CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility
Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-li ... Read more
-
BleepingComputer
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As a private industry notification (PIN) published o ... Read more
-
BleepingComputer
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw is due to an ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Cl0p Ransomware Exploits Cleo Vulnerability, Threatens Data Leaks
SUMMARY Cleo Vulnerability Exploited: The Cl0p ransomware group claims to have exploited a critical vulnerability in Cleo’s managed file transfer software, targeting businesses globally. Data Leak Thr ... Read more
-
Help Net Security
Serbian government used Cellebrite to unlock phones, install spyware
Serbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown Android spyware called NoviSpy, a new ... Read more
-
security.nl
VS meldt actief misbruik van lekken in Windows-kernel en Adobe ColdFusion
Aanvallers maken actief misbruik van kwetsbaarheden in de Windows-kernel en Adobe ColdFusion, zo waarschuwt het Amerikaanse cyberagentschap CISA. Het gaat als eerste om CVE-2024-35250, een beveiliging ... Read more
-
security.nl
Shadowserver: bijna duizend kwetsbare Cleo-servers op internet
Op internet zijn bijna duizend servers te vinden die kwetsbare file sharing software van Cleo draaien, waarvan het allergrootste deel in de Verenigde Staten, op afstand gevolgd door Canada. Dat meldt ... Read more
-
BleepingComputer
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors. One of the Qualcomm ... Read more
-
TheCyberThrone
Dell fixes CVE-2024-37143 and CVE-2024-38144 vulnerabilities
Dell has recently released security updates to address multiple vulnerabilities affecting several of its enterprise products, including PowerFlex, InsightIQ, and Data Lakehouse.The vulnerabilities, id ... Read more
-
The Hacker News
NoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite Tool
A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnes ... Read more