Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Trend Micro
What We Know About CVE-2024-49112 and CVE-2024-49113
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) f ... Read more
-
Dark Reading
Thousands of Buggy BeyondTrust Systems Remain Exposed
Source: artpartner-images.com via Alamy Stock PhotoA remarkable number of BeyondTrust instances remain connected to the Internet, despite dire warnings Chinese state-sponsored threat actors are active ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 1
The Good | HIPAA to Update Security Rules and Feds Sanction Disinformation Campaign Operators Cyberattacks on healthcare systems put patients at critical risk, disrupting urgent medical services or tr ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 1
The Good | HIPAA to Update Security Rules and Feds Sanction Disinformation Campaign Operators Cyberattacks on healthcare systems put patients at critical risk, disrupting urgent medical services or tr ... Read more
-
TheCyberThrone
CVE-2024-49113: PoC Exploit Code Released
The CVE-2024-49113 vulnerability is a significant Denial of Service (DoS) issue found in the Windows Lightweight Directory Access Protocol (LDAP). SafeBreach Labs developed the exploit code, which has ... Read more
-
security.nl
ITerm2 kan door kritieke kwetsbaarheid gevoelige gegevens lekken
Een kritieke kwetsbaarheid in macOS terminal emulator iTerm2 zorgt ervoor dat gevoelige gegevens kunnen lekken, zo heeft ontwikkelaar George Nachman bekendgemaakt. Er is een nieuwe versie beschikbaar ... Read more
-
InfoSec Write-ups
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)
Hello everyone, Today we’re going to look at CVE-2024–4367, a serious vulnerability in PDF.js that allows attackers to run arbitrary JavaScript code. Let’s take a closer look at vulnerabilities unders ... Read more
-
The Hacker News
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
Windows Server / Threat Mitigation A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger ... Read more
-
Cybersecurity News
iTerm2 Patches Critical Security Vulnerability Exposing User Input and Output
A critical security vulnerability has been discovered and patched in iTerm2, a popular terminal emulator for macOS. The flaw, present in versions 3.5.6 through 3.5.10, as well as beta versions of 3.5. ... Read more
-
Cybersecurity News
SysBumps: Breaking Kernel Address Space Layout Randomization on macOS for Apple Silicon
In a recent study, researchers from Korea University have unveiled “SysBumps,” the first successful Kernel Address Space Layout Randomization (KASLR) break attack targeting macOS systems running on Ap ... Read more