IOC.ONE
OSINT Cyber Threat Intelligence Database
12.02.2025 | prsol.cc
ロシア軍ハッカーがウクライナに悪意のあるウィンドウズ・アクティベーターを配備 - PRSOL:CC

ロシア軍のサイバースパイグループ「Sandworm」は、トロイの木馬化したMicrosoft Key Management Service (KMS)アクティベータと偽のWindowsアップデートで、ウクライナのWindowsユーザーを標的にしています。 これらの攻撃は2023年後半に始まった可能性が高く、現在、EclecticIQの脅威アナリストは、重複するインフラ、一貫した戦術、技術、手順(TTPs)、および攻撃に使用されるドメインを登録するために頻繁に使用されるProtonMailアカウントに基づいて、Sandwormのハッカーとリンクしています。 攻撃者はまた、DarkCrystal…

Details & Relations Graph Source
12.02.2025 | nsfocus.net
绿盟威胁情报周报(2025.01.20-2025.01.26) – 绿盟科技技术博客
Details & Relations Graph Source
12.02.2025 | socradar.io
February 2025 Patch Tuesday: Microsoft Fixes 63 Vulnerabilities, Including Two Actively Exploited Zero-Days - SOCRadar® Cyber Intelligence Inc.

Microsoft’s latest Patch Tuesday update for February 2025 delivers important security fixes, addressing 63 vulnerabilities across various products.

Details & Relations Graph Source
12.02.2025 | socprime.com
Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine - SOC Prime

Detect Sandworm APT attacks exploiting malicious Windows KMS activators in a cyber-espionage against Ukraine with Sigma rule from SOC Prime.

Details & Relations Graph Source
12.02.2025 | medium.com
Two tales and one Antidot(e) — a new mobile malware campaign in Poland

Recently, the Polish cyber threat landscape has seen a growing number of malicious mobile applications. In addition to identifying the…

Details & Relations Graph Source
12.02.2025 | infosecwriteups.com
VulnLab Baby

Hey everyone, welcome back! It’s Maverick here with a new write-up — this time for my first machine on VulnLab. It’s a straightforward…

Details & Relations Graph Source
12.02.2025 | infosecurity-magazine.com
Microsoft Fixes Another Two Actively Exploited Zero-Days

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation

Details & Relations Graph Source
12.02.2025 | medium.com
APT29 Təhdidi Kampaniyası(Threat Campaign) — Alman Təşkilatlarına Hücum

APT29, həmçinin Cozy Bear kimi tanınan, Rusiya hökuməti ilə əlaqəli olduğu güman edilən bir kiber təhdid qrupudur. APT29 Alman…

Details & Relations Graph Source
12.02.2025 | securityaffairs.com
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog.

Details & Relations Graph Source
12.02.2025 | gbhackers.com
Sandworm APT Hackers Weaponize Microsoft KMS Activation Tools To Compromise Windows

The Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU, has been exploiting pirated Microsoft KMS activation tools.

Details & Relations Graph Source
12.02.2025 | securityaffairs.com
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild.

Details & Relations Graph Source
12.02.2025 | malware.news
XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants

XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliat…

Details & Relations Graph Source
12.02.2025 | cyble.com
BTMOB RAT Newly Discovered Android Malware

Cyble analyzes BTMOB RAT, advanced Android malware actively spreading via phishing sites, leveraging Accessibility Services to steal credentials, control devices remotely, and execute various malicious activities.

Details & Relations Graph Source
12.02.2025 | malware.news
Microsoft Patch Tuesday, February 2025 Edition

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off usin…

Details & Relations Graph Source
12.02.2025 | qualys.com
Microsoft Patch Tuesday, February 2025 Security Update Review – Qualys ThreatPROTECT
Details & Relations Graph Source
12.02.2025 | anquanke.com
独家|360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | anquanke.com
Linux X.509基于证书的用户登录缺陷让攻击者绕过身份验证-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | anquanke.com
Ivanti修补了Connect Safe和Policy Safe中的关键缺陷-立即更新-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | anquanke.com
CVE-2025-24032、CVE-2025-24531等:PAM-PKCS#11中的关键缺陷将Linux身份验证暴露给攻击者-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | anquanke.com
CVE-2025-22467(CVSS9.9):Ivanti Connect安全漏洞允许远程代码执行-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | anquanke.com
Microsoft补丁积极利用零时缺陷-CVE-2025-21418 & CVE-2025-21391-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
12.02.2025 | jvn.jp
JVN#84319378: acmailer vulnerable to cross-site scripting
Details & Relations Graph Source
12.02.2025 | google.com
Cybercrime: A Multifaceted National Security Threat | Google Cloud Blog

