IOC.ONE
OSINT Cyber Threat Intelligence Database
22.01.2025 | securityaffairs.com
Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users.

Details & Relations Graph Source
22.01.2025 | flashpoint.io
Flashpoint Weekly Vulnerability Insights and Prioritization Report

Using Flashpoint's vulnerability prioritization report, anticipate, contextualize, and manage vulnerabilities to effectively address threats.

Details & Relations Graph Source
22.01.2025 | medium.com
Fileless Malware Nedir? S1Ep2 Cobalt Kitty Operasyonu

Fileless Malware ile ilgili ilk yazıyı bu konuda açıklamıştık. Bu seferki yazımızda başarılı ve organize bir şekilde gerçekleştirilen, Asya…

Details & Relations Graph Source
22.01.2025 | censys.com
Pivoting for Nosviak
Details & Relations Graph Source
22.01.2025 | socradar.io
Dark Web Profile: OilRig (APT34) - SOCRadar® Cyber Intelligence Inc.

OilRig, also known as APT34, is a state-sponsored Advanced Persistent Threat (APT) group with strong ties to Iranian intelligence. Known for its sophisticated

Details & Relations Graph Source
22.01.2025 | malware.news
Salt Typhoon: the Other Shoe Has Dropped, but Consternation Continues

On January 17, 2025, the United States government imposed sanctions on Sichuan Juxinhe Network Technology Co., LTD (Sichuan Juxinhe) (四川聚信和网络科技有限公司)., a Sichuan-based cybersecurity company, accusing it of “direct involvement in the Salt Typhoon cyber group,” a China-linked cyber threat group. Salt …

Details & Relations Graph Source
22.01.2025 | medium.com
Malicious driver from Equation APT

This write up is about analyzing a malicious driver supposedly form the infamous APT Equation. You can download the sample from the…

Details & Relations Graph Source
22.01.2025 | nsfocus.net
绿盟威胁情报周报(2025.01.13-2025.01.19) – 绿盟科技技术博客
Details & Relations Graph Source
22.01.2025 | medium.com
Cyber Briefing: 2025.01.222

👉 What’s trending in cybersecurity today?

Details & Relations Graph Source
22.01.2025 | threatconnect.com
Automating Threat Data Retrieval: How ThreatConnect, Polarity, and the TQL Generator are Changing the Game | ThreatConnect

You’re a CTI Analyst tasked with investigating a potential phishing campaign targeting your organization. An alert flags a suspicious email containing a URL that may be linked to a known threat actor. It would be best to determine the URL’s risk level, identify related indicators, and quickly distr…

Details & Relations Graph Source
22.01.2025 | medium.com
ValleyRAT: A Rootkit Leveraging Stolen Certificates and Bypassing AVs

Malware details :

Details & Relations Graph Source
22.01.2025 | sekoia.io
Targeted supply chain attack against Chrome browser extensions

In this blog post, learn about the supply chain attack targeting Chrome browser extensions and the associated targeted phishing campaign.

Details & Relations Graph Source
22.01.2025 | prsol.cc
ランサムウェア集団、Microsoft Teamsのフィッシング攻撃でITサポートを装う - PRSOL:CC

ランサムウェア集団は、従業員を騙してリモートコントロールを許可させ、社内ネットワークへのアクセスを提供するマルウェアをインストールするために、Microsoft Teamsの通話で技術サポートを装った後に、電子メール爆撃を採用するケースが増えている。 脅威の主体は、短期間に何千ものスパムメッセージを送信し、その後、ITサポートを提供するふりをして、敵が管理するOffice 365インスタンスからターゲットに電話をかけます。 この手口は、昨年末からBlack Bastaランサムウェアに起因する攻撃で確認されているが、サイバーセキュリティ企業Sophosの研究者は、FIN7グループに関連している…

Details & Relations Graph Source
22.01.2025 | qualys.com
Oracle Critical Patch Update, January 2025 Security Update Review – Qualys ThreatPROTECT
Details & Relations Graph Source
22.01.2025 | gbhackers.com
Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations

The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories.

Details & Relations Graph Source
22.01.2025 | medium.com
ประจำวันพุธที่ 22 มกราคม 2568

กลุ่ม APT “DoNot Team” ใช้มัลแวร์ Tanzeem โจมตีองค์กรในเอเชียใต้

Details & Relations Graph Source
22.01.2025 | redpacketsecurity.com
Microsoft Monthly Security Update (October 2024) - RedPacket Security

Updated Description, Related Links.

