Boost this channel to help it unlock additional features.

Contribute to scafroglia93/blocklists development by creating an account on GitHub.

Programming languages that operate on a virtual machine often promise safety guards against many unsafe operations. However, virtual machines can have pretty serious bugs. In this post, we explore one interesting limitation of self-contained applications…

Computer System Interrupts From pressing a key on your keyboard to displaying text on the screen, computer system interrupts play a key role. This blog post will review the hardware and software interactions facilitating this process.

Boost this channel to help it unlock additional features.

APT Stately Taurus (aka Mustang Panda) conducted cyberespionage against a Southeast Asian government, including data exfiltration from compromised networks.

A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code.

We analyze waves of attacks on a Southeast Asian government linked to Alloy Taurus. By exploiting exchange servers, the attackers established a foothold for long-term espionage.

Threat activity targeting a Southeast Asian government could provide insight into the workings of APT Gelsemium. We examine the rare TTPs we observed in two attacks.

A tool for checking the security hardening options of the Linux kernel - a13xp0p0v/kernel-hardening-checker

RunPE implementation with multiple evasive techniques (1) - Maldev-Academy/MaldevAcademyLdr.1

DHS outlined a series of actionable recommendations on how the federal government can streamline and harmonize the reporting of cyber incidents to better protect the nation’s critical infrastructure. These recommendations provide a clear path forward for…

Sonatype tracks an ongoing campaign that uses npm packages to retrieve and exfiltrate Kubernetes configuration and SSH keys to an external server

Key Takeaways Proofpoint has observed an increase in activity from specific malware families targeting Chinese-language speakers. Campaigns include Chinese-language lures and malware

FIRST CTI Symposium 2023 will take place from 6 to 8 November in Berlin. There will be one day of training followed by two days of plenary sessions. This event will be open to both FIRST members an…

HVNC Attacks allow attackers to work comfortably on their victims’ machines. Let’s investigate such attacks.

This Threat Intelligence Report examines ransomware groups that have shifted their focus towards data extortion & explores the reasons behind this change.

Back in the late 1970s, the most popular memory chip was Mostek's MK4116, holding a whopping (for the time) 16 kilobits. It provided stor...