IOC.ONE
OSINT Cyber Threat Intelligence Database
19.01.2025 | heise.de
Missing Link: Die Ära der Ransomware beginnt mit einer 5,25"-Diskette

Vor 35 Jahren markierte eine schlichte 5,25 Zoll-Diskette mit der Aufschrift "AIDS Information" den Beginn einer der größten Geißeln der vernetzten Menschheit.

Details & Relations Graph Source
19.01.2025 | zerodayinitiative.com
ZDI-25-032

Ivanti Endpoint Manager HIIDriver Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability

Details & Relations Graph Source
19.01.2025 | zerodayinitiative.com
ZDI-25-031

Ivanti Endpoint Manager MyResolveEventHandler Untrusted Search Path Remote Code Execution Vulnerability

Details & Relations Graph Source
18.01.2025 | medium.com
Nmap for Beginners

Network Mapper (Nmap) is a network scanner that discovers hosts and services on a computer network by processing both sent and received…

Details & Relations Graph Source
18.01.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-23208 - RedPacket Security

zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db) is an append-list so group

Details & Relations Graph Source
18.01.2025 | securityboulevard.com
Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones

As the political landscape heats up, so does the activity in the cyber threat domain. High-profile events such as inaugurations often become a prime opportunity for cybercriminals to launch malicious campaigns. With Trump’s upcoming inauguration on January 20th, our research sheds light on the digi…

Details & Relations Graph Source
18.01.2025 | redpacketsecurity.com
CISA: CISA Releases Eight Industrial Control Systems Advisories - RedPacket Security

CISA Releases Eight Industrial Control Systems Advisories

Details & Relations Graph Source
17.01.2025 | censys.com
January 17 Advisory: Zero-Day Vulnerability in FortiOS and FortiProxy Added to CISA KEV [CVE-2024-55591]
Details & Relations Graph Source
17.01.2025 | medium.com
Unmasking the Shadows: Inside the Dark Web of coinbase-mywallet.com Phishing and Malware Networks

Phishing domains and malware infrastructures are the silent predators of the digital age. In this deep dive, we unravel the intricate web…

Details & Relations Graph Source
17.01.2025 | medium.com
Job Offer or Cyber Trap? Fake CrowdStrike Recruiters Deliver Malware

Hello, I’m Mo. Elshaheedy

Details & Relations Graph Source
17.01.2025 | rapid7.com
Metasploit Wrap-Up 01/17/2025 | Rapid7 Blog
Details & Relations Graph Source
17.01.2025 | malware.news
Detecting and mitigating CVE-2024-12084: Rsync remote code execution

On Tuesday, January 14, 2025, a set of vulnerabilities were announced that affect the “rsync” utility. Rsync allows files and directories to be flexibly transferred locally and remotely. It is often used for deployments and backup purposes. In total, 6 vulnerabilities were announced to the OSS Secu…

Details & Relations Graph Source
17.01.2025 | socradar.io
The Future of Biometric Authentication in Mobile Banking - SOCRadar® Cyber Intelligence Inc.

Biometric authentication is a security mechanism that uses unique biological characteristics to verify a person’s identity. In the context of banking

Details & Relations Graph Source
17.01.2025 | medium.com
Cybersecurity News Review — Week 3 (2025)

From high-profile data breaches to emerging vulnerabilities, this week’s newsletter delves into the cybersecurity landscape, giving you the knowledge to stay informed and vigilant. Fortinet has…

Details & Relations Graph Source
17.01.2025 | medium.com
Cyber Briefing: 2025.01.17

👉 What are the latest cybersecurity alerts, incidents, and news?

Details & Relations Graph Source
17.01.2025 | socprime.com
SOC Prime Threat Bounty Digest — December 2024 Results - SOC Prime

Threat Bounty December 2024 digest - Important Program news and insights on five top-rated rules and authors

Details & Relations Graph Source
17.01.2025 | malware.news
Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Key vulnerabil…

Details & Relations Graph Source
17.01.2025 | securelist.ru
Обзор защищенности информационно-развлекательной системы Mercedes-Benz

Специалисты «Лаборатории Касперского» проанализировали головное устройство Mercedes-Benz и обнаружили новые уязвимости на уровне физического доступа.

