Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
RegreSSHion (CVE-2024–6387): Dive into the Latest OpenSSH Server Threat
Explore CVE-2024–6387, a critical cybersecurity vulnerability. Learn its impact, how to detect it, and the best practices to safeguard your systems from potential exploits.Free articleCVE-2024–6387, a ... Read more
-
Art of finding zero day vulnerabilities using Open Source AI
I am Harish SG, a security researcher who studies Masters in Cybersecurity at UT Dallas and AI security engineer at Cisco,previously hunted on the Microsoft Bug Bounty Program and Google VRPI am shari ... Read more
-
huntress.com
Confluence to Cerber: Exploitation of CVE-2023-22518 | Huntress
On October 31, 2023, Atlassian published patches and an advisory for CVE-2023-22518, an improper authorization vulnerability affecting Confluence Data Center and Confluence Server. Later, on November ... Read more
-
huntress.com
Critical Vulnerability: WebP Heap Buffer Overflow (CVE-2023-4863) | Huntress
The Huntress team is currently investigating CVE-2023-4863, a heap buffer overflow in the WebP image encoding/decoding (codec) library (libwebp). Threat actors are exploiting this critical vulnerabili ... Read more
-
huntress.com
Another PaperCut: CVE-2023-39143 Remote Code Execution | Huntress
On August 5, Huntress was made aware of the recently uncovered vulnerability tracked as CVE-2023-39143. For overall statistics, in our partner base we have over 1,000 vulnerable servers across 812 dif ... Read more
-
huntress.com
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response | Huntress
UPDATED: 1 June 2023 @ 1733 ET - Added shareable Huntress YARA rule for assistance in detection effortUPDATED: 1 June 2023 @ 2023 ET - Added Kostas community Sigma rule to assist in detection effortsU ... Read more
-
New Jetpack Site
Gravi vulnerabilità in MOVEit
N240626 CERT-Yoroi informa che sono state rese note due gravi vulnerabilità sui prodotti Progress MOVEit Transfer e MOVEit Gateway che consentono ad utenti malintenzionati di eseguire bypass authentic ... Read more
-
seclists.org
CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100
Full Disclosure mailing list archives CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100 From: Thomas Weber via Fulldisclosure <fulldisclos ... Read more
-
seclists.org
17 vulnerabilities in Sharp Multi-Function Printers
Full Disclosure mailing list archives From: Pierre Kim <pierre.kim.sec () gmail com> Date: Thu, 27 Jun 2024 16:09:17 -0400 Hello, Please find a text-only version below sent to security mailing lists. ... Read more
-
AttackIQ
Emulating the Sabotage-Focused Russian Adversary Sandworm– Part 2
Sandworm is a highly sophisticated Russian adversary, active since at least 2009, that has been attributed to Russia’s Main Intelligence Directorate (GRU) for Special Technologies (GTsST) military Uni ... Read more