Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- BleepingComputer
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges. ... Read more
- The Hacker News
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
Vulnerability / Data Security Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, ... Read more
- Zero Day Initiative
CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Grigory Dorodnov and Guy Lederfein of the Trend Micro Research Team detail a recently patched code execution vulne ... Read more
- Dark Reading
Hitachi Energy Vulnerabilities Plague SCADA Power Systems
Source: Panchenko Vladimir via ShutterstockHitachi Energy is urging customers of its MicroSCADA X SYS600 product for monitoring and controlling utility power systems to immediately upgrade to a newly ... Read more
- The Hacker News
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Cyber Attack / Vulnerability A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a ... Read more
- cert.pl
Vulnerabilities in HyperView Geoportal Toolkit software
CVE ID CVE-2024-6449 Publication date 28 August 2024 Vendor HyperView Product Geoportal Toolkit Vulnerable versions All through 8.2.4 Vulnerability type (CWE) Permissive Cross-domain Policy with Untru ... Read more
- security.nl
Apache OFBiz ERP-systemen opnieuw doelwit van aanvallen
Apache OFBiz ERP-systemen zijn opnieuw het doelwit van aanvallen, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security. OFBiz ... Read more
- cert.pl
Vulnerability in ConnX ESP HR Management software
CVE ID CVE-2024-7269 Publication date 28 August 2024 Vendor ConnX Product ESP HR Management Vulnerable versions All before 6.6 Vulnerability type (CWE) Improper Neutralization of Input During Web Page ... Read more
- The Hacker News
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerabl ... Read more
- Help Net Security
BlackByte affiliates use new encryptor and new TTPs
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent Bla ... Read more