Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches Released For DHCP Server Service Remote Code Execution (CVE-2023-28231)
April 2023 Windows Updates brought a fix for CVE-2023-28231, a remote code execution vulnerability in DHCP Server service. The vulnerability was reported to Microsoft by security researcher YanZiShuan ... Read more
-
curatedintel.org
CL0P likes to MOVEit MOVEit
CL0P likes to MOVEit MOVEit BackgroundFor the last couple of years, the threat actors associated with the CL0P ransomware group have occasionally ditched encryption in favour of exploiting file transf ... Read more
-
huntress.com
Calm In The Storm: Reviewing Volt Typhoon
Network owners, operators and defenders find themselves in an increasingly contentious and hostile space, with entities ranging from opportunistic criminal elements to state-directed organizations eng ... Read more
-
huntress.com
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response
UPDATED: 1 June 2023 @ 1733 ET - Added shareable Huntress YARA rule for assistance in detection effort UPDATED: 1 June 2023 @ 2023 ET - Added Kostas community Sigma rule to assist in detection efforts ... Read more
-
huntress.com
Critical Vulnerabilities in PaperCut Print Management Software | Huntress
Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.UPDATE #1 - 4/25/ ... Read more
-
shostack.org
Reflecting on Threats: The Frame
Shostack + Associates > Blog > Reflecting on Threats: The Frame Shostack + Friends Blog Now that the Threats book is out and the first reviews are in (thank you!), I want to talk more about the frame ... Read more
-
shostack.org
Application Security Roundup - March
Shostack + Associates > Blog > Application Security Roundup - March Shostack + Friends Blog The March appsec roundup includes few tools, some thoughts on injection, some standards, and some of my own ... Read more
-
huntress.com
Everything We Know About CVE-2023-23397 | Huntress
Huntress has been tracking CVE-2023-23397, a critical vulnerability/0-day that impacts Microsoft Outlook. Unlike other exploits we’ve seen in the past, this exploit is particularly dangerous because n ... Read more
-
huntress.com
Veeam Backup & Replication CVE-2023-27532 Response | Huntress
UPDATE 03/13/2023 2252 ET: After taking further inventory of our partner's Veeam service binary details to review the version number, we uncovered many more unpatched and vulnerable hosts. We are send ... Read more
-
huntress.com
Investigating Intrusions From Intriguing Exploits
SummaryOn 02 February 2023, an alert triggered in a Huntress-protected environment. At first glance, the alert itself was fairly generic - a combination of certutil using the urlcache flag to retrieve ... Read more