Details & Relations Graph Source
17.01.2025 | malware.news
Monthly Threat Actor Group Intelligence Report, September 2024 (JPN)

Monthly Threat Actor Group Intelligence Report, September 2024 (JPN) Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment h…

Details & Relations Graph Source
17.01.2025 | malware.news
Monthly Threat Actor Group Intelligence Report, October 2024 (ENG)

Monthly Threat Actor Group Intelligence Report, October 2024 (ENG) Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment hel…

Details & Relations Graph Source
17.01.2025 | malware.news
Sliver Implant Targets German Entities with DLL Sideloading and Proxying Techniques

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Key Takeaways …

Details & Relations Graph Source
17.01.2025 | prsol.cc
SAP、NetWeaverアプリケーション・サーバーの重大な脆弱性を修正 - PRSOL:CC

SAPは、NetWeaverウェブ・アプリケーション・サーバーに影響し、特権の昇格や制限された情報へのアクセスに悪用される可能性のある2つの重大な脆弱性を修正した。 また、1月のセキュリティパッチデーの一環として、SAPは他の製品にもアップデートをリリースし、深刻度が中程度と高程度と評価された12件の問題を修正した。 「SAPは、顧客がサポートポータルにアクセスし、SAPの環境を保護するために優先的にパッチを適用することを強く推奨する」と、同社のセキュリティ速報は述べている。 今月SAPが対処した最も深刻な4つのセキュリティ問題の概要は以下の通り: CVE-2025-0070(重大度:クリテ…

Details & Relations Graph Source
17.01.2025 | securityboulevard.com
Advanced Persistent Threat (APT): Examples and Prevention

Advanced persistent threats (APTs) use sophisticated tools and techniques to breach systems and maintain access—all while remaining undetected. Unlike other cyberattacks, APTs work over an extended period, using more resources to achieve specific objectives, such as stealing sensitive data or bring…

Details & Relations Graph Source
17.01.2025 | malware.news
Mercedes-Benz Head Unit security research report

Introduction Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Th…

Details & Relations Graph Source
17.01.2025 | securelist.com
A closer look at the Mercedes-Benz infotainment system security

Kaspersky experts analyzed the Mercedes-Benz head unit, its IPC protocols and firmware, and found new vulnerabilities via physical access.

Details & Relations Graph Source
17.01.2025 | cyble.com
Weekly IT Vulnerability Report: Critical Updates For SAP, Microsoft, Fortinet, And Others

This week, key vulnerabilities in SAP, Microsoft, Fortinet, Ivanti, and others demand immediate attention as threat actors exploit critical flaws.

Details & Relations Graph Source
17.01.2025 | picussecurity.com
BlackSuit Ransomware Group: What Have Changed After Royal Ransomware

The BlackSuit ransomware group, emerging after Royal, has intensified global cyberattacks with advanced tactics, $500M demands, and double extortion.

Details & Relations Graph Source
17.01.2025 | cyble.com
Sliver Implant Targets German Entities With DLL Sideloading And Proxying Techniques - Cyble

Cyble analyzes a cyberattack specifically engineered to target German citizens via DLL Sideloading, DLL Proxying, and the use of Sliver.

Details & Relations Graph Source
17.01.2025 | nshc.net
Monthly Threat Actor Group Intelligence Report, September 2024 (JPN) – Red Alert
Details & Relations Graph Source
17.01.2025 | anquanke.com
研究人员发现多个版本的 Ivanti Endpoint Manager 存在严重漏洞-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
17.01.2025 | sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 3

DoJ deletes PlugX from 4200 machines, new evidence links DPRK to Kratos crowdfunding scam, and Russia-linked APT targets Central Asia governments.

