piggo
@pigondrugs.bsky.social
I sheer alpacas and try to defend the internet from malware
~Socket~
Massive spam campaign floods npm to abuse the TEA Protocol crypto scheme; it is not a worm and poses no direct security threat.
-
IOCs: tea. xyz
-
#Spam #ThreatIntel #npm
Massive spam campaign floods npm to abuse the TEA Protocol crypto scheme; it is not a worm and poses no direct security threat.
-
IOCs: tea. xyz
-
#Spam #ThreatIntel #npm
TEA Protocol Spam Floods npm
socket.dev
November 17, 2025 at 5:08 PM
~Socket~
Massive spam campaign floods npm to abuse the TEA Protocol crypto scheme; it is not a worm and poses no direct security threat.
-
IOCs: tea. xyz
-
#Spam #ThreatIntel #npm
Massive spam campaign floods npm to abuse the TEA Protocol crypto scheme; it is not a worm and poses no direct security threat.
-
IOCs: tea. xyz
-
#Spam #ThreatIntel #npm
~Socket~
Malicious npm packages use Adspect cloaking to fingerprint users and redirect victims to malicious sites while evading researchers.
-
IOCs: association-google. xyz, appprotector. online, protectorapp. online
-
#Malware #ThreatIntel #npm
Malicious npm packages use Adspect cloaking to fingerprint users and redirect victims to malicious sites while evading researchers.
-
IOCs: association-google. xyz, appprotector. online, protectorapp. online
-
#Malware #ThreatIntel #npm
npm Malware Uses Adspect Cloaking for Malicious Redirects
socket.dev
November 17, 2025 at 5:07 PM
~Socket~
Malicious npm packages use Adspect cloaking to fingerprint users and redirect victims to malicious sites while evading researchers.
-
IOCs: association-google. xyz, appprotector. online, protectorapp. online
-
#Malware #ThreatIntel #npm
Malicious npm packages use Adspect cloaking to fingerprint users and redirect victims to malicious sites while evading researchers.
-
IOCs: association-google. xyz, appprotector. online, protectorapp. online
-
#Malware #ThreatIntel #npm
~Sentinelone~
New LLM-enabled malware generates code at runtime but can be detected by hunting for hardcoded API keys and prompts.
-
IOCs: PromptLock, PROMPTSTEAL, MalTerminal
-
#AI #Malware #ThreatIntel
New LLM-enabled malware generates code at runtime but can be detected by hunting for hardcoded API keys and prompts.
-
IOCs: PromptLock, PROMPTSTEAL, MalTerminal
-
#AI #Malware #ThreatIntel
LLM-Enabled Malware In the Wild
www.sentinelone.com
November 17, 2025 at 5:05 PM
~Sentinelone~
New LLM-enabled malware generates code at runtime but can be detected by hunting for hardcoded API keys and prompts.
-
IOCs: PromptLock, PROMPTSTEAL, MalTerminal
-
#AI #Malware #ThreatIntel
New LLM-enabled malware generates code at runtime but can be detected by hunting for hardcoded API keys and prompts.
-
IOCs: PromptLock, PROMPTSTEAL, MalTerminal
-
#AI #Malware #ThreatIntel
~Mandiant~
Iran-nexus actor UNC1549 targets aerospace & defense via third-party compromise, phishing, and custom malware for espionage.
-
IOCs: 104. 194. 215. 88, 13. 60. 50. 172, 167. 172. 137. 208
-
#Espionage #ThreatIntel #UNC1549
Iran-nexus actor UNC1549 targets aerospace & defense via third-party compromise, phishing, and custom malware for espionage.
-
IOCs: 104. 194. 215. 88, 13. 60. 50. 172, 167. 172. 137. 208
-
#Espionage #ThreatIntel #UNC1549
UNC1549 Targets Aerospace & Defense with Custom Malware
cloud.google.com
November 17, 2025 at 5:03 PM
~Mandiant~
Iran-nexus actor UNC1549 targets aerospace & defense via third-party compromise, phishing, and custom malware for espionage.
-
IOCs: 104. 194. 215. 88, 13. 60. 50. 172, 167. 172. 137. 208
-
#Espionage #ThreatIntel #UNC1549
Iran-nexus actor UNC1549 targets aerospace & defense via third-party compromise, phishing, and custom malware for espionage.