Google Threat Intelligence Group discusses the current state of cybercrime, and why it must be considered a national security threat.

Details & Relations Graph Source
12.02.2025 | seqrite.com
XELERA Ransomware Targets Tech Aspirants with Fake Food Corporation of India Job Offers

A new XELERA ransomware campaign is targeting tech aspirants with fake job offers from the Food Corporation of India (FCI). Learn how this Python-based malware uses Discord for C2, steals credentials, and deploys ransomware. Includes IOCs and MITRE ATT&CK analysis.

Details & Relations Graph Source
11.02.2025 | medium.com
Influencing Security: 5 Keys to Selling Security Initiatives Throughout the Organization

Gain the support you need to accomplish your goals

Details & Relations Graph Source
11.02.2025 | securityaffairs.com
OpenSSL patched high-severity flaw CVE-2024-12797

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks.

Details & Relations Graph Source
11.02.2025 | rapid7.com
Patch Tuesday - February 2025 | Rapid7 Blog
Details & Relations Graph Source
11.02.2025 | malware.news
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for February of 2025 which includes 63 vulnerabilities affecting a range of products, including 4 that Microsoft marked as “critical” and one marked as “moderate.” There are two notable “critical” vulnerabilities. The first is CVE-2025-21376, which…

Details & Relations Graph Source
11.02.2025 | sophos.com
February Patch Tuesday delivers 57 packages

After January’s deluge, a calmer update volume returns

Details & Relations Graph Source
11.02.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-21693 - RedPacket Security

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswap_compress()

Details & Relations Graph Source
11.02.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-25186 - RedPacket Security

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and

Details & Relations Graph Source
11.02.2025 | malware.news
The February 2025 Security Update Review

We’ve survived Pwn2Own Automotive and made it to the second Patch Tuesday of 2025. As always, Microsoft and Adobe have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the …

Details & Relations Graph Source
11.02.2025 | medium.com
Horizon Alert — 02/2025–4 (5) Zero Days

NTLM Hash Disclosure, UEFI Bypass, Deletion of File, SYSTEM…

Details & Relations Graph Source
11.02.2025 | prsol.cc
アップル、「極めて巧妙な」攻撃に悪用されたゼロデイを修正 - PRSOL:CC

アップル社は、「極めて巧妙な」標的型攻撃に悪用されたというゼロデイ脆弱性を修正するための緊急セキュリティ・アップデートをリリースした。 「物理的な攻撃により、ロックされたデバイスのUSB制限モードが無効になる可能性があります。 「アップルは、この問題が特定の標的を絞った極めて巧妙な攻撃で悪用された可能性があるという報告を承知している。 USB制限モードは、デバイスが1時間以上ロックされている場合、USBアクセサリがデータ接続を作成するのをブロックするセキュリティ機能(iOS 11.4.1で約7年前に導入)である。この機能は、GraykeyやCellebriteのようなフォレンジック・ソフトウ…

Details & Relations Graph Source
11.02.2025 | socprime.com
XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities - SOC Prime

Detect XE Group activity using CVE-2024-57968 and CVE-2025-25181, zero-day exploits in VeraCore, with Sigma rules from SOC Prime Platform.

Details & Relations Graph Source
11.02.2025 | 4hou.com
360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com

国产化软件系统“受灾”严重,2024全球高级威胁研究报告出炉。

Details & Relations Graph Source
11.02.2025 | securityaffairs.com
Progress Software fixed multiple high-severity LoadMaster flaws

Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands.