Details & Relations Graph Source
17.01.2025 | sysdig.com
Detecting and mitigating CVE-2024-12084: rsync remote code execution

This post will cover how to detect and mitigate CVE-2024-12084.

Details & Relations Graph Source
17.01.2025 | anquanke.com
已修复 SimpleHelp 重要漏洞,请更新服务器实例!-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
17.01.2025 | nshc.net
Monthly Threat Actor Group Intelligence Report, October 2024 (ENG) – Red Alert
Details & Relations Graph Source
16.01.2025 | malware.news
Threat Bulletin: Weaponized Software Targets Chinese-Speaking Organizations

Overview of the Attack Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to…

Details & Relations Graph Source
16.01.2025 | intezer.com
Threat Bulletin: Weaponized Software Targets Chinese-Speaking Organizations

Discover how Intezer’s AI Analyst leverages integrations with Microsoft Entra ID and Okta to autonomously triage identity-based threats.

Details & Relations Graph Source
16.01.2025 | malware.news
Find the helpers

Welcome to this week’s edition of the Threat Source newsletter.  “When I was a boy and I would see scary things in the news, my mother would say to me, ‘Look for the helpers. You will always find people who are helping.’”   ― Fred Rogers  There’s no world where following Mr. Roger’s advice is wrong…

Details & Relations Graph Source
16.01.2025 | arcticwolf.com
Multiple Vulnerabilities in Rsync Could be Combined to Achieve RCE - Arctic Wolf

On 14 January 2025, the CERT Coordination Center (CERT/CC) published a security advisory detailing multiple vulnerabilities impacting Rsync. The most severe vulnerability is CVE-2024-12084, a critical severity heap buffer overflow vulnerability in the Rsync daemon which can lead to out-of-bounds wr…

Details & Relations Graph Source
16.01.2025 | arcticwolf.com
Multiple Vulnerabilities in Rsync Could be Combined to Achieve RCE | Arctic Wolf

CERT Coordination Center published a security advisory detailing multiple vulnerabilities impacting Rsync. The most severe vulnerability is CVE-2024-12084, a critical severity heap buffer overflow vulnerability in the Rsync daemon which can lead to out-of-bounds writes in the buffer.

Details & Relations Graph Source
16.01.2025 | redpacketsecurity.com
CISA: CISA Releases Twelve Industrial Control Systems Advisories - RedPacket Security

CISA Releases Twelve Industrial Control Systems Advisories

Details & Relations Graph Source
16.01.2025 | sophos.com
Gootloader inside out

Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward

Details & Relations Graph Source
16.01.2025 | medium.com
Evading Endpoint Detection and Response (EDR)

Endpoint Detection and Response (EDR) solutions have become indispensable in modern cybersecurity strategies. By gathering extensive…

Details & Relations Graph Source
16.01.2025 | rapid7.com
Fortinet firewalls hit with new zero-day attack, older data leak | Rapid7 Blog
Details & Relations Graph Source
16.01.2025 | socradar.io
Pumakit: A Sophisticated Linux Rootkit Targeting Critical Infrastructure - SOCRadar® Cyber Intelligence Inc.

In recent months, Pumakit, a stealthy Linux rootkit, has emerged as a significant threat, targeting critical infrastructure across industries such as

Details & Relations Graph Source
16.01.2025 | medium.com
Cyber Briefing: 2025.01.16

👉 What’s going on in the cyber world today?

Details & Relations Graph Source
16.01.2025 | censys.com
Will the real Volt Typhoon please stand up?
Details & Relations Graph Source
16.01.2025 | tidalcyber.com
Build Resilience as Threat Actors Use AI to Lower the Barriers to Entry

While techniques like email phishing and fake persona use are not new, AI is making them more accessible to threat actors and more effective.