-
IOCs: 104. 194. 215. 88, 13. 60. 50. 172, 167. 172. 137. 208
-
#Espionage #ThreatIntel #UNC1549
~Socket~
PyPI has expanded its tokenless Trusted Publishing feature to support GitLab Self-Managed instances, enhancing software supply chain security.
-
IOCs: (None identified)
-
#GitLab #PyPI #SupplyChainSecurity #ThreatIntel
PyPI has expanded its tokenless Trusted Publishing feature to support GitLab Self-Managed instances, enhancing software supply chain security.
-
IOCs: (None identified)
-
#GitLab #PyPI #SupplyChainSecurity #ThreatIntel
PyPI Expands Trusted Publishing to GitLab Self-Managed
socket.dev
November 15, 2025 at 4:05 AM
~Socket~
PyPI has expanded its tokenless Trusted Publishing feature to support GitLab Self-Managed instances, enhancing software supply chain security.
-
IOCs: (None identified)
-
#GitLab #PyPI #SupplyChainSecurity #ThreatIntel
PyPI has expanded its tokenless Trusted Publishing feature to support GitLab Self-Managed instances, enhancing software supply chain security.
-
IOCs: (None identified)
-
#GitLab #PyPI #SupplyChainSecurity #ThreatIntel
~Paloalto~
Large-scale campaigns impersonate popular software to deliver Gh0st RAT to Chinese-speaking users using increasingly evasive TTPs.
-
IOCs: 156. 251. 25. 112, 103. 181. 134. 138, 95. 173. 197. 195
-
#Gh0stRAT #Malware #ThreatIntel
Large-scale campaigns impersonate popular software to deliver Gh0st RAT to Chinese-speaking users using increasingly evasive TTPs.
-
IOCs: 156. 251. 25. 112, 103. 181. 134. 138, 95. 173. 197. 195
-
#Gh0stRAT #Malware #ThreatIntel
Evolving Impersonation Campaigns Distribute Gh0st RAT
unit42.paloaltonetworks.com
November 15, 2025 at 4:04 AM
~Paloalto~
Large-scale campaigns impersonate popular software to deliver Gh0st RAT to Chinese-speaking users using increasingly evasive TTPs.
-
IOCs: 156. 251. 25. 112, 103. 181. 134. 138, 95. 173. 197. 195
-
#Gh0stRAT #Malware #ThreatIntel
Large-scale campaigns impersonate popular software to deliver Gh0st RAT to Chinese-speaking users using increasingly evasive TTPs.
-
IOCs: 156. 251. 25. 112, 103. 181. 134. 138, 95. 173. 197. 195
-
#Gh0stRAT #Malware #ThreatIntel
~Cisa~
Unauthenticated path traversal vulnerability CVE-2025-64446 in FortiWeb is actively exploited, allowing remote administrative command execution.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
Unauthenticated path traversal vulnerability CVE-2025-64446 in FortiWeb is actively exploited, allowing remote administrative command execution.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
Fortinet FortiWeb Path Traversal Vulnerability
www.cisa.gov
November 15, 2025 at 4:01 AM
~Cisa~
Unauthenticated path traversal vulnerability CVE-2025-64446 in FortiWeb is actively exploited, allowing remote administrative command execution.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
Unauthenticated path traversal vulnerability CVE-2025-64446 in FortiWeb is actively exploited, allowing remote administrative command execution.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
~Trendmicro~
Threat actors are leveraging agentic AI to automate and scale sophisticated attacks, requiring enterprises to adopt AI-driven defenses.
-
IOCs: (None identified)
-
#AI #Cybercrime #ThreatIntel
Threat actors are leveraging agentic AI to automate and scale sophisticated attacks, requiring enterprises to adopt AI-driven defenses.
-
IOCs: (None identified)
-
#AI #Cybercrime #ThreatIntel
Defense Against AI-Led Cyberattacks
www.trendmicro.com
November 14, 2025 at 8:07 PM
~Trendmicro~
Threat actors are leveraging agentic AI to automate and scale sophisticated attacks, requiring enterprises to adopt AI-driven defenses.
-
IOCs: (None identified)
-
#AI #Cybercrime #ThreatIntel
Threat actors are leveraging agentic AI to automate and scale sophisticated attacks, requiring enterprises to adopt AI-driven defenses.