Details & Relations Graph Source
22.01.2025 | medium.com
Advanced Threat Detection: Exploiting Misconfigurations and System Tools

CIRT Scenarios Blog Series Part 2

Details & Relations Graph Source
22.01.2025 | medium.com
Supercharge Your CTI: AI-Powered IOC Collection with ChatGPT, Inoreader and Google Drive

In today’s dynamic cybersecurity landscape, automating repetitive tasks is critical to improving operational efficiency. This tutorial…

Details & Relations Graph Source
22.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans Node.js - CERT-FR
Details & Relations Graph Source
22.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans Oracle Database Server - CERT-FR
Details & Relations Graph Source
22.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans les produits Atlassian - CERT-FR
Details & Relations Graph Source
22.01.2025 | qq.com
Oracle 2025年1月补丁日多产品高危漏洞安全风险通告

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

Details & Relations Graph Source
22.01.2025 | anquanke.com
CVE-2025-21298 检测: Microsoft Outlook 中的严重零点击 OLE 漏洞会导致远程代码执行-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
22.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans Oracle PeopleSoft - CERT-FR
Details & Relations Graph Source
22.01.2025 | bleepingcomputer.com
Cisco warns of denial of service flaw with PoC exploit code

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code.

Details & Relations Graph Source
22.01.2025 | jvn.jp
JVN#15293958: Multiple vulnerabilities in I-O DATA router UD-LT2
Details & Relations Graph Source
22.01.2025 | github.blog
Attacks on Maven proxy repositories

Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.

Details & Relations Graph Source
22.01.2025 | anquanke.com
CVE-2025-23083:Node.js 漏洞暴露敏感数据和资源-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
22.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans Oracle Weblogic - CERT-FR
Details & Relations Graph Source
22.01.2025 | qq.com
游戏辅助的隐藏威胁|传播于游戏论坛的“Catlavan”后门分析报告
Details & Relations Graph Source
21.01.2025 | imperva.com
Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks | Imperva

Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks

Details & Relations Graph Source
21.01.2025 | socprime.com
CVE-2025-21298 Detection: Critical Zero-Click OLE Vulnerability in Microsoft Outlook Results in Remote Code Execution  - SOC Prime

Detect CVE-2025-21298 exploitation attempts, a critical RCE vulnerability in Windows OLE, with a free Sigma rule from SOC Prime.

Details & Relations Graph Source
21.01.2025 | securityaffairs.com
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers

Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet.

Details & Relations Graph Source
21.01.2025 | securityboulevard.com
Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks

The Clop ransomware group has once again demonstrated its ability to exploit vulnerabilities to compromise sensitive systems. As Cleo—a managed file transfer provider for businesses—grapples with the aftermath of Clop’s targeted attack on their systems, the spotlight turns to CVE-2024-50623 and CVE…

Details & Relations Graph Source
21.01.2025 | medium.com
Cyber Briefing: 2025.01.21

👉 What’s the latest in the cyber world today?

Details & Relations Graph Source
21.01.2025 | trustwave.com
The New Face of Ransomware: Key Players and Emerging Tactics of 2024

As we step into 2025, the high-impact, financially motivated ransomware landscape continues to evolve.

Details & Relations Graph Source
21.01.2025 | thecyberexpress.com
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The

Details & Relations Graph Source
21.01.2025 | securityaffairs.com
CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits.

Details & Relations Graph Source
21.01.2025 | sophos.com
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”

Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware.

Details & Relations Graph Source
21.01.2025 | infosecurity-magazine.com
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing

Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware

Details & Relations Graph Source
21.01.2025 | medium.com
TA505 Threat Hunting: Advanced Queries for Detecting Malware and Cyber Attacks

TA505 is a financially motivated cybercriminal threat group that has been active since at least 2015, often referred to as GOLD TAHOE or…

Details & Relations Graph Source
21.01.2025 | malware.news
InvisibleFerret Malware: Technical Analysis

Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enrol…

Details & Relations Graph Source
21.01.2025 | any.run
InvisibleFerret Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog

Discover a detailed technical analysis of the InvisibleFerret malware that targets businesses across different industries.

Details & Relations Graph Source
21.01.2025 | malware.news
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Overview …

Details & Relations Graph Source
21.01.2025 | securityaffairs.com
Experts found multiple flaws in Mercedes-Benz infotainment system

Kaspersky researchers shared details about multiple vulnerabilities impacting the Mercedes-Benz MBUX infotainment system.

