22 matches found
An Evidence-Driven Analysis of Threat Information Sharing Challenges for Industrial Control Systems and Future Directions
The increasing cyber threats to critical infrastructure highlight the importance of private companies and government agencies in detecting and sharing information about threat activities. Although the need for improved threat information sharing is widely recognized, various technical and...
CVE-2025-50485
creationtimestamp| type| source ---|---|--- 2025-07-28 23:02:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv2p5xykrx2d...
CVE-2025-32953
creationtimestamp| type| source ---|---|--- 2025-04-18 20:59:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12538 2025-04-18 23:30:24+00:00| published-proof-of-concept| Telegram/oRg411HAomHdISM9O3TVQssrB2w8dJGX9X47vDNRx0yd1g 2025-04-18 23:36:24+00:00| seen|...
CVE-2025-1165
creationtimestamp| type| source ---|---|--- 2025-02-11 00:33:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113982440858731555 2025-02-11 01:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuicdxh2y2o 2025-02-11 02:00:19+00:00|...
CVE-2024-56038
creationtimestamp| type| source ---|---|--- 2025-01-02 09:38:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113758091123971661 2025-01-02 10:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leqtts4qgv2i 2025-01-02 10:42:35+00:00| seen|...
CVE-2024-52573
creationtimestamp| type| source ---|---|--- 2024-11-18 19:03:32+00:00| seen| https://t.me/cvedetector/11352 2024-11-19 06:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1527/ 2024-11-19 17:18:02+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113510756015313793...
Introducing Advanced Device Control: Shielding businesses from USB threats
With experts noting a troubling threefold surge in USB drive malware incidents in early 2023, Device Control has just leveled up with a key addition: the Advanced Auto Scanning & Block Until Scan feature. Heres the breakdown: When a USB device is connected, ThreatDown now doesnt just control...
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
The Cybersecurity and Infrastructure Security Agency CISA has released an update to a previously published Cybersecurity Advisory CSA, Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations...
Year in Review: Rapid7 Threat Intelligence
In an evolving threat landscape, non-stop alerts and more IOC feeds don’t guarantee better protection. Security teams are overwhelmed and struggle to identify relevant threat information. Thankfully, Threat Command delivers highly contextual alerts and integration across your environment to help...
CISA Upgrades to TLP 2.0
Today, CISA officially upgraded to Traffic Light Protocol TLP 2.0, which facilitates greater information sharing and collaboration. CISA made this upgrade in accordance with the recommendation from the Forum of Incident Response and Security Teams to upgrade to TLP 2.0 by January 2023. Key TLP 2....
Microsoft collaborates with Tenable to support federal cybersecurity efforts
On May 12, 2021, the White House issued Presidential Executive Order EO 14028 to establish cybersecurity as a national priority.1 As part of this effort, the White House has called for greater public and private sector collaboration to address the evolving threats facing federal agencies. In the...
A New Cybersecurity “Social Contract”
The US National Cyber Director Chris Inglis wrote an essay outlining a new social contract for the cyber age: The United States needs a new social contract for the digital age -- one that meaningfully alters the relationship between public and private sectors and proposes a new set of obligations...
Securing IT Assets By Prioritizing Protection And Remediation
As hackers get faster at weaponizing exploits for disclosed bugs, InfoSec teams need — more than ever — automated, continuous and precise IT asset inventorying, vulnerability management, threat prioritization and patch deployment. Critical vulnerabilities that linger unpatched for weeks or months...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...
Microsoft Publishes Information Sharing Framework
Microsoft earlier this week published a 25-page framework offering guidance on how to effectively share information and what kinds of information need to be shared in order to reduce overall risk. Information sharing has been an oft-repeated refrain in security and policy-making circles for the...
Information Sharing on Threats Seen as a Key for Auto Makers
A small segment of the security research community has been spending a lot of time tearing apart the innards of various vehicles and looking at ways that the computers and local networks that reside in modern cars can be hacked. There has been some remarkable success on this front, and while auto...
Retailers Form ISAC to Share Threat Data
From the beginning of the cybercrime epidemic, retailers have been among the most frequent targets, and the last year has seen some of the larger compromises in history. The Target data breach is at the top of that list, involving more than 100 million customers, and after years of increasingly...
NSA Officials Say Snowden Used Legitimate Access to Steal Data
It’s taken more than six months, but top officials at the National Security Agency are finally discussing some of the details of how former agency contractor Edward Snowden got access to all of the documents he stole and what kind of damage they believe the publication of the information they...
NIST Publishes Preliminary Cybersecurity Framework
Following an Executive Order issued by U.S. President Barack Obama in February of this year, the National Institute of Standards and Technology NIST yesterday made public a provisional copy of the government’s cybersecurity framework and says it will accept public comment on the draft for the nex...