Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Today, CISA—in partnership with the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), and other international partners—released updates to a Secure by Design Alert, Choosing Secure and Verifiable Technologies. Partners that provided recommendations in this alert include:
The Canadian Centre for Cyber Security (CCCS).
United Kingdom’s National Cyber Security Centre (NCSC-UK).
New Zealand’s National Cyber Security Centre (NCSC-NZ).
Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Centre (NCSC).
Cyber threats to user privacy and data are growing, requiring customers to evaluate their processes for acquiring products and services from technology manufacturers. Proactive integration of security mitigations into the procurement process can assist in managing risks present within the technology supply chain and reduce costs for organizations. This guidance aids procuring organizations and manufacturers of digital products and services in choosing and developing technology that is secure by design. This is an update to previously released guidance (Secure by Design Choosing Secure and Verifiable Technologies).
CISA and partners encourage all organizations to read the guidance to assist with making secure and informed choices when procuring digital products and services. Software manufacturers are also encouraged to incorporate the secure by design principles and practices found in the guidance. To learn more about...
December 5th, 2024 (5 months ago)
|
|
|
Description: A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs.
"Earth Minotaur uses MOONSHINE to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a
December 5th, 2024 (5 months ago)
|
|
|
Description: Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.
At its core, Vulnerability Management
December 5th, 2024 (5 months ago)
|
|
|
Description: A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion.
According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn't rule out the possibility that the intrusion may have occurred earlier.
"The attackers moved laterally
December 5th, 2024 (5 months ago)
|
|
|
Description: Kaspersky researchers demonstrate capabilities of hrtng plugin for IDA Pro, share tips on working with IDA and reverse engineer FinSpy malware with these tools.
December 5th, 2024 (5 months ago)
|
|
|
Description: The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024.
The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.
"An interesting aspect of this campaign is the comeback of a backdoor
December 5th, 2024 (5 months ago)
|
|
|
Description: Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.
December 5th, 2024 (5 months ago)
|
|
|
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows -
CVE-2024-51378 (CVSS score: 10.0) - An incorrect default permissions
December 5th, 2024 (5 months ago)
|
|
|
Description: The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America.
The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks
December 5th, 2024 (5 months ago)
|
|
|
Description: Trend Micro Incorporated has released the security updates for Deep Security Agent (for Windows) and Deep Security Notifier on DSVA (for Windows VM).
December 5th, 2024 (5 months ago)
|