Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- huntress.com
Critical RCE Vulnerability Updates (log4j - CVE-2021-44228) | Huntress
Our team is investigating CVE-2021-44228, a critical vulnerability that’s affecting a Java logging package log4j which is used in a significant amount of software, including Apache, Apple iCloud, Stea ... Read more
- The Hacker News
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the p ... Read more
- The Hacker News
Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP
Vulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Trac ... Read more
- Trend Micro
The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409
Introduction CVE-2024–6387, also known as “regreSSHion,” is a vulnerability that exists in OpenSSH, a widely-used suite of secure networking utilities based on the SSH protocol. This vulnerability, wh ... Read more
- huntress.com
MFT Exploitation and Adversary Operations | Huntress
Threat actors of varying types continue to target managed file transfer (MFT) applications for exploitation. The latest concerning MFT vulnerability was identified by Converge Technology Solutions, or ... Read more
- Kaspersky
Zero-day vulnerability in Internet Explorer | Kaspersky official blog
As part of its latest Patch Tuesday, Microsoft has released patches for 142 vulnerabilities. Among them were four zero-day vulnerabilities. While two of them were already publicly known, the other two ... Read more
- Zero Day Initiative
Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD
On patch Tuesday last week, Microsoft released an update for CVE-2024-38112, which they said was being exploited in the wild. We at the Trend Micro Zero Day Initiative (ZDI) agree with them because th ... Read more
- Trend Micro
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
Exploits & Vulnerabilities Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer usin ... Read more
- SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 28
The Good | Feds Dismantle Major GenAI-Based Bot Farm Spreading Pro-Russian DisInformation Campaigns In a joint international operation led by the FBI, law enforcement have seized two domain names and ... Read more
- AttackIQ
Emulating the Long-Term Extortionist Nefilim Ransomware
Nefilim is a Ransomware-as-a-Service (RaaS) operation that emerged in March 2020 and is believed to have evolved from the Nemty ransomware family. This attribution is due to the fact that Nefilim aros ... Read more