Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
Cryptojacking Alert: Hackers Exploit gRPC and HTTP/2 to Deploy Miners
Attack chain | Image: Trend MicroTrend Micro researchers have uncovered a new and unconventional method used by cybercriminals to deploy the SRBMiner cryptominer on Docker remote API servers. This att ... Read more
- Cybersecurity News
Inside China’s State-Sponsored Hacking Competitions: Talent Spotting and Global Outreach
Source: CTFWar.A new report by the Atlantic Council sheds light on China’s sophisticated and highly structured Capture the Flag (CTF) competition framework, which is helping the country become a globa ... Read more
- TheCyberThrone
CISA adds SharePoint vulnerability to its KEV Catalog
The US CISA has added Microsoft SharePoint vulnerability to its Known Exploited Vulnerability Catalog based on the evidence of active exploitationCVE-2024-38094 With a CVSS score of 7.2, Microsoft Sha ... Read more
- Trend Micro
Unmasking Prometei: A Deep Dive Into Our MXDR Findings
Cyber Threats How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehen ... Read more
- Dark Reading
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
Source: B Christopher via Alamy Stock PhotoA zero-day vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung's mobile processors and is being used in an exploit chain for arbitrary c ... Read more
- Dark Reading
OPA for Windows Vulnerability Exposes NTLM Hashes
Source: adison pangchai via ShutterstockOrganizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerabi ... Read more
- DoublePulsar
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
Yes, I’ve made a logo in crayon and named this FortiJump.Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do.I’ve even made ... Read more
- BleepingComputer
Exploit released for new Windows Server "WinReg" NTLM Relay attack
Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authenti ... Read more
- The Register
VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time
VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable systems after the first software update, issu ... Read more
- The Register
Akira ransomware is encrypting victims again following pure extortion fling
Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics. That's according to James Nutland and M ... Read more