CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Three more vulns spotted in Ivanti CSA, all critical, one 10/10
Ivanti just put out a security advisory warning of three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10. CSA is a tempting target for cyberattacks because of ... Read more
-
Darktrace
Darktrace’s view on Operation Lunar Peek: Exploitation of Palo Alto firewall devices (CVE 2024-2012 and 2024-9474)
Darktrace’s Threat Research team investigated a major campaign exploiting vulnerabilities in Palo Alto firewall devices (CVE 2024-2012 and 2024-9474). Learn about the spike in post-exploitation activi ... Read more
-
TheCyberThrone
Google fixes important vulnerabilities with the latest Google Chrome
Google has released updates for its Chrome browser, addressing several security vulnerabilities, including two important vulnerabilities.The first vulnerability tracked as CVE-2024-12381 with a CVSSv3 ... Read more
-
Help Net Security
BadRAM: $10 hack unlocks AMD encrypted memory
Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, aka BadRAM) affecting ADM processors that can be triggered by rogue memory modules to unlock the chips’ encrypted memory. The ... Read more
-
security.nl
Windows LDAP-kwetsbaarheden maken remote code execution mogelijk
Verschillende kritieke kwetsbaarheden in het Windows Lightweight Directory Access Protocol (LDAP) maken remote code execution door ongeauthenticeerde aanvallers mogelijk, zo waarschuwt Microsoft, dat ... Read more
-
security.nl
