Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Malicious ads exploited Internet Explorer zero day to drop malware
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. ScarCruft ... Read more
-
Krypt3ia
Threat Actor Profile: TA-RedAnt
Overview: Aliases: No known aliases Country of Origin: Likely from East Asia (speculated), with no firm attribution yet. Motivation: Primarily espionage and financially motivated attacks, potentially ... Read more
-
Help Net Security
Defenders must adapt to shrinking exploitation timelines
A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022. One re ... Read more
-
The Hacker News
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
Zero-Day / Windows Security The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known ... Read more
-
Dark Reading
Sidewinder Casts Wide Geographic Net in Latest Attack Spree
Source: Papilio via Alamy Stock PhotoThe elusive, India-based advanced persistent threat (APT) group SideWinder has unleashed a new flurry of attacks against high-profile entities and strategic infras ... Read more
-
Cybersecurity News
North Korean Hackers Exploit Zero-Day Flaw (CVE-2024-38178) in “Operation Code on Toast”
Image: AhnLabA joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC) has revealed a new zero-day vulnerability (CVE-2024-38178) in Microsoft In ... Read more
-
security.nl
Oracle dicht kritieke lekken in WebLogic Server en andere producten
Tijdens de patchronde van oktober heeft Oracle 334 patches uitgebracht, waaronder voor kritieke kwetsbaarheden in WebLogic Server en andere producten. Net als bij vorige patchrondes zegt Oracle dat he ... Read more
-
security.nl
VS meldt actief misbruik van hardcoded credential in SolarWinds-software
Aanvallers maken actief gebruik van een hardcoded credential in de software van SolarWinds, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Home ... Read more
-
The Hacker News
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
Enterprise Security / Vulnerability GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an in ... Read more
-
The Hacker News
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
Vulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Know ... Read more