Details & Relations Graph Source
11.02.2025 | ahnlab.com
Weekly Detection Rule (YARA and Snort) Information - Week 2, February 2025 - ASEC

The following is the information on Yara and Snort rules (week 2, February 2025) collected and shared by the AhnLab TIP service. 2 YARA Rules Detection name Description Source PK_Binance_nuxt Phishing Kit impersonating Binance https://github.com/t4d/PhishingKit-Yara-Rules PK_MondialRelay_traffyque …

Details & Relations Graph Source
11.02.2025 | ahnlab.com
주간 탐지 룰(YARA, Snort) 정보 - 2025년 2월 2주차 - ASEC

AhnLab TIP 서비스에서 수집한, 공개된 YARA, Snort룰(2025년 2월 2주) 정보입니다. 2 YARA Rules 탐지명 설명 출처 PK_Binance_nuxt Binance(암호화폐 거래) 를 사칭하는 Phishing Kit 탐지 https://github.com/t4d/PhishingKit-Yara-Rules PK_MondialRelay_traffyque Mondial Relay(프랑스 국제 택배)를 사칭하는 Phishing Kit 탐지 https://github.com/t4d/PhishingKit-Yara-Ru…

Details & Relations Graph Source
11.02.2025 | medium.com
Cyber Briefing: 2025.02.11

👉 What’s the latest in the cyber world today?

Details & Relations Graph Source
11.02.2025 | talosintelligence.com
Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for January of 2025 which includes 58 vulnerabilities, including 3 that Microsoft marked as “critical” and one marked as "moderate". The remaining vulnerabilities listed are classified as “important.”

Details & Relations Graph Source
11.02.2025 | malware.news
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns

Executive Summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you…

Details & Relations Graph Source
11.02.2025 | securityboulevard.com
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)

3Critical52Important0Moderate0LowMicrosoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild.Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our coun…

Details & Relations Graph Source
11.02.2025 | tenable.com
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)

Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild.

Details & Relations Graph Source
11.02.2025 | wiz.io
NVIDIA AI vulnerability:  Deep Dive into CVE 2024-0132 | Wiz Blog

Critical severity vulnerability (CVE-2024-0132) affecting Container Toolkit and GPU Operator may present risk to cloud service providers

Details & Relations Graph Source
11.02.2025 | sekoia.io
RATatouille: Cooking Up Chaos in the I2P Kitchen

Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.

Details & Relations Graph Source
11.02.2025 | thezdi.com
Zero Day Initiative — The February 2025 Security Update Review

We’ve survived Pwn2Own Automotive and made it to the second Patch Tuesday of 2025. As always, Microsoft and Adobe have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the f

Details & Relations Graph Source
11.02.2025 | 4hou.com
新型 Aquabotv3 勒索软件利用 Mitel 命令注入漏洞发起攻击 - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com

这是一个中等严重的漏洞,它允许具有管理员特权的身份验证的攻击者,由于启动过程中的参数消毒不足而进行参数注射攻击,从而导致任意命令执行。

Details & Relations Graph Source
11.02.2025 | infosecurity-magazine.com
Apple Update Mitigates “Extremely Sophisticated” Zero-Day Exploit

Apple has patched a zero-day vulnerability being exploited in targeted attacks

Details & Relations Graph Source
11.02.2025 | malware.news
Monthly Threat Actor Group Intelligence Report, November 2024 (JPN)

Monthly Threat Actor Group Intelligence Report, November 2024 (JPN) Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment he…

Details & Relations Graph Source
11.02.2025 | tistory.com
김수키(Kimsuky) 에서 만든 종신안내장 으로 위장한 악성코드-종신안내장v02_곽X환d.zip(2025.2.5)

오늘은 북한 해킹 단체 김수키(Kimsuky)에서 만든 악성코드인 종신안내장 으로 위장한 악성코드-종신안내장v02_곽X환d.zip(2025.2.5)에 대해 글을 적어보겠습니다.일단 일단 PDF 파일인 것처럼 돼 있지만, 사실은 PDF 파일이 아닌 그냥 링크 파일 아니다. 해당 악성코드 해쉬값은 다음과 같습니다.파일명:종신안내장v02_곽X환d.zip사이즈:6,427 BytesMD5:40837012253331958723dda63fdfabffSHA-256:079907b7feab3673a1767dbfbc0626e656f5d3b03b6cf…

Details & Relations Graph Source
11.02.2025 | cisecurity.org
Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

<p>Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. </p><p> </p><ul><li>FortiManager is a network and security management tool that provides centralized management of Fortinet devices from a single console. </li><li>For…

Details & Relations Graph Source
11.02.2025 | elastic.co
Linux Detection Engineering - Approaching the Summit on Persistence Mechanisms — Elastic Security Labs

Building on foundational concepts and techniques explored in the previous publications, this post discusses some creative and/or complex persistence mechanisms.

