Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabili ... Read more
-
The Hacker News
The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software ... Read more
-
The Cyber Express
Patch Now: GitLab Fixes Major Vulnerabilities in All Versions
GitLab has announced the release of critical patches for its Community Edition (CE) and Enterprise Edition (EE) with versions 17.4.2, 17.3.5, and 17.2.9. These GitLab critical patches are essential fo ... Read more
-
Kaspersky
Beyond the Surface: the evolution and expansion of the SideWinder APT group
SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. Over the years, the group has launched ... Read more
-
Cybersecurity News
Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits
CERT@VDE has issued a security advisory disclosing multiple vulnerabilities in Helmholz REX100 industrial routers, potentially allowing unauthorized access and remote code execution.The Helmholz REX10 ... Read more
-
The Hacker News
China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns
China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in ... Read more
-
TheCyberThrone
Splunk Security Advisory-October 2024
Splunk has released a slew of security updates to address multiple vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These vulnerabilities range in severity, with some enabling remote co ... Read more
-
Cybersecurity News
PoC Exploit Release for Windows Kernel-Mode Driver Elevation of Privilege Flaw (CVE-2024-35250)
In a detailed analysis by security researcher Angelboy (@scwuaptx) from the DEVCORE Research Team, the critical vulnerability CVE-2024-35250 has been exposed as a significant threat, enabling attacker ... Read more
-
Cybersecurity News
CVE-2024-9312: Ubuntu Authd Flaw Allows User ID Spoofing
Canonical has recently issued a security advisory addressing a vulnerability (CVE-2024-9312, CVSS 7.6) in Authd, an authentication daemon used for managing identity and access on Ubuntu machines world ... Read more
-
Cybersecurity News
Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure
Attack chain | Image: Trend MicroTrend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth Simnavaz, also known as APT34 or OilRig. This Iranian-li ... Read more