Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
malwaretech.com
Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786)
Discussion thread: https://updatedsecurity.com/topic/9-openssl-vulnerability-cve-2022-3602-cve-2022-3786/ Vulnerability Details From https://www.openssl.org/news/secadv/20221101.txt X.509 Email Addres ... Read more
-
360 Netlab Blog - Network Security Research Lab at 360
公有云网络安全威胁情报(202204)
概述 本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。 360高级威胁狩猎蜜罐系统发现全球9.2万个云服务器IP进行网络扫描、漏洞攻击、传播恶意软件等行为。其中包括国内39家单位所属的云服务资产IP,这些单位涉及政府、医疗、建筑、军工等多个行业。 2022年4月,WSO2多个产品和Apache Struts2爆出高危漏洞,两个漏洞技术细节已经公开,并且我们 ... Read more
-
malwaretech.com
[Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis
Walking through my process of how I use patch analysis and reverse engineering to find vulnerabilities, then evaluate the risk and exploitability of bugs. ... Read more
-
360 Netlab Blog - Network Security Research Lab at 360
公有云网络安全威胁情报(202203)
概述本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。360高级威胁狩猎蜜罐系统发现全球12万个云服务器IP,进行网络扫描、漏洞攻击、传播恶意软件等行为。其中包括国内156家单位的服务器IP,涉及大型央企、政府机关等行业。Spring厂商连续公开3个关键漏洞,CVE-2022-22947、CVE-2022-22963、CVE-2022-22965,本文将对前 ... Read more
-
360 Netlab Blog - Network Security Research Lab at 360
Fodcha, a new DDos botnet
OverviewRecently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 ... Read more
-
imperialviolet.org
Picking parameters
When taking something from cryptographic theory into practice, it's very important to pick parameters. I don't mean picking the right parameters — although that certainly helps. I mean picking paramet ... Read more
-
curatedintel.org
Hacktivist group shares details related to Belarusian Railways hack
On Monday 24 January 2022, a Belarusian hacktivist group going by the name Belarusian Cyber-Partisans claimed responsibility for a limited attack against the national railway company. A primary object ... Read more
-
objective-see.org
Where's the Interpreter!?
Where's the Interpreter!? (CVE-2021-30853) bypassing file quarantine, gatekeeper, & notarization requirements ...again! by: Patrick Wardle / December 22, 2021 Objective-See's research, tools, and writ ... Read more
-
curatedintel.org
Nightmare Before Christmas - Curated Intel's Response To Log4Shell
Written by @BushidoToken, @TrevorGiffen | Edited by @SteveD3On late Thursday, 9 December, security researchers warned of a critical vulnerability with wide ramifications. With a CVSS score of 10.0 (Cr ... Read more
-
objective-see.org
Analysis of CVE-2021-30860
Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild by: Tom McGuire / September 16, 2021 Objective-See's research, tools, and writing, are supported by the ... Read more