Details & Relations Graph Source
16.01.2025 | prsol.cc
66万台以上のRsyncサーバーがコード実行攻撃にさらされる - PRSOL:CC

660,000台以上のRsyncサーバーに、サーバー上でリモートコード実行を可能にする重大なヒープバッファオーバーフローの欠陥を含む、6つの新たな脆弱性が潜在しています。 Rsync はオープンソースのファイル同期およびデータ転送ツールで、インクリメンタルな転送を実行し、データ転送時間と帯域幅の使用量を削減する能力が評価されている。 ローカルのファイルシステム転送、SSHのような安全なプロトコルを介したリモート転送、独自のデーモンを介した直接ファイル同期をサポートしている。 このツールは、Rclone、DeltaCopy、ChronoSyncのようなバックアップシステム、公開ファイル配布リポ…

Details & Relations Graph Source
16.01.2025 | talosintelligence.com
Find the helpers

Bill discusses how to find 'the helpers' and the importance of knowledge sharing. Plus, there's a lot to talk about in our latest vulnerability roundup.

Details & Relations Graph Source
16.01.2025 | medium.com
Malware Trends Report: 2024

2024 has been an eventful year in the world of cybersecurity, with new trends emerging and malware families evolving at an alarming rate…

Details & Relations Graph Source
16.01.2025 | alyac.co.kr
업무 협조 요청 메일을 위장하여 유포 중인 악성코드 주의!

안녕하세요? 이스트시큐리티 시큐리티대응센터(이하 ESRC)입니다.업무협조 요청 메일을 위장하여 악성코드를 유포하는 공격이 발견되어 사용자분들의 각별한 주의가 필요합니다.  해당 메일은 ‘업무협조 문의메일’ 이라는 제목으로 유포되고 있으며, 업무 관련 문의사항에 대한 회신을 요구하며 메일 내 첨부된 ‘문의사항 내용정리.zip’ 파일 확인을 유도합니다. 첨부파일은 ZIP 압축포맷 안에 7z 압축포맷이 있는 이중 압축파일로 되어있으며 내부에는 ‘문의사항 내용정리.js’ 라는 자바스크립트 파일이 존재합니다.  해당 자바스크립트 파일은 동…

Details & Relations Graph Source
16.01.2025 | malware.news
Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Overview  …

Details & Relations Graph Source
16.01.2025 | securityboulevard.com
Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group

AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-136A) that disseminates known BianLian ransomware group Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through the Federal Bureau of Investigation (FBI), …

Details & Relations Graph Source
16.01.2025 | malware.news
ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Overview  …

Details & Relations Graph Source
16.01.2025 | malware.news
Malware Trends Overview Report: 2024

2024 has been an eventful year in the world of cybersecurity, with new trends emerging and malware families evolving at an alarming rate. Our analysis highlights the most prevalent malware families, types, and TTPs of the year, giving you a snapshot of the changing threat landscape.  Introduction…

Details & Relations Graph Source
16.01.2025 | any.run
Malware Trends Overview Report: 2024 - ANY.RUN's Cybersecurity Blog

Discover the key cyber threat trends in 2024, from the most prevalent malware families and types to the most common TTPs.

Details & Relations Graph Source
16.01.2025 | medium.com
The Feed 2025–01–16

Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls : Arctic Wolf researchers…

Details & Relations Graph Source
16.01.2025 | medium.com
Rsync expone miles de servidores

Seis vulnerabilidades, una de ellas crítica, afectan a la popular herramienta de sincronización de archivos

Details & Relations Graph Source
16.01.2025 | sekoia.io
Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service

In this blog post, learn about Sneaky 2FA, a new Adversary-in-the-Middle (AiTM) phishing kit targeting Microsoft 365 accounts.

Details & Relations Graph Source
16.01.2025 | microsoft.com
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog

In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first time we have identified a shift in Star Bliz…

Details & Relations Graph Source
16.01.2025 | cyble.com
Ukraine’s Cyberthreat Landscape 2024

Explore Ukraine’s 2024 cyberthreat landscape, uncovering government sector espionage, persistence, and operational disruption risks.