Details & Relations Graph Source
11.02.2025 | cisecurity.org
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

<p>Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the …

Details & Relations Graph Source
11.02.2025 | bleepingcomputer.com
Russian military hackers deploy malicious Windows activators in Ukraine

The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates.

Details & Relations Graph Source
11.02.2025 | ssi.gouv.fr
Multiples vulnérabilités dans les produits Siemens - CERT-FR
Details & Relations Graph Source
11.02.2025 | eclecticiq.com
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns

Sandworm APT targets Ukrainian users with Trojanized Microsoft KMS tools for cyber espionage, leveraging pirated software to exfiltrate sensitive data and compromise critical infrastructure.

Details & Relations Graph Source
11.02.2025 | crowdstrike.com
February 2025 Patch Tuesday: Updates and Analysis | CrowdStrike

Microsoft has released security updates for 67 vulnerabilities, including 4 zero-days and 3 critical, in its February 2025 Patch Tuesday rollout.

Details & Relations Graph Source
11.02.2025 | nshc.net
Monthly Threat Actor Group Intelligence Report, November 2024 (JPN) – Red Alert
Details & Relations Graph Source
11.02.2025 | krebsonsecurity.com
Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security
Details & Relations Graph Source
11.02.2025 | bleepingcomputer.com
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws

Today is Microsoft's February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks.

Details & Relations Graph Source
11.02.2025 | sans.edu
Microsoft February 2025 Patch Tuesday - SANS Internet Storm Center

Microsoft February 2025 Patch Tuesday, Author: Renato Marinho

Details & Relations Graph Source
11.02.2025 | qq.com
独家|360发布全球高级威胁研究报告:我国14大重点行业面临境外APT威胁

360发布2024全球APT研究报告,全面洞见高级威胁未来发展态势

Details & Relations Graph Source
11.02.2025 | ssi.gouv.fr
Multiples vulnérabilités dans les produits SAP - CERT-FR
Details & Relations Graph Source
11.02.2025 | cyberscoop.com
U.S. adversaries increasingly turning to cybercriminals and their malware for help

A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began.

Details & Relations Graph Source
11.02.2025 | cyberscoop.com
Microsoft fixes 63 vulnerabilities, including 2 zero-days

The company’s monthly Patch Tuesday update comes with more than two-thirds of the patches closing high-severity flaws.

Details & Relations Graph Source
11.02.2025 | bleepingcomputer.com
Fortinet warns of new zero-day exploited to hijack firewalls

Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks.

Details & Relations Graph Source
11.02.2025 | bleepingcomputer.com
Fortinet discloses second firewall auth bypass patched in January

Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.

Details & Relations Graph Source
10.02.2025 | redpacketsecurity.com
US-CERT Vulnerability Summary for the Week of February 3, 2025 - RedPacket Security

Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.

Details & Relations Graph Source
10.02.2025 | securityaffairs.com
Apple fixes iPhone and iPad bug actively exploited in ‘extremely sophisticated attacks’

Apple released iOS and iPadOS updates to address a zeroday likely exploited in extremely sophisticated attacks targeting specific individuals

Details & Relations Graph Source
10.02.2025 | medium.com
Malware Analysis Monday #2

Genesis 1, but the chapter just gets longer.

Details & Relations Graph Source
10.02.2025 | securityaffairs.com
HPE is notifying individuals affected by a December 2023 attack

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russian threat actors.

