Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability
SUMMARY: Critical Vulnerability Alert: Dell Power Manager versions before 3.17 have a high-severity access control flaw (CVE-2024-49600) allowing attackers to gain elevated privileges. Exploitation Ri ... Read more
-
Ars Technica
AMD’s trusted execution environment blown wide open by new BadRAM attack
Attack bypasses AMD protection promising security, even when a server is compromised. One of the oldest maxims in hacking is that once an attacker has physical access to a device, it’s game over for i ... Read more
-
BleepingComputer
US sanctions Chinese firm for hacking firewalls in ransomware attacks
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. criti ... Read more
-
The Register
AMD secure VM tech undone by DRAM meddling
Researchers have found that the security mechanism AMD uses to protect virtual machine memory can be bypassed with $10 of hardware – and perhaps not even that. AMD Secure Encrypted Virtualization (SEV ... Read more
-
The Hacker News
Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully pa ... Read more
-
BleepingComputer
New Cleo zero-day RCE flaw exploited in data theft attacks
Update added to bottom of the article. Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. The ... Read more
-
TheCyberThrone
Mauri Ransomware exploiting Apache ActiveMQ flaw CVE-2024-46604
The Apache ActiveMQ server is currently facing a critical vulnerability identified as CVE-2023-46604. This vulnerability allows attackers to exploit the system by manipulating serialized class types w ... Read more
-
The Register
Fully patched Cleo products under renewed 'zero-day-ish' mass attack
Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems. Cleo issued patches for CVE-2024-50623, an ... Read more
-
Help Net Security
Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)
Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on ... Read more
-
security.nl
Grootschalig misbruik van kritiek lek in Cleo file transfer software gemeld
dinsdag 10 december 2024, 13:44 door Redactie, 2 reactiesLaatst bijgewerkt: 10-12-2024, 15:31 Aanvallers maken op grote schaal misbruik van een kritieke kwetsbaarheid in de file transfer software van ... Read more