Browsing: Threat Intelligence

Sell Your Source: Prodaft’s Plan to Infiltrate the Dark Web

Kirsten DoyleApril 16, 20254 Mins Read

In a bold and unconventional move, cybersecurity intelligence firm Prodaft has debuted a new initiative called “Sell Your Source” (SYS)…

CISA Warns of Two Known Exploited Vulnerabilities

ISB Staff ReporterApril 11, 20253 Mins Read

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence they are being actively exploited. …

NIST Declares CVE Cutoff: Pre-2018 Vulnerabilities Now ‘Deferred’

Kirsten DoyleApril 8, 20254 Mins Read

The National Institute of Standards and Technology (NIST) has announced that all CVEs published before 1 January 2018, will be…

Fast Flux: The Invisible Cyber Threat Undermining National Security

Kirsten DoyleApril 4, 20254 Mins Read

Cybersecurity officials in the US, Australia, Canada, New Zealand, and the UK have collectively warned against a new cyber threat…

Massive Login Scanning Surge Targets Palo Alto GlobalProtect

Kirsten DoyleApril 3, 20255 Mins Read

GreyNoise researchers have observed a dramatic surge in login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect portals. Over the…

Qualys Finds Three Security Bypasses in Ubuntu’s Unprivileged User Namespace Restrictions

Kirsten DoyleMarch 31, 20252 Mins Read

The Qualys Threat Research Unit (TRU) has uncovered three security bypasses in Ubuntu’s unprivileged user namespace restrictions. Researchers disclosed these…

Critical Flaws in Appsmith Exposed Systems to Full Takeover

Kirsten DoyleMarch 27, 20253 Mins Read

Rhino Security researchers have identified multiple critical vulnerabilities in Appsmith, an open-source developer platform commonly used for building internal applications.…

IngressNightmare: Critical Kubernetes Flaws Put 6,500+ Clusters at Risk

Kirsten DoyleMarch 27, 20255 Mins Read

Five critical security vulnerabilities have been found in the Ingress NGINX Controller for Kubernetes, potentially enabling unauthenticated remote code execution.…

Critical Use-After-Free Vulnerability Found in Chrome’s Lens Component

Kirsten DoyleMarch 26, 20253 Mins Read

Google Chrome has confirmed in a statement on 20 March that a security researcher has discovered a critical vulnerability affecting…

CISA Flags Critical Ivanti Vulnerabilities Actively Exploited in the Wild

Kirsten DoyleMarch 17, 20253 Mins Read

The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged three newly discovered Ivanti Endpoint Manager (EPM) vulnerabilities—CVE-2024-13159, CVE-2024-13160, and…