Details & Relations Graph Source
21.01.2025 | qualys.com
Mass Campaign of Murdoc Botnet Mirai: A New Variant of Corona Mirai | Qualys Security Blog

The Qualys Threat Research Unit has uncovered a large-scale, ongoing operation within the Mirai campaign, dubbed Murdoc Botnet. This variant exploits vulnerabilities targeting AVTECH Cameras and…

Details & Relations Graph Source
21.01.2025 | malware.news
Unveiling Silent Lynx APT Targeting Entities Across Kyrgyzstan & Neighbouring Nations

Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your…

Details & Relations Graph Source
21.01.2025 | prsol.cc
ハッカーがソースコードを盗んだと主張し、HPEが侵害を調査 - PRSOL:CC

Hewlett Packard Enterprise (HPE)は、脅威行為者が同社の開発者環境からドキュメントを盗んだと述べた後、新たな侵害の主張を調査している。 同社は、セキュリティ侵害の証拠は見つかっていないが、脅威行為者の主張を調査中であると述べている。 「HPEは1月16日、IntelBrokerと呼ばれるグループがHPEの情報を所有していると主張していることに気づいた」と、広報担当のクレア・ロックスリー(Clare Loxley)氏は述べた。 「HPEは直ちにサイバー対応プロトコルを起動し、関連する認証情報を無効にし、申し立ての正当性を評価するための調査を開始しました。現時点では…

Details & Relations Graph Source
21.01.2025 | redpacketsecurity.com
CVE Alert: CVE-2025-23221 - RedPacket Security

Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. This vulnerability allows a user to maneuver the

Details & Relations Graph Source
21.01.2025 | tistory.com
Kimsuky(김수키)에서 만든 공적조서(개인,양식)로 위장한 악성코드

오늘은 Kimsuky(김수키)에서 만든 공적조서(개인,양식)로 위장한 악성코드인 공적 조서(개인,양식).lnk 에 대해 글을 적어보겠습니다.일단 해당 악성코드는 lnk 파일 형식으로 돼 있으며 해당 악성코드를 열어 보면 PowerShell 로 동작을 합니다.StringData{ namestring: relativepath: not present workingdir: not present commandlinearguments: /k for /f "tok(e)ns=*" %a in ('dir C:\Wind…

Details & Relations Graph Source
21.01.2025 | anquanke.com
工业交换机漏洞可被远程利用-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
21.01.2025 | cyberscoop.com
Ransomware groups pose as fake tech support over Teams

A researcher at Sophos told CyberScoop that the company observed these tactics being used against multiple individuals and at least 15 organizations.

Details & Relations Graph Source
21.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans les produits Elastic - CERT-FR
Details & Relations Graph Source
21.01.2025 | anquanke.com
黑客声称窃取源代码,HPE 对漏洞进行调查-安全KER - 安全资讯平台

安全KER - 安全资讯平台

Details & Relations Graph Source
21.01.2025 | qq.com
【奇安信情报沙箱】警惕伪装为文档的恶意快捷方式(LNK)文件

奇安信威胁情报中心近期发现一个恶意ZIP压缩包,其中包含一个LNK文件,会触发powershell执行,创建一个EXE文件,该EXE通过计划任务实现持久化,与C2通信并窃取多种数据。根据分析关联到名为ZIZI Stealer的恶意软件

Details & Relations Graph Source
21.01.2025 | bleepingcomputer.com
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks

Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network.

Details & Relations Graph Source
21.01.2025 | bleepingcomputer.com
7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now

​A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users' computers when extracting malicious files from nested archives.

Details & Relations Graph Source
21.01.2025 | recordedfuture.com
Cleo MFT Vulnerability CVE-2024-50623: Critical RCE Risk

Learn about CVE-2024-50623 affecting Cleo MFT products. Patch now to prevent RCE attacks and secure your systems.

Details & Relations Graph Source
21.01.2025 | jvn.jp
JVN#83855727: FortiWeb vulnerable to SQL injection
Details & Relations Graph Source
20.01.2025 | medium.com
Does Malware Detect Virtual Machines?

Virtual machines are a digital laboratory for malware analysis, an essential part of a malware analyst’s job, providing a safe haven where…

Details & Relations Graph Source
20.01.2025 | securityaffairs.com
Esperts found new DoNot Team APT group's Android malware

Researchers linked the threat actor DoNot Team to a new Android malware that was employed in highly targeted cyber attacks.