Details & Relations Graph Source
10.02.2025 | osintteam.blog
MITRE ATT&CK in Action: Mapping TTPs & Data Sources for Real-World Threat Detection

MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally accessible knowledge base of real-world cyber attack…

Details & Relations Graph Source
10.02.2025 | medium.com
Conducting ATT&CK Assessments Based on APTs and Client Business Sectors.

I’ve been working with MITRE ATT&CK since the beginning of my cybersecurity career, and over the past four years, I’ve faced challenges in…

Details & Relations Graph Source
10.02.2025 | harfanglab.io
Further insights into Ivanti CSA 4.6 vulnerabilities exploitation

Identifier: TRR250201. Summary Between October 2024 and late January 2025, public reports described the exploitation of Ivanti CSA vulnerabilities which started Q4 2024. We share analysis results confirming a worldwide exploitation, that lead to Webshells deployments in September and October 2024. …

Details & Relations Graph Source
10.02.2025 | malware.news
10th February – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coup…

Details & Relations Graph Source
10.02.2025 | checkpoint.com
10th February – Threat Intelligence Report - Check Point Research

For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grubhub, the US-based online food ordering and delivery platform, suffered a data breach due to unauthorized access through a compromised third-part…

Details & Relations Graph Source
10.02.2025 | securityaffairs.com
XE Group shifts from credit card skimming to exploiting zero-days

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks.

Details & Relations Graph Source
10.02.2025 | medium.com
Fake CAPTCHA leads to Vidar Stealer

There’s been an apparent resurgence of fake CAPTCHA style malware delivery in the recent months. This is a fairly clever way of having a…

Details & Relations Graph Source
10.02.2025 | thecyberexpress.com
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird

The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0016) highlighting a series of Mozilla vulnerability, including

Details & Relations Graph Source
10.02.2025 | cyble.com
Cyble Warns Of Patient Monitor Risk In ICS Vulnerability Report

A 9.8-severity patient monitor vulnerability draws warnings from CISA, the FDA and Cyble.

Details & Relations Graph Source
10.02.2025 | gbhackers.com
Critical Zimbra Flaws Allow Attackers to Gain Unauthorized Access to Sensitive Data

Serious vulnerabilities in Zimbra Collaboration Suite (ZCS), a popular enterprise email and collaboration platform, have raised alarm in the cybersecurity community.

Details & Relations Graph Source
10.02.2025 | picussecurity.com
MITRE ATT&CK T1555 Credentials from Password Stores

This blog explains the T1555 Credentials from Password Stores technique and its sub-techniques in the MITRE ATT&CK framework.

Details & Relations Graph Source
10.02.2025 | cyble.com
CVE-2025-23114: Veeam Users Urged To Patch Now

A critical vulnerability (CVE-2025-23114) in Veeam Updater allows remote code execution via MitM attacks. Users must apply patches immediately to prevent exploitation.

Details & Relations Graph Source
10.02.2025 | ahnlab.com
AhnLab EDR을 활용한 Akira 랜섬웨어 공격 사례 탐지 - ASEC

Akira는 상대적으로 새롭게 등장한 랜섬웨어 공격자로서 2023년 3월부터 활동하고 있다. 다른 랜섬웨어 공격자들과 유사하게 조직에 침투한 이후 파일을 암호화할 뿐만 아니라 민감한 정보를 탈취해 협상에 사용한다. 실제 다음과 같은 2024년 통계에서도 Akira 랜섬웨어에 의한 피해 기업의 수가 상위권을 차지하고 있다. [1] Figure 1. 2024년 랜섬웨어 피해 통계 공격자는 랜섬웨어를 통해 조직의 시스템을 암호화한 이후 협상을 […]

Details & Relations Graph Source
10.02.2025 | medium.com
RST TI Report Digest: 10 Feb 2025

We analysed 59 threat intelligence articles that we collected last week and are sharing a short summary of 10 of them with IoCs.

Details & Relations Graph Source
10.02.2025 | ssi.gouv.fr
Bulletin d'actualité CERTFR-2025-ACT-006 - CERT-FR
Details & Relations Graph Source
10.02.2025 | bleepingcomputer.com
Apple fixes zero-day exploited in 'extremely sophisticated' attacks

Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and "extremely sophisticated" attacks.

