We research and share the latest identity attack techniques to help blue teams understand the threats they face.
Internet threats and cybersecurity are constantly evolving. To protect yourself and your systems, make sure you know the latest threats and solutions. Learn more from our internet security blog.
The ATT&CK Navigator is a web-based tool for annotating and exploring ATT&CK matrices. It can be used to visualize defensive coverage, red/blue team planning, the frequency of detected techniques, and more.
Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
The leading database for open source vulnerabilities and cloud misconfigurations.
The Kubenomicon was born of a desire to understand more about Kubernetes from an offensive perspective. I found many great resources to aid in my journey, but I quickly realized.
The Intelligence and research arm of Check Point Technologies provides leading cyber threat intelligence to Check Point customers and the greater intelligence community.
ThreatMiner is a threat intelligence portal that provides information on indicators of compromise (IOC) such as domains, IP address, malware samples (MD5, SHA1 and SHA256), SSL certificates, WHOIS information and malicious URLs such as phishing and malware links.
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and web addresses for threats, malware, viruses
We keep you posted on the latest cyber threats. Learn more about what is new in the world of IT security. Knowledge is the best protection.
Elastic Security Labs empowers security teams across the globe with novel security intelligence research and free to use tools.
Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats.
Stay up-to-date on the latest cybersecurity topics and security operations thought leadership from ReliaQuest experts.
We are the leading creator of original DNS threat intelligence. We’re proactive, not just defensive, using our insights to track threat actor infrastructure and disrupt cybercrime where threat actors begin. We also believe in sharing knowledge to support the broader security community by publishing detailed research on select actors and associated indicators.
Sharing Mitiga’s latest threat intelligence and research, cloud IR insights, and company news.
Read SafeBreach’s original threat research reports and learn about updates to our Hacker’s Playbook.
Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
The latest updates on cybersecurity from today’s experts. Read about ransomware, vulnerabilities, and threat intelligence impacting businesses.
Find out if you are under cyber-attack here.
Learn about the world's most prevalent cyberthreats, including viruses and malware. Understand how they arrive, their detailed behaviors, infection symptoms, and how to prevent and remove them.
The RRA (Recent Ransomware Attacks) site acts as a watchtower, providing near real-time ransomware tracking of attacks, groups and their victims. Given threat actors' overarching. lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
We discuss hot topics, malware behavior, techniques, practices for analyzing malicious files, and of course, we will talk more about our online interactive sandbox.
Get the latest dark web intelligence & cybersecurity insights from our experts - from industry trends to tips on new attack techniques. Find out more.
Analyze and share malware samples and threat intelligence to join the fight against cyber threats.
Researchers in the Lookout Threat Lab leverage the world’s largest mobile telemetry dataset to track APT activity, discover new mobile malware, and provide actionable intelligence.
Stay up to date with the latest cybersecurity insights, practical advice, articles and news from the Veriti Experts.
PolySwarm is a crowdsourced threat detection marketplace where security experts & AV companies compete to protect you.
Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization that's passionate about helping you proactively manage cyber risk.
Enter a domain or URL into the search engine to view details about its current URL categories. To request recategorization of this website, click Request Change below the search results.
Stay up-to-date with industry insights and trends by reading Analyst1's informative blog. Explore our extensive range of topics and stay informed.
The ATLAS Matrix shows the progression of tactics used in attacks as columns from left to right, with ML techniques belonging to each tactic below. & indicates an adaption from ATT&CK.
Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
Get the intelligence you need to detect, prevent & respond to cyber threats. Read the Intel 471 cyber threat intelligence blog.
Stay up to date Cyber Security insights & trends. Our experts share their knowledge on the latest threats, security solutions & best practices to keep your business safe.
The purpose of the threat matrix for Kubernetes is to conceptualize the known tactics, techniques, and procedures (TTP) that adversaries may use against Kubernetes environments. Inspired from MITRE ATT&CK, the threat matrix for Kubernetes is designed to give quick insight into a potential TTP that an adversary may be using in their attack campaign. The threat matrix for Kubernetes contains also mitigations specific to Kubernetes environments and attack techniques.
Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
The Technique Inference Engine (TIE) suggests techniques an adversary is likely to have used based on a set of observed techniques. Cyber defenders can use this data to prioritize specific techniques for threat hunting, and incident responders can use this information to highlight important lateral movement and persistence behaviors that are essential to threat eviction and recovery.
Sinkholing is a technique whereby a resource used by malicious actors to control malware is taken over and redirected to a benign listener that can (to a varying degree) understand network connections coming from infected devices. This provides visibility of the distribution of infected devices worldwide, as well as protecting victims by preventing botnet command and control (C2) from cybercriminals.
See the top MITRE ATT&CK® techniques we observed in confirmed cyber threats across the Red Canary customer base in 2022.
Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
The latest cybersecurity insights on identifying threats, managing risk, and strengthening your organization's security posture.
Read the latest news and insights from our industry experts. Stay up-to-date on the latest cyber security news, emerging cyber threats and security industry best practices. Whether you’re a small business owner or a seasoned IT professional, the Binary Defense team offers insights to help protect your data.
Radware’s Live Threat Map presents near real-time information about cyberattacks as they occur, based on our global threat deception network and cloud systems event information. The systems transmit a variety of anonymized and sampled network and application attacks to our Threat Research Center and are shared with the community via this threat map.
Click here to read the latest Threat Advisories from HiveForce Labs originated from Hive Pro.
Informative, solution-oriented content for security practitioners — from breaking news, expert analysis, and thought leadership to essential guides, articles, videos, blogs, and more.
Gain valuable insights for analysts, threat hunters, and SecOps professionals with our cybersecurity blog! Explore all posts or browse by category.
Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
The latest on our efforts to counter government-backed attacks.
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.
Real Intrusions by Real Attackers, The Truth Behind the Intrusion.
Valkyrie is a file verdict system. Different from traditional signature based malware detection techniques Valkyrie conducts several analysis using run-time behavior and hundreds of features from a file and based on analysis results can warn users against malware undetected by classic Anti-Virus products.
Through the years, ESET and its researchers have been credited with many discoveries and have scored accolades for many of their research works.
Vumetric Cyber portal is a public security news, threat indicators and CVE security vulnerability database/information source.
The Proofpoint cybersecurity blog provides you with advanced cybersecurity intelligence and insights, threat research, and breaking cyber attack news. Get the latest news about advanced threats.
Frontline Mandiant investigations, expert analysis, tools and guidance, and in-depth security research.
The SecOps Automation Blog. Practical tips & threat analysis from Intezer's Research Team. Product news. Industry insights on the evolution of security operations, automation, and AI.
Recorded Future’s Insikt Group produces research that creates action to disrupt adversaries. We write on a range of cyber and geopolitical topics, including state-sponsored threat groups; financially-motivated threat actors on the darknet and criminal underground; newly emerging malware and attacker infrastructure; strategic geopolitics; and influence operations.
A dashboard for monitoring ransomware groups, threat intelligence.
Security Joes is a multi-layered Incident Response company that specializes in IR, MDR & Red Teaming. The company was established by security researchers to first and foremost generate resilience against highly complex cyberwarfare incidents, extract vital evidence and attribute TTPs to threat actors and state-sponsored hacking groups. Based out of Israel, the company is constructed from a best-of-breed agnostic team of threat hunters, responders & security researchers, hand-picked from all over the world, to provide 24x7x365 “follow-the-sun” coverage.
Every day Kaspersky automatically processes around 400,000 new malicious files. Only one percent of these need manual work from a security expert, and only a tiny fraction of that 1% go to the company’s top-notch Global Research and Analysis Team (GReAT). Those chosen few samples belong to the rarest, most menacing new APTs (advanced persistent threats). Kaspersky Lab’s Targeted Cyberattack Logbook chronicles all of these ground-breaking malicious cybercampaigns that have been investigated by!