1266 matches found
The 5 Stages of a CTEM Cybersecurity Program
To beat an attacker, you have to think like one. An adversary doesn't care about your compliance reports or internal severity ratings. They care about one thing: finding an exploitable path to your critical assets. So why are we still prioritizing based on theoretical scores? A modern security...
A Guide to Threat Exposure Management for Enterprises
For years, security has been an inside-out job. We scan our own systems, find our own flaws, and create our own to-do lists. But what if we flipped the script and looked at our organization from the outside-in? This is the core idea behind Threat Exposure Management. It’s a continuous process tha...
Top 5 Vulnerability Prioritization Tools for Enterprises
A high CVSS score doesn’t always equal high business risk. A critical vulnerability on a non-essential, isolated asset might be less of a priority than a medium-level one on your primary payment server. To truly manage risk, you have to connect technical data to business context. This means...
TrendAI™ Supports Global Law Enforcement Efforts
Learn how TrendAI™ and our researchers contributed threat intelligence and analysis to support INTERPOL against cybercrime...
Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence
YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...
Microsoft Graph Enterprise Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...
Microsoft Graph Advanced Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform advanced intelligence collection in Microsoft 365 environments. The module supports Azure AD application authentication or direct access tokens and enables enumeration of Azure users, SharePoint sites, OneDrive...
Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense
Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...
AI as tradecraft: How threat actors operationalize AI
In this article 1. AI as an enabler for cyberattacks 2. Post-compromise misuse of AI 3. Emerging trends 4. Mitigation guidance for AI-enabled threats 5. Microsoft Defender detections Threat actors are operationalizing AI along the cyberattack lifecycle to accelerate tradecraft, abusing both...
Cyber Threat Intelligence for Artificial Intelligence Systems
As artificial intelligence AI becomes deeply embedded in critical services and everyday products, it is increasingly exposed to security threats which traditional cyber defenses were not designed to handle. In this paper, we investigate how cyber threat intelligence CTI may evolve to address...
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
In this article 1. Operational overview of Tycoon2FA 2. Mitigation and protection guidance 3. Microsoft Defender detections Following its emergence in August 2023, Tycoon2FA rapidly became one of the most widespread phishing-as-a-service PhaaS platforms, enabling campaigns responsible for tens of...
From Threat Intelligence to Firewall Rules: Semantic Relations in Hybrid AI Agent and Expert System Architectures
Web security demands rapid response capabilities to evolving cyber threats. Agentic Artificial Intelligence AI promises automation, but the need for trustworthy security responses is of the utmost importance. This work investigates the role of semantic relations in extracting information for...
How HiveForce Labs Finds Threats Before They Hit
There’s often a huge gap between knowing about a threat and knowing if you’re protected from it. A threat feed might tell you about a new attack campaign, but that information lives in a report. It doesn't tell you what would happen if that same attack hit your network. This is the difference...
Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026
Torrance, United States / California, 2nd March 2026, CyberNewswire...
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 CVSS score: 8.8, a high-severity security feature bypass affecti...
A Practical Guide to Prioritize Cyber Risk
You have firewalls, endpoint detection, and countless other security controls in place, but how do you know they’ll work when an actual attack happens? Guesswork isn't a strategy. Breach and Attack Simulation BAS helps answer this question by safely testing your defenses against real-world attack...
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
watchpost Local threat intelligence database. Aggregates data...
AI Is Not Your Security Stack
There's a debate I keep hearing in security circles: now that large language models like Claude are so capable, do we still need dedicated cybersecurity tools? I understand the appeal of the question. AI can summarize threat reports, help write detection logic, interpret vulnerability advisories,...
Wordfence Bug Bounty Program Monthly Report – January 2026
Last month in January 2026, the Wordfence Bug Bounty Program received 897 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfenc...
Using AI to defeat AI
Welcome to this week's edition of the Threat Source newsletter. Generative AI and agentic AI are here to stay. Although I believe that the advantages that AI brings to bad guys may be overstated, these new technologies allow threat actors to conduct attacks at a faster rate than before. One...