-
IOCs: (None identified)
-
#AI #Cybercrime #ThreatIntel
~Cisa~
CISA warns of active exploitation of a Fortinet FortiWeb path traversal vulnerability (CVE-2025-64446) by adding it to the KEV catalog.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
CISA warns of active exploitation of a Fortinet FortiWeb path traversal vulnerability (CVE-2025-64446) by adding it to the KEV catalog.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
CISA Adds Fortinet FortiWeb Vuln to KEV Catalog
www.cisa.gov
November 14, 2025 at 8:01 PM
~Cisa~
CISA warns of active exploitation of a Fortinet FortiWeb path traversal vulnerability (CVE-2025-64446) by adding it to the KEV catalog.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
CISA warns of active exploitation of a Fortinet FortiWeb path traversal vulnerability (CVE-2025-64446) by adding it to the KEV catalog.
-
IOCs: CVE-2025-64446
-
#CVE202564446 #Fortinet #ThreatIntel
~Socket~
The 'Safery: Ethereum Wallet' Chrome extension exfiltrates crypto seed phrases via Sui blockchain transactions.
-
IOCs: kifagusertyna@gmail[. ]com, fibemlnkopkeenmmgcfohhcdbkhgbolo
-
#Crypto #Malware #ThreatIntel
The 'Safery: Ethereum Wallet' Chrome extension exfiltrates crypto seed phrases via Sui blockchain transactions.
-
IOCs: kifagusertyna@gmail[. ]com, fibemlnkopkeenmmgcfohhcdbkhgbolo
-
#Crypto #Malware #ThreatIntel
Malicious Chrome Wallet Steals Seed Phrases
socket.dev
November 14, 2025 at 5:03 PM
~Socket~
The 'Safery: Ethereum Wallet' Chrome extension exfiltrates crypto seed phrases via Sui blockchain transactions.
-
IOCs: kifagusertyna@gmail[. ]com, fibemlnkopkeenmmgcfohhcdbkhgbolo
-
#Crypto #Malware #ThreatIntel
The 'Safery: Ethereum Wallet' Chrome extension exfiltrates crypto seed phrases via Sui blockchain transactions.
-
IOCs: kifagusertyna@gmail[. ]com, fibemlnkopkeenmmgcfohhcdbkhgbolo
-
#Crypto #Malware #ThreatIntel
~Elastic~
DragonBreath APT uses new multi-stage loader RONINGLOADER to disable security tools via PPL abuse and deploy a gh0st RAT variant.
-
IOCs: qaqkongtiao. com
-
#DragonBreath #RoningLoader #ThreatIntel
DragonBreath APT uses new multi-stage loader RONINGLOADER to disable security tools via PPL abuse and deploy a gh0st RAT variant.
-
IOCs: qaqkongtiao. com
-
#DragonBreath #RoningLoader #ThreatIntel
DragonBreath APT Deploys RONINGLOADER
www.elastic.co
November 14, 2025 at 4:02 AM
~Elastic~
DragonBreath APT uses new multi-stage loader RONINGLOADER to disable security tools via PPL abuse and deploy a gh0st RAT variant.
-
IOCs: qaqkongtiao. com
-
#DragonBreath #RoningLoader #ThreatIntel
DragonBreath APT uses new multi-stage loader RONINGLOADER to disable security tools via PPL abuse and deploy a gh0st RAT variant.
-
IOCs: qaqkongtiao. com
-
#DragonBreath #RoningLoader #ThreatIntel
~Cisa~
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA Releases 18 ICS Advisories
www.cisa.gov
November 13, 2025 at 8:01 PM
~Cisa~
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
CISA released 18 new advisories detailing security issues and vulnerabilities in various Industrial Control Systems.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability
~Mandiant~
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
TTD for .NET Malware Analysis
cloud.google.com
November 13, 2025 at 5:07 PM
~Mandiant~
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
Learn to use Time Travel Debugging (TTD) to analyze obfuscated .NET malware and extract an AgentTesla payload.
-
IOCs: 4dfe67a8f1751ce0c29f7f44295e6028ad83bb8b3a7e85f84d6e251a0d7e3076
-
#MalwareAnalysis #TTD #ThreatIntel
~Cisa~
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA Updates Akira Ransomware Advisory
www.cisa.gov
November 13, 2025 at 5:05 PM
~Cisa~
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
CISA and partners updated the Akira ransomware advisory with new TTPs, including the use of POORTRY and STONETOP malware.
