Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches Released for Microsoft Outlook Information Disclosure Vulnerability (CVE-2023-35636)
In December 2023, still-Supported Microsoft Outlook versions got an official patch for CVE-2023-35636, a vulnerability that allowed an attacker to coerce user's Outlook to authenticate to attacker's r ... Read more
-
huntress.com
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress
Table of Contents: Adversaries Deploying RansomwareAdversaries EnumeratingAdversary Cryptocurrency MinersAdversaries Installing Additional Remote AccessDownloading Tools and PayloadsAdversaries Droppi ... Read more
-
huntress.com
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress
Table of Contents: Adversaries Deploying Ransomware Adversaries Enumerating Adversary Cryptocurrency Miners Adversaries Installing Additional Remote Access Downloading Tools and Payloads Adversaries D ... Read more
-
huntress.com
Guide: How to Know if your ScreenConnect Server is Hacked | Huntress
You’ve probably seen it by now, but there was a major ConnectWise ScreenConnect vulnerability (CVE-2024-1708 and CVE-2024-1709) – which we’re calling “SlashAndGrab” – that’s been shared across the cyb ... Read more
-
huntress.com
Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress
On February 19, 2024, ConnectWise published a security advisory for ScreenConnect version 23.9.8, referencing two vulnerabilities and software weaknesses. The same day, Huntress researchers worked to ... Read more
-
huntress.com
Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress
On February 19, 2024, ConnectWise published a security advisory for ScreenConnect version 23.9.8, referencing two vulnerabilities and software weaknesses. The same day, Huntress researchers worked to ... Read more
-
huntress.com
Detection Guidance for ConnectWise CWE-288 | Huntress
UPDATE: Read our full analysis of CVE-2024-1709 & CVE-2024-1708 and detection guidance here. On February 19, 2024, ConnectWise released an advisory related to the disclosure of two vulnerabilities aff ... Read more
-
0patch.com
Micropacthes For "OverLog", Remote Denial of Service Vulnerability in Windows Event Log Service (CVE-2022-37981)
We recently delivered patches for the "LogCrusher" vulnerability that allows an attacker to remotely crash Windows Event Log service on some older Windows systems that we have security-adopted. Varoni ... Read more
-
huntress.com
Vulnerability Reproduced: Immediately Patch ScreenConnect 23.9.8 | Huntress
UPDATE: Read our full analysis of CVE-2024-1709 & CVE-2024-1708 and detection guidance here. UPDATE: We have proactively deployed a temporary hotfix to over 1000 vulnerable systems managed by Huntress ... Read more
-
cert.pl
Vulnerabilities in Comarch ERP XL software
CVE ID CVE-2023-4537 Publication date 15 February 2024 Vendor Comarch SA Product Comarch ERP XL Vulnerable versions From 2020.2.2 through 2023.2 Vulnerability type (CWE) Missing Encryption of Sensitiv ... Read more