News Feed
CISA Alerts
- #StopRansomware: Medusa Ransomware
- #StopRansomware: Ghost (Cring) Ransomware
- Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
- 2023 Top Routinely Exploited Vulnerabilities
- Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
CIS Advisors
- How to Navigate the 2025 Identity Threat Landscape
- Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
- CrowdStrike Falcon Exposure Management Expands Security to Unmanaged Network Assets with Network Vulnerability Assessment
- CrowdStrike Researchers Develop Custom XGBoost Objective to Improve ML Model Release Stability
- Announcing the CrowdStrike 2025 Global CrowdTour: Bringing the Power of the Crowd to a City Near You
- Unlocking the Privacy Advantage to Build Trust in the Age of AI
- Network Visibility Module and Zeek Detections in Secure Network Analytics
- The Benefits of a Broad and Open Integration Ecosystem
- Cisco Co-Authors Update to the NIST Adversarial Machine Learning Taxonomy
- Cisco Introduces the State of AI Security Report for 2025: Key Developments, Trends, and Predictions in AI Security
- Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
- Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
- Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation
- Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
- Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say
- Cybersecurity Professor Mysteriously Disappears as FBI Raids His Homes
- An AI Image Generator’s Exposed Database Reveals What People Really Used It For
- Top Trump Officials’ Passwords and Personal Phone Numbers Discovered Online
- Even More Venmo Accounts Tied to Trump Officials in Signal Group Chat Left Data Public
- ISC Stormcast For Thursday, April 3rd, 2025 https://isc.sans.edu/podcastdetail/9392, (Thu, Apr 3rd)
- Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive [Guest Diary], (Wed, Apr 2nd)
- Surge in Scans for Juniper "t128" Default User, (Wed, Apr 2nd)
- ISC Stormcast For Wednesday, April 2nd, 2025 https://isc.sans.edu/podcastdetail/9390, (Wed, Apr 2nd)
- ISC Stormcast For Tuesday, April 1st, 2025 https://isc.sans.edu/podcastdetail/9388, (Tue, Apr 1st)
- Celebrating 1 Year of CSF 2.0
- Privacy-Preserving Federated Learning – Future Collaboration and Continued Research
- NIST’s International Cybersecurity and Privacy Engagement Update – New Translations
- Data Pipeline Challenges of Privacy-Preserving Federated Learning
- Kicking-Off with a December 4th Workshop, NIST is Revisiting and Revising Foundational Cybersecurity Activities for IoT Device Manufacturers, NIST IR 8259!
Department of Defense
- Hegseth Speaks to Troops, NFL Players About Service and Warrior Ethos
- 'Forge Warriors, Rebuild Strength, Restore Deterrence,' Hegseth Tells Midshipmen During Academy Visit
- Nominee for Chairman: Military's Top Job is Creating Peace Through Strength
- Defense Secretary Directs Services to Match Combat Arms Standards to Mission Requirements
- Leaders Describe Host of Threats to Homeland, Steps to Mitigate Them
AI News
- Kay Firth-Butterfield, formerly WEF: The future of AI, the metaverse and digital transformation
- AI streamlines budgeting, but human oversight essential
- Tony Blair Institute AI copyright report sparks backlash
- Study claims OpenAI trains AI models on copyrighted data
- Amazon Nova Act: A step towards smarter, web-native AI agents
- Blagojevich has new job working for ‘Bosnian Bear’ politician with ties to Putin
- DOGE uncovers VA’s agreement to pay $380K per month for minor website modifications
- Transportation Sec Sean Duffy slams blue state governor, says criminals 'continue to terrorize' city residents
- Ted Cruz clashes with key Democrat over 'second phase of lawfare' through federal judges' orders
- SCOOP: White House rallies House GOP on Trump tariff plan in secret call
- Supreme Court rules for the FDA in flavored vapes dispute
- Europe's pharma industry braces for tariffs as carve-out hopes fade
- Eli Lilly sues two pharmacies making copycat Zepbound, Mounjaro
- Hims & Hers shares rise as company adds new weight-loss medications to platform
- Trump's tariffs are a new challenge for Big Pharma. Here are the best-positioned stocks
- Jackson Hole’s Housing Market Isn’t Coming Back Down to Earth Anytime Soon
- Why the Megarich Insist on Buying Homes in Extreme Weather Zones
- Sold for $86 Million: An L.A. Compound With Rod Stewart’s Former Mansion
- Debra Messing Felt Isolated as a Kid. ‘I Love Lucy’ Became Her Escape.
- This Real-Estate Developer Is Going Big on Retail When No One Else Will
- Reintroduced anti-CBDC bill passes US House Financial Services Committee
- PayPal activates native Solana and Chainlink support for users in US territories
- South Korea may open up local crypto market to foreign investors if AML strengthens: report
- House Financial Services Committee votes to advance bill to regulate stablecoins
- Crypto markets fall after Trump lays out sweeping reciprocal tariffs; Ethereum, Solana drop 6%
- Southern California congregations shelter migrants left in legal limbo
- Supreme Court seems ready to let religious groups opt out of unemployment compensation laws
- Catholic Charities tests Wisconsin's unemployment payment system at Supreme Court
- Am I a god?! Why "manifesting" your reality is easier than ever
- The Sounds of Ramadan in Gaza
- Trump will 'buckle under pressure' if Europe bands together over tariffs, German economy minister says
- European defense giants eye Starlink alternative within months
- Trump's tariffs incite fury in China and dismay in Europe: Live updates
- UK escapes worst of Trump's tariff wrath with 10% levy but warns of 'threat' to global economy
- European markets retreat on U.S. tariff news; trade bellwether Maersk down 8%: Live updates
Passive
Active
Ping / Traceroute
Web application security research, including the OWASP Top 10 vulnerabilities.
Shodan
Search engine for internet-exposed devices, useful for reconnaissance and attack surface mapping.
ThreatMiner
An OSINT platform for researching indicators of compromise (IOCs) and cyber threat intelligence.
CVE Details
Searchable database of known vulnerabilities (CVEs) with exploit and patch details.
AlienVault OTX
Community-driven platform for sharing cyber threat intelligence and attack trends.
Cyber Threat Watch
A real-time monitoring tool providing insights on emerging cyber threats and vulnerabilities.
Cyber Analytics Repository
A database of security analytics based on ATT&CK, with implementations for tools like Splunk and EQL.
Emulation Plans
Step-by-step guides to mimic threat groups like APT3, APT29, and FIN6 for security testing.
N8N
A database of security analytics based on ATT&CK, with implementations for tools like Splunk and EQL.
Elicit
Step-by-step guides to mimic threat groups like APT3, APT29, and FIN6 for security testing.
Nikto
A web server scanner that detects vulnerabilities, misconfigurations, and outdated software.
Metasploit
A penetration testing framework for exploiting vulnerabilities and testing security defenses.
Burp Suite
Web application security testing tool for detecting vulnerabilities like XSS and SQL injection.