-
IOCs: POORTRY, STONETOP, SystemBC
-
#Akira #Ransomware #ThreatIntel
~Checkpoint~
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 Ransomware: Fragmentation & LockBit's Return
research.checkpoint.com
November 13, 2025 at 5:04 PM
~Checkpoint~
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
Q3 2025 saw record ransomware group fragmentation, with Qilin leading attacks and LockBit re-emerging with version 5.0.
-
IOCs: (None identified)
-
#LockBit #Qilin #Ransomware #ThreatIntel
~Trendmicro~
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer Adds Browser Fingerprinting
www.trendmicro.com
November 13, 2025 at 12:34 PM
~Trendmicro~
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
Lumma Stealer malware has resurged, adding browser fingerprinting to its C2 tactics for improved evasion and targeting.
-
IOCs: pabuloa. asia, jamelik. asia
-
#InfoStealer #LummaStealer #ThreatIntel
~Sophos~
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft November 2025 Patch Tuesday
news.sophos.com
November 13, 2025 at 4:04 AM
~Sophos~
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
Microsoft's Nov. Patch Tuesday addresses 63 vulns, including 4 critical and one actively exploited Windows Kernel flaw (CVE-2025-62215).
-
IOCs: CVE-2025-62215
-
#CVE202562215 #Microsoft #PatchTuesday #ThreatIntel
~Socket~
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
Socket at Black Hat/BSides London
socket.dev
November 13, 2025 at 4:03 AM
~Socket~
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
The Socket team will be at Black Hat Europe and BSides London in December to discuss software supply chain security.
-
IOCs: (None identified)
-
#BSides #BlackHat #SupplyChain #ThreatIntel
~Cisa~
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA Guidance: Cisco ASA/FTD Vulns
www.cisa.gov
November 12, 2025 at 8:01 PM
~Cisa~
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
CISA released guidance for Emergency Directive 25-03, mandating immediate patching for critical Cisco ASA & Firepower vulnerabilities.
-
IOCs: CVE-2025-20333, CVE-2025-20362
-
#CVE202520333 #Cisco #ThreatIntel
~Cisa~
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA Adds 3 Exploited Vulns to KEV
www.cisa.gov
November 12, 2025 at 5:57 PM
~Cisa~
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
CISA adds three new actively exploited vulnerabilities to its KEV catalog affecting WatchGuard, Gladinet, and Microsoft products.
-
IOCs: CVE-2025-9242, CVE-2025-12480, CVE-2025-62215
-
#CISA #KEV #PatchNow #ThreatIntel
~Trendmicro~
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP vs. Modern Data Security
www.trendmicro.com
November 12, 2025 at 4:03 AM
~Trendmicro~
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
Legacy DLP solutions are insufficient for modern cloud environments, failing to track complex data movement and insider risks.
-
IOCs: (None identified)
-
#CloudSecurity #DLP #DataSecurity #ThreatIntel
~Socket~
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
OWASP Top 10 2025 Adds Supply Chain Failures
socket.dev
November 11, 2025 at 8:03 PM
~Socket~
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
The OWASP Top 10 2025 adds 'Software Supply Chain Failures' as a new category, now ranked the #1 community concern.
-
IOCs: (None identified)
-
#AppSec #OWASP #SupplyChain #ThreatIntel
~Trendmicro~
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM & Trend Micro Partner for AI-Driven Mainframe Security
www.trendmicro.com
November 11, 2025 at 5:04 PM
~Trendmicro~
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
IBM and Trend Micro are co-creating an AI-driven security solution for real-time risk and compliance on IBM Z and LinuxONE mainframes.
-
IOCs: (None identified)
-
#AI #IBM #Mainframe #ThreatIntel
~Microsoft~
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft Secure Future Initiative Update
www.microsoft.com
November 11, 2025 at 5:02 PM
~Microsoft~
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
Microsoft reports progress on its Secure Future Initiative (SFI), highlighting improved MFA adoption, secure-by-default principles, and AI-driven security.
-
IOCs: (None identified)
-
#Cybersecurity #Microsoft #SFI #ThreatIntel
~Paloalto~
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Authentication Coercion Attacks Evolving via Rare RPCs
unit42.paloaltonetworks.com
November 11, 2025 at 12:33 PM
~Paloalto~
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows
Attackers are exploiting rare, unmonitored RPC functions for authentication coercion to bypass defenses and compromise domains.
-
IOCs: (None identified)
-
#AuthenticationCoercion #RPC #ThreatIntel #Windows