Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3)
A critical security vulnerability has been discovered and patched in Plane, a popular open-source project management tool. The vulnerability, identified as CVE-2024-47830 and assigned a CVSS score of ... Read more
-
TheCyberThrone
Apache Avro vulnerability CVE-2024-47561
Apache project releases patch for a vulnerability tracked as CVE-2024-47561, that impacts all versions of the software prior to 1.11.4.Apache Avro is a data serialization framework developed as part o ... Read more
-
TheCyberThrone
CISA releases VDP platform Annual report for 2023
The U.S. CISA has released its 2023 Annual Report for the Vulnerability Disclosure Policy (VDP) Platform. Over the past year, the agency concentrated on promoting greater adoption of the VDP Platform ... Read more
-
BleepingComputer
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emira ... Read more
-
The Hacker News
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. an ... Read more
-
Help Net Security
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 202 ... Read more
-
TheCyberThrone
TheCyberThrone Security BiWeekly Review – October 12, 2024
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the weeks ending Saturday, October 5, 12, 2024.Microsoft Patch Tues ... Read more
-
Cybersecurity News
Suspected Nation-State Adversary Exploits Ivanti CSA in a Series of Sophisticated Attacks
Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services Appliance (CSA). The attackers, suspected to be a nation-state actor ... Read more
-
Cybersecurity News
CVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation
HashiCorp has issued a security bulletin disclosing a vulnerability in its Vault secret management platform that could allow attackers to escalate their privileges to the highly sensitive root policy. ... Read more
-
TheCyberThrone
Veeam Backup flaw CVE-2024-40711 used in ransomware campaigns
Security agencies were alerting about the mass exploitation of a critical Veeam backup and replication vulnerability by ransomware groups.The vulnerability tracked as CVE-2024-40711 with a CVSS score ... Read more