Details & Relations Graph Source
20.01.2025 | medium.com
Analyst’s Note — Kimsuky

The threat actor known as Kimsuky, also referred to as Emerald Sleet, has been observed targeting a United States-based think tank. The…

Details & Relations Graph Source
20.01.2025 | medium.com
THREAT INTELLIGENCE: UNVEILING SUPPOSED APT38’S ATTACK INFRASTRUCTURE USING FAVICON HASH

APT38 — also known as NICKEL GLADSTONE, BeagleBoyz, Bluenoroff, Stardust Chollima, Sapphire Sleet, and COPERNICIUM — has been linked to…

Details & Relations Graph Source
20.01.2025 | infosecurity-magazine.com
Indian APT Group DONOT Misuses App for Intelligence Gathering

Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering

Details & Relations Graph Source
20.01.2025 | malware.news
20th January– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 20th January, please download our Threat Intelligence Bulletin. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupo…

Details & Relations Graph Source
20.01.2025 | checkpoint.com
20th January– Threat Intelligence Report - Check Point Research

For the latest discoveries in cyber research for the week of 20th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Hotel management platform Otelier has suffered a data breach that resulted in extraction of almost eight terabytes of data. The threat actors comprom…

Details & Relations Graph Source
20.01.2025 | socradar.io
How Star Blizzard Exploits WhatsApp in Spear Phishing Campaign - SOCRadar® Cyber Intelligence Inc.

Star Blizzard has shifted focus to exploiting WhatsApp accounts through malicious QR codes in their latest campaign...

Details & Relations Graph Source
20.01.2025 | malware.news
Cyble Sensors Detect Attacks on Check Point, Ivanti and More

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Cyble honeypot…

Details & Relations Graph Source
20.01.2025 | gbhackers.com
Hackers Weaponize MSI Packages & PNG Files to Deliver Multi-stage Malware

Researchers have reported a series of sophisticated cyber attacks aimed at organizations in Chinese-speaking regions.

Details & Relations Graph Source
20.01.2025 | malware.news
Qbot is Back.Connect

By: Joshua Platt, Jason Reaves and Jonathan McCay QBot is a modular information stealer also known as Qakbot or Pinkslipbot. It has been active since around 2007. It has historically been known as a banking Trojan, meaning that it steals financial data from infected systems, and a loader using C2 (…

Details & Relations Graph Source
20.01.2025 | medium.com
Qbot is Back.Connect

By: Joshua Platt, Jason Reaves and Jonathan McCay

Details & Relations Graph Source
20.01.2025 | medium.com
Developers, be careful when installing homebrew

January 18, 2025, Ryan Chenkie, web developer and multi-business owner, warned users on Twitter about a malware campaign using google’s…

Details & Relations Graph Source
20.01.2025 | medium.com
The Feed 2025–01-

How A Large-Scale Russian Botnet Operation Stays Under the Radar : A large botnet that takes advantage of misconfigured DNS records is…

Details & Relations Graph Source
20.01.2025 | eff.org
EFF Transition Memo to Trump Administration 2025

Contents 1. Introduction2. SurveillanceForeign Intelligence Surveillance Act Section 702Facial Recognition TechnologyBorder Search and Immigration SurveillanceSurveillance Tech at the Border and the Virtual WallReproductive Justice and Digital Surveillance2. Encryption and CybersecurityEnd-to-End...

Details & Relations Graph Source
20.01.2025 | securityboulevard.com
Privacy Roundup: Week 3 of Year 2025

This is a news item roundup of privacy or privacy-related news items for 12 JAN 2025 - 18 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional "security" content mixed-in here due to the close relationship between online privacy and c…

Details & Relations Graph Source
20.01.2025 | cyble.com
Cyble Sensors Detect Attacks On Check Point, Ivanti And More

Cyble honeypots have detected vulnerability exploits on Check Point and Ivanti products, databases, CMS systems, and many other IT products.

Details & Relations Graph Source
20.01.2025 | malware.news
Racing for everyone: descriptor describes TOCTOU in Apple's core

This blog post is about a new type of vulnerabilities in IOKit I discovered and submitted to Apple in 2016. I did a brief scan using a IDA script on MacOS and found at least four bugs with 3 CVEs assigned (CVE-2016-7620/4/5), see https://support.apple.com/kb/HT207423. I was told afterwards that the…

Details & Relations Graph Source
20.01.2025 | malware.news
A bunch of Red Pills: VMware Escapes

BackgroundVMware is one of the leaders in virtualization nowadays. They offer VMware ESXi for cloud, and VMware Workstation and Fusion for Desktops (Windows, Linux, macOS). The technology is very well known to the public: it allows users to run unmodified guest “virtual machines”. Often those virtu…

Details & Relations Graph Source
20.01.2025 | malware.news
Emerging Defense in Android Kernel

There was a time that every Linux kernel hacker loves Android. It comes with a kernel from stone-age with merely any exploit mitigation. Writing exploit with any N-day available was just a walk in the park. Now a days Google, ARM and many other SoC/device vendors have put many efforts hardening the…

Details & Relations Graph Source
20.01.2025 | redpacketsecurity.com
Fortinet Products Multiple Vulnerabilities - RedPacket Security

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of

Details & Relations Graph Source
20.01.2025 | medium.com
RST TI Report Digest: 20 Jan 2025

We analysed 49 threat intelligence articles that we collected last week and are sharing a short summary of 10 of them.

