Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Ivanti warns of another critical CSA flaw exploited in attacks
Image: MidjourneyToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-896 ... Read more
-
Zero Day Initiative
Exploiting Exchange PowerShell After ProxyNotShell: Part 3 – DLL Loading Chain for RCE
As you may know, I recently presented my Exchange-related talk during OffensiveCon 2024. This series of 4 blog posts is meant to supplement the talk and provide additional technical details. In this a ... Read more
-
TheCyberThrone
Atlassian fixes DoS vulnerabilities in its Products
Atlassian releases patches for high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, and Crowd.There are four vulnerabilities addressed in these products, all four allowing attackers to caus ... Read more
-
0patch.com
Micropatches for "MadLicense" Windows Remote Desktop Licensing Service Remote Code Execution (CVE-2024-38077)
July 2024 Windows Updates brought a patch for CVE-2024-38077, a memory corruption vulnerability in Remote Desktop Licensing Service that could potentially allow an attacker in a Windows network to rem ... Read more
-
TheCyberThrone
GitLab fixes critical vulnerability CVE-2024-45409
GitLab has released security patches for a critical vulnerability that affects both GitLab Community Edition (CE) and Enterprise Edition (EE) that allows a threat actor to bypass authentication check ... Read more
-
Google Cloud
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
Written by: Stav Shulman, Matan Mimran, Sarah Bock, Mark Lechtik Executive Summary UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s ... Read more
-
Help Net Security
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow at ... Read more
-
The Cyber Express
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the continued threat that these securit ... Read more
-
security.nl
CISA: kritiek lek in Apache HugeGraph-servers actief aangevallen
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Apache HugeGraph Server waarvoor in april een beveiligingsupdate verscheen. Dat laat het Cybersecurity and Infrastructure Security Ag ... Read more
-
Cybersecurity News
Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC
Overview of the attack chain | Image: Trend MicroIn a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting government organizations in Taiwan and potenti ... Read more