Details & Relations Graph Source
10.02.2025 | 0x0v1.com
Targeted Threats Research - South & North Korea (a breakdown of 3 years of threat research in Korea)

This research will be discussed at RightsCon 2025: Unveiling North Korea’s cyber threats: safeguarding human rights Sections: 1. Executive Summary 2. Introduction 3. Methodology 1. Sample submission 2. Auditing 3. Malware analysis 4. Email Content analysis 5. Passive DNS & …

Details & Relations Graph Source
09.02.2025 | medium.com
Weekly Cybersecurity Roundup: Feb 3, 2025 — Feb 9, 2025

Cybersecurity, government experts are aghast at security failures in DOGE takeover

Details & Relations Graph Source
09.02.2025 | medium.com
TLS 1.2 vs TLS 1.3

TLS 1.3 enhances online security by streamlining the handshake process, eliminating outdated ciphers, and improving speed and efficiency

Details & Relations Graph Source
09.02.2025 | prsol.cc
HPE、ロシアのOffice 365ハッキングを受け、データ漏洩を従業員に通知 - PRSOL:CC

ヒューレット・パッカード・エンタープライズ(HPE)は、2023年5月のサイバー攻撃でロシアの国家支援を受けたハッカーによって同社のOffice 365メール環境からデータを盗まれた従業員に通知している。 ニューハンプシャー州とマサチューセッツ州の司法長官事務所に提出された書類によると、HPEは先月、運転免許証、クレジットカード番号、社会保障番号を盗まれた少なくとも16人に対し、侵害通知書の送付を開始した。 「HPEのフォレンジック調査により、特定の個人の個人情報が不正アクセスを受けた可能性があることが判明しました。「2025年1月29日、HPEは適用される法律に従い、影響を受けた個人に対し…

Details & Relations Graph Source
09.02.2025 | medium.com
Analysis of malicious mobile applications impersonating popular Polish apps — OLX, Allegro, IKO

Cybercriminals are once again exploiting the popularity of online marketplaces by creating malicious mobile applications that imitate…

Details & Relations Graph Source
08.02.2025 | securityaffairs.com
Kimsuky Group used custom RDP Wrapper version

Researchers spotted North Korea's Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware.

Details & Relations Graph Source
08.02.2025 | medium.com
ScarCruft APT Malware Uses Image Steganography

*Note: This article was originally published by the author on May 16, 2019. It is re-posted here by the author for archival purposes. Free…

Details & Relations Graph Source
08.02.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-24028 - RedPacket Security

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is

Details & Relations Graph Source
08.02.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-25187 - RedPacket Security

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is

Details & Relations Graph Source
08.02.2025 | prsol.cc
Cisco ISEの重大なバグにより、攻撃者がrootとしてコマンドを実行する可能性がある - PRSOL:CC

シスコは、同社のアイデンティティ・サービス・エンジン(ISE)セキュリティ・ポリシー管理プラットフォームの2つの重大な脆弱性を修正するパッチをリリースした。 企業の管理者は、認証、認可、およびアカウンティングを単一のアプライアンスに統合するアイデンティティおよびアクセス管理(IAM)ソリューションとして、Cisco ISEを使用しています。 2つのセキュリティ上の欠陥(CVE-2025-20124およびCVE-2025-20125)は、読み取り専用の管理者権限を持つ認証済みのリモート攻撃者に悪用される可能性があり、パッチを適用していないデバイス上でrootとして任意のコマンドを実行し、認証を…

Details & Relations Graph Source
07.02.2025 | cloudflare.com
Resolving a Mutual TLS session resumption vulnerability

Cloudflare patched a Mutual TLS (mTLS) vulnerability (CVE-2025-23419) reported via its Bug Bounty Program. The flaw in session resumption allowed client certificates to authenticate across different zones improperly. Cloudflare mitigated the issue in 32 hours by disabling session resumption for mTL…

Details & Relations Graph Source
07.02.2025 | medium.com
Cybersecurity News Review — Week 6 (2025)

I had to cut a lot from this week’s packed list of cybersecurity developments, but I wanted to leave the several stories about DeepSeek, highlighting the volatile environment in the AI space. Russian…

Details & Relations Graph Source