Details & Relations Graph Source
16.01.2025 | gbhackers.com
W3 Total Cache Plugin Vulnerability Let Attackers Gain Unauthorized Access to Sensitive Data

A significant security vulnerability has been identified in the W3 Total Cache plugin for WordPress, affecting all versions up to and including 2.8.1.

Details & Relations Graph Source
16.01.2025 | cyble.com
Hitachi Energy Report: Critical Infrastructure At 10/10 Risk

Discover Hitachi Energy Vulnerability Report, exposing critical ICS, OT, SCADA risks in Delta, Schneider systems.

Details & Relations Graph Source
16.01.2025 | qualys.com
Ivanti Released Updates for Ivanti Endpoint Manager (EPM) – Qualys ThreatPROTECT
Details & Relations Graph Source
16.01.2025 | medium.com
The Digital Domino: How Small Errors Create Big Breaches

It was an ordinary afternoon at the offices of a multinational corporation. The monitoring center’s indicators displayed routine activity…

Details & Relations Graph Source
16.01.2025 | nsfocusglobal.com
Microsoft’s January Security Update of High-Risk Vulnerabilities in Multiple Products - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Overview On January 14, NSFOCUS CERT detected that Microsoft released a security update patch for January, which fixed 159 security problems in widely used products such as Windows, Microsoft Office, Microsoft Visual Studio, Azure, Microsoft Dynamics, and Microsoft Edge. This includes high-risk vul…

Details & Relations Graph Source
16.01.2025 | tistory.com
윈도우 10 KB5049981,윈도우 11 KB5050009 & KB5050021 보안 업데이트

마이크로소프트에서 제공하는 운영체제인 윈도우 10,윈도우 11 에 대한 보안 업데이트 가 진행이 되었습니다.물론 새로운 기능도 포함입니다.윈도우 10 KB5049981의 새로운 기능Windows 커널 취약 드라이버 차단 목록 파일(DriverSiPolicy.p7b) 정책 파일인 하나의 수정 사항이 나열되어 있음차단 목록 파일에는 Windows에서 상승한 권한을 얻으려고 악용될 수 있는 취약점이 포함된 것으로 알려진 커널 드라이버 목록이 포함돼 있음KB5049981 누적 업데이트와 관련된 몇 가지 알려진 문제첫 번째로 알려진 문제는…

Details & Relations Graph Source
16.01.2025 | hp.com
HP Wolf Security Threat Insights Report: January 2025 | HP Wolf Security

Don’t let cyber threats get the best of you. Read our post, HP Wolf Security Threat Insights Report: January 2025, to learn more about cyber threats and cyber security.

Details & Relations Graph Source
16.01.2025 | tistory.com
김수키(Kimsuky)에서 만든 코발트 스트라이크(Cobalt Strike) 악성코드-test.zip(2025.1.11)

오늘은 우리가 정말로 존경하지 않는 북한 김수키(Kimsuky)에서 만든 코발트 스트라이크(Cobalt Strike) 악성코드-test.zip(2025.1.11)에 대해 글을 적어보겠습니다.해당 악성코드는 다음과 같습니다.파일명:test.zip사이즈:15,282 BytesMD5:8d3dd8b5a883a2080525a11807b2a6e1SHA-1:da3cbfad064e12c4334161a00335c0176011d0c2SHA-256:c2faf67cab95cba996e6b705e9579ffbc53fec55b09064308c2c38dbf…

Details & Relations Graph Source
16.01.2025 | tistory.com
김수키(Kimsuky)에서 만든 코발트 스트라이크(Cobalt Strike) 악성코드-test.zip(2025.1.11)

오늘은 우리가 정말로 존경하지 않는 북한 김수키(Kimsuky)에서 만든 코발트 스트라이크(Cobalt Strike) 악성코드-test.zip(2025.1.11)에 대해 글을 적어보겠습니다.해당 악성코드는 다음과 같습니다.파일명:test.zip사이즈:15,282 BytesMD5:8d3dd8b5a883a2080525a11807b2a6e1SHA-1:da3cbfad064e12c4334161a00335c0176011d0c2SHA-256:c2faf67cab95cba996e6b705e9579ffbc53fec55b09064308c2c38dbf…

Details & Relations Graph Source
16.01.2025 | welivesecurity.com
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that affects the majority of UEFI-based systems and allows bypassing UEFI Secure Boot.

