remotely - Microsoft Support—Unlock your Windows 10 phone remotely
- + Get the Windows 10 Mobile Fall Creators Update - Microsoft Support—Windows 10 Mobile automatically downloads and installs updates when th...
- + Copy music and videos to your phone - Microsoft Support—Copy music and videos to your phone
- + How Windows 10 is similar to Windows 7 - Microsoft Support—Find out how Windows 10 is similar to Windows 7 to make your move from...
- + Skylake systems supported on Windows 7 and Windows 8.1 - Microsoft Support—Find a list of computer manufacturers who have certified systems with ...
- + Defragment / optimize your data drives in Windows - Microsoft Support—Learn how to use Manage and Optimize Drives to keep your disk and data...
- + Update your security processor (TPM) firmware - Microsoft Support—Learn how to update your security processor or TPM firmware to protect...
- + Protecting your device against chip-related security vulnerabilities - Microsoft Support—Find out what steps you can take to protect your device against the re...
- show more ...
As of 10/5/24 11:49pm. Last new 10/5/24 3:17am. Score: 196
- + Safeguarding Health Information: Building Assurance through HIPAA Security 2024—The Department of Health and Human Services (HHS) Office for Civil Rig...
- + Workshop on Whole Community Public Safety and Resilience in Smart Cities—The Smart Connected Systems Division of NIST is launching a research p...
- + Additive Construction – The Path to Standardization II—The National Institute of Standards and Technology (NIST) Engineering ...
- + Applicant’s Webinar: Inside the 2024 Presidential Cybersecurity Education Award Application—Speakers: Kristi Rice Teacher Spotsylvania High School 2021 Presidenti...
- + Hawaii MEP Tours the CTL Operational Technology Cybersecurity Laboratory—NIST researchers from the Communications Technology Laboratory's Smart...
- + NIST Workshop on the Requirements for an Accordion Cipher Mode 2024—FULL WORKSHOP DETAILS NIST will host a workshop on the development of ...
- + 2024 Iris Experts Group (IEG) Meeting—The Iris Experts Group (IEG) will hold their annual meeting on Thursda...
- + NICE Webinar: Empowering Refugee Communities in Cybersecurity Roles—The presentation slides are available here. Download the Continuing Ed...
- + NIST Launches Collaborative Research Effort on Digital Identity to Support Secure Delivery of Public Benefits—The collaboration aims to support secure, equitable access to vital pu...
- + NIST Publishes Automated Vehicles Workshop Report—NIST held a virtual workshop in September 2023 on Standards and Perfor...
- show more ...
As of 10/5/24 11:40pm. Last new 9/30/24 11:37pm. Score: 305
- + Technical Language Processing Community of Interest 2024 Meeting—Join Us for the 2024 TLP COI Meeting and Workshop The Technical Langua...
- + Additive Construction – The Path to Standardization II—The National Institute of Standards and Technology (NIST) Engineering ...
- + 2024 NIST-NSF Disaster Resilience Research Symposium—In cooperation with the National Science Foundation, the Engineering L...
- + Upcoming ANSI Brainstorming Session for Critical and Emerging Technologies: Enabling Automated and Connected Infrastructure Through Public-Private Partnerships—American National Standards Institute (ANSI) is hosting two separate b...
- + NIST Participates in White House Summit on Standards for Critical and Emerging Technology—A new Implementation Roadmap provides recommendations and actions for ...
- + Upcoming ANSI Brainstorming Session for Critical and Emerging Technologies: Enabling Artificial Intelligence and Machine Learning Through Public-Private Partnerships—American National Standards Institute (ANSI) is hosting two separate b...
- + An RM for Measuring Cannabinoids and Toxic Elements in Hemp—The Hemp Plant reference material (RM 8210) provides values for cannab...
- + SIM Approval of the NIST Office of Reference Materials Quality Management System—The NIST Office of Reference Materials implements a quality management...
- + IEEE 1451.0 - 2024 Standard Published Under Leadership of NIST Researchers—NIST researchers Eugene Song and Kang Lee chaired and led the developm...
- + Hawaii MEP Tours the CTL Operational Technology Cybersecurity Laboratory—NIST researchers from the Communications Technology Laboratory's Smart...
- show more ...
As of 10/5/24 11:39pm. Last new 9/30/24 9:24pm. Score: 327
- + Zeek 6.0.8—Zeek is a powerful network analysis framework that is much different f...
- + ABB Cylon Aspect 3.07.02 Authenticated File Disclosure—ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitra...
- + Debian Security Advisory 5784-1—Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the ...
- + Debian Security Advisory 5783-1—Debian Linux Security Advisory 5783-1 - Multiple security issues have ...
- + TeamViewer Privilege Escalation—Proof of concept code for a flaw in TeamViewer that enables an unprivi...
- + Ubuntu Security Notice USN-7053-1—Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick inc...
- + Debian Security Advisory 5782-1—Debian Linux Security Advisory 5782-1 - Several vulnerabilities have b...
- + Ubuntu Security Notice USN-7055-1—Ubuntu Security Notice 7055-1 - Goldberg, Miro Haller, Nadia Heninger,...
- + MD-Pro 1.0.76 Shell Upload / SQL Injection—MD-Pro version 1.0.76 suffers from remote SQL injection and shell uplo...
- + Computer Laboratory Management System 2024 1.0 Cross Site Scripting—Computer Laboratory Management System 2024 version 1.0 suffers from a ...
- show more ...
As of 10/5/24 11:30pm. Last new 10/4/24 8:19pm. Score: 446
- + Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN—Palo Alto Networks is the only vendor recognized as a Leader in Single...
- + A Leader in 2024 Forrester Enterprise Firewall Solutions Wave—As businesses adopt AI and face increasingly advanced threats, organiz...
- + The Top 5 Largest Scale Intrusions in 2023—What Powered Them? Large-scale cyber intrusions increased during 202...
- + Palo Alto Networks Prevents Data Loss at Enterprise Scale with NVIDIA—The rapid adoption of generative AI (GenAI) applications is driving a ...
- + Unit 42 Incident Response Retainers Enhance Organizational Resilience—Cyberattacks have increased in speed, scale and sophistication in the ...
- + A Leader in the 2024 Gartner Magic Quadrant for EPP—For Cortex XDR, Palo Alto Networks is Recognized as a Leader Once Agai...
- + Forrester Names Palo Alto Networks a Leader in Attack Surface Management—Cortex Xpanse is recognized with the top vendor score in the strategy ...
- + The Hidden AI Risk Lurking In Your Business—Today, there are thousands of Generative AI (GenAI) tools available on...
- + Using Time in Your Favor During a Ransomware Attack—Slow-Playing the Attackers When you face extortion, there are battle...
- + Crush It, Don’t Get Crushed — Combat SOC Analyst Burnout with AI—Anyone who works in cybersecurity knows that it’s full of rewards and ...
- show more ...
As of 10/5/24 11:30pm. Last new 10/4/24 8:34pm. Score: 421