Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
360 Netlab Blog - Network Security Research Lab at 360
公有云网络安全威胁情报(202203)
概述本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。360高级威胁狩猎蜜罐系统发现全球12万个云服务器IP,进行网络扫描、漏洞攻击、传播恶意软件等行为。其中包括国内156家单位的服务器IP,涉及大型央企、政府机关等行业。Spring厂商连续公开3个关键漏洞,CVE-2022-22947、CVE-2022-22963、CVE-2022-22965,本文将对前 ... Read more
-
360 Netlab Blog - Network Security Research Lab at 360
Fodcha, a new DDos botnet
OverviewRecently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 ... Read more
-
imperialviolet.org
Picking parameters
When taking something from cryptographic theory into practice, it's very important to pick parameters. I don't mean picking the right parameters — although that certainly helps. I mean picking paramet ... Read more
-
curatedintel.org
Hacktivist group shares details related to Belarusian Railways hack
On Monday 24 January 2022, a Belarusian hacktivist group going by the name Belarusian Cyber-Partisans claimed responsibility for a limited attack against the national railway company. A primary object ... Read more
-
objective-see.org
Where's the Interpreter!?
Where's the Interpreter!? (CVE-2021-30853) bypassing file quarantine, gatekeeper, & notarization requirements ...again! by: Patrick Wardle / December 22, 2021 Objective-See's research, tools, and writ ... Read more
-
curatedintel.org
Nightmare Before Christmas - Curated Intel's Response To Log4Shell
Written by @BushidoToken, @TrevorGiffen | Edited by @SteveD3On late Thursday, 9 December, security researchers warned of a critical vulnerability with wide ramifications. With a CVSS score of 10.0 (Cr ... Read more
-
objective-see.org
Analysis of CVE-2021-30860
Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild by: Tom McGuire / September 16, 2021 Objective-See's research, tools, and writing, are supported by the ... Read more
-
shostack.org
Colonial Pipeline, Darkside and Models
Shostack + Associates > Blog > Colonial Pipeline, Darkside and Models Shostack + Friends Blog The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can't delve into all of it ... Read more
-
objective-see.org
CVE-2020–9854: "Unauthd"
CVE-2020–9854: "Unauthd" (three) logic bugs ftw! by: Ilias Morad / August 1, 2020 In this guest blog post, security researcher Ilias Morad aka A2nkF, describes a lovely exploit chain, composed of seve ... Read more
-
objective-see.org
CVE-2020–9934: Bypassing TCC for Unauthorized Access
CVE-2020–9934: Bypassing TCC ...for unauthorized access to sensitive user data! by: Matt Shockley / July 28, 2020 In this guest blog post, security researcher Matt Shockley describes a lovely security ... Read more