Details & Relations Graph Source
16.01.2025 | anquanke.com
超过 66 万台 Rsync 服务器受到代码执行攻击-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
16.01.2025 | anquanke.com
SAP 修复 NetWeaver 应用服务器中的关键漏洞-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
15.01.2025 | securityaffairs.com
Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues.

Details & Relations Graph Source
15.01.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-0474 - RedPacket Security

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the

Details & Relations Graph Source
15.01.2025 | arcticwolf.com
Microsoft Patch Tuesday: January 2025 | Arctic Wolf

Microsoft released its January 2025 security update, addressing 159 newly disclosed vulnerabilities. Arctic Wolf has highlighted six vulnerabilities in this security bulletin that affect Microsoft Windows and are classified as critical or have been exploited in the wild.

Details & Relations Graph Source
15.01.2025 | nsfocus.net
【漏洞通告】微软1月安全更新多个产品高危漏洞通告 – 绿盟科技技术博客
Details & Relations Graph Source
15.01.2025 | malware.news
Navigating Evolving Threats in 2025: eCrime Ecosystem Adapts and Proliferates, Geopolitical Volatility To Fuel Cyber Threats

QuoIntelligence expects the fragmented eCrime ecosystem to drive mass-targeting cyberattacks, AI to consolidate its central role in social engineering attacks and disinformation, and geopolitical tensions to shape the 2025 cyber threats. Introduction to Malware Binary Triage (IMBT) Course Looking…

Details & Relations Graph Source
15.01.2025 | github.io
Contacto Ransomware Analysis

Introduction After a short break, I’m back with something new—today, we’re diving into a ransomware sample that a friend sent my way. To be honest, this is my first time reversing a ransomware sample, and I have to say, the experience was both exciting and educational. What made it even better is t…

Details & Relations Graph Source
15.01.2025 | censys.com
January 15 Advisory: Qlik Sense RCE Vulnerability Added to CISA KEV [CVE-2023-48365]
Details & Relations Graph Source
15.01.2025 | securityaffairs.com
U.S. CISA adds Fortinet FortiOS to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog.

Details & Relations Graph Source
15.01.2025 | gbhackers.com
ShadowSyndicate Hackers Added RansomHub Ransomware to their Arsenal

ShadowSyndicate is a prolific threat actor that has been active since July 2022, collaborated with various ransomware groups, and leverages a diverse toolkit, including Cobalt Strike, Sliver, IcedID, and Matanbuchus malware. 

Details & Relations Graph Source
15.01.2025 | socradar.io
January 2025 Patch Tuesday Highlights: 8 Zero-Days, 159 CVEs Fixed; SAP & Fortinet Updates - SOCRadar® Cyber Intelligence Inc.

Microsoft has released its January 2025 Patch Tuesday updates, delivering critical fixes. This month’s release tackles 159 CVEs, including eight zero-days,

Details & Relations Graph Source
15.01.2025 | malware.news
Slew of WavLink vulnerabilities

Lilith >_> of Cisco Talos discovered these vulnerabilities.  Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page, of the Wavlink AC3000 wireless router web application.   The Wavlink AC3000 wireless router is one of t…

Details & Relations Graph Source
15.01.2025 | medium.com
YARA Rules Explained: Cyber Threat Detection Tool for Modern Cybersecurity

Every ticking second is a chance for cyber threats to creep in.