Details & Relations Graph Source
20.01.2025 | securityaffairs.com
Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology's industrial devices.

Details & Relations Graph Source
20.01.2025 | qq.com
APT-C-26(Lazarus)组织持续升级攻击武器,利用Electron程序瞄准加密货币行业

​360高级威胁研究院捕获到了Lazarus组织利用Electron打包的恶意程序,该程序伪装成货币平台的自动化交易工具安装包,被用来对加密货币行业相关人员进行攻击

Details & Relations Graph Source
20.01.2025 | redpiranha.net
Threat Intelligence Report January 14th – January 20th, 2025

Red Piranha detected 2 new threats: SocGholish and Lumma Stealer. This week’s ransomware in focus is Lynx Ransomware.

Details & Relations Graph Source
20.01.2025 | bleepingcomputer.com
HPE investigates breach as hacker claims to steal source code

Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company's developer environments.

Details & Relations Graph Source
20.01.2025 | sentinelone.com
2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

Learn about the key macOS malware families from 2024, including tactics, IoCs, opportunities for detection, and links to further reading.

Details & Relations Graph Source
20.01.2025 | yarix.com
Zyxel vulnerability exploited by "Helldown" ransomware group

Introduction As Yarix's Incident Response Team, our responsibilities are to manage critical issues related to cyber-attacks carried out by cybercriminals, intervening promptly in order to guarantee security to victim companies and to minimize latent risks, analyzing the systems within their infrast…

Details & Relations Graph Source
20.01.2025 | seqrite.com
Unveiling Silent Lynx APT: Targeting Central Asian Entities with Malicious Campaigns

Seqrite Labs uncovers Silent Lynx, a new APT group targeting government entities in Kyrgyzstan and neighboring nations. This in-depth analysis explores their campaigns, including malicious ISO files, C++ loaders, PowerShell scripts, and Golang implants, leveraging Telegram for command and control.

Details & Relations Graph Source
20.01.2025 | ssi.gouv.fr
Multiples vulnérabilités dans Microsoft Edge - CERT-FR
Details & Relations Graph Source
20.01.2025 | aqniu.com
验证码对抗之殇 Clickfix最新钓鱼事件分析报告 - 安全牛

安全牛

Details & Relations Graph Source
20.01.2025 | ssi.gouv.fr
Bulletin d'actualité CERTFR-2025-ACT-003 - CERT-FR
Details & Relations Graph Source
19.01.2025 | malware.news
Malware development trick 44: Stealing data via legit GitHub API. Simple C example

﷽ Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Hello, cyber…

Details & Relations Graph Source
19.01.2025 | securityaffairs.com
Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

Details & Relations Graph Source
19.01.2025 | malware.news
Tracking Adversaries: Ghostwriter APT Infrastructure

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Introduction to …

Details & Relations Graph Source
19.01.2025 | medium.com
Weekly Cybersecurity Roundup: Jan 13, 2025 — Jan 19, 2025

Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments

Details & Relations Graph Source
19.01.2025 | medium.com
10 Serangan Cyber Paling Bersejarah yang Mengubah Dunia Internet

Keamanan siber kini menjadi bagian tak terpisahkan dari era digital. Dengan semakin banyak data yang disimpan secara online.

Details & Relations Graph Source
19.01.2025 | bushidotoken.net
Tracking Adversaries: Ghostwriter APT Infrastructure

CTI, threat intelligence, OSINT, malware, APT, threat hunting, threat analysis, CTF, cybersecurity, security

Details & Relations Graph Source
19.01.2025 | heise.de
Missing Link: Die Ära der Ransomware beginnt mit einer 5,25"-Diskette

Vor 35 Jahren markierte eine schlichte 5,25 Zoll-Diskette mit der Aufschrift "AIDS Information" den Beginn einer der größten Geißeln der vernetzten Menschheit.

Details & Relations Graph Source
19.01.2025 | zerodayinitiative.com
ZDI-25-031

Ivanti Endpoint Manager MyResolveEventHandler Untrusted Search Path Remote Code Execution Vulnerability

Details & Relations Graph Source