Details & Relations Graph Source
15.01.2025 | gbhackers.com
Microsoft January 2025 Patch Tuesday Comes with Fix for 159 Vulnerabilities

Microsoft's January 2025 Patch Tuesday has arrived with a significant security update, addressing a total of 159 vulnerabilities.

Details & Relations Graph Source
15.01.2025 | threatdown.com
8 zero-days in one Patch Tuesday? Welcome to 2025 - ThreatDown by Malwarebytes

The January 2025 Patch Tuesday consists of 159 Microsoft CVEs, including three that are actively exploited.

Details & Relations Graph Source
15.01.2025 | malware.news
YARA Rules: Cyber Threat Detection Tool for Modern Cybersecurity

Every ticking second is a chance for cyber threats to creep in.  Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment help…

Details & Relations Graph Source
15.01.2025 | any.run
YARA Rules: Cyber Threat Detection Tool for Modern Cybersecurity - ANY.RUN's Cybersecurity Blog

Discover how YARA detection rules work and see real-world examples of rules used in ANY.RUN's Interactive Sandbox.

Details & Relations Graph Source
15.01.2025 | 4hou.com
Adobe 发布带有 PoC 漏洞代码的严重 ColdFusion 错误提醒 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com

虽然 Adobe 尚未透露此漏洞是否已被广泛利用,但它建议客户应当查看其更新的串行过滤器文档,以获取有关阻止不安全的 Wddx 反序列化攻击的更多信息。

Details & Relations Graph Source
15.01.2025 | gbhackers.com
Chrome Security Update - Patch For 16 Vulnerabilities

Google has released a significant security update for its Chrome browser, addressing 16 vulnerabilities in version 132.0.6834.83/84.

Details & Relations Graph Source
15.01.2025 | infosecurity-magazine.com
Microsoft Patches Eight Zero-Days to Start the Year

Patch Tuesday saw Microsoft fix eight zero-days, three of which are being actively exploited

Details & Relations Graph Source
15.01.2025 | gbhackers.com
Zoom Security Update - Patches Multiple Vulnerabilities That Let Attackers Escalate Privileges

Zoom Video Communications has released a critical security update addressing multiple vulnerabilities in its suite of applications.

Details & Relations Graph Source
15.01.2025 | talosintelligence.com
Slew of WavLink vulnerabilities

Lilith >_> of Cisco Talos discovered these vulnerabilities.  Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page, of the Wavlink AC3000 wireless router web application.   The Wavlink AC3000 wireless router is one of…

Details & Relations Graph Source
15.01.2025 | petri.com
January 2025 Patch Tuesday Updates Fix Hyper-V Flaws

Microsoft released yesterday the January 2025 Patch Tuesday updates for Windows 11 and Windows 10. This month’s Patch Tuesday updates include fixes for 159

Details & Relations Graph Source
15.01.2025 | redpacketsecurity.com
Microsoft Monthly Security Update (January 2025) - RedPacket Security

Microsoft has released monthly security update for their products:

Details & Relations Graph Source
15.01.2025 | redpacketsecurity.com
Fortinet Products Multiple Vulnerabilities - RedPacket Security

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution,

Details & Relations Graph Source
15.01.2025 | medium.com
Today’s Top Cyber Intelligence Highlights — Jan 15, 2025

Good evening, and welcome to another thrilling installment of “Cybersecurity Nightmares: The News Edition.” Today’s headlines scream of ransomware, zero-days, and enough vulnerabilities to make even…

Details & Relations Graph Source
15.01.2025 | thecyberexpress.com
FBI Removes PlugX Malware from 4,200 U.S. Computers in PRC-Linked Cyber Operation

The U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) announced the successful removal of PlugX malware

Details & Relations Graph Source
15.01.2025 | wiz.io
Behavioral Cloud IOCs: Examples and Detection Techniques | Wiz Blog

Discover how Behavioral Cloud IOCs can expose malicious activity as we break down real-world examples to reveal actionable detection techniques.

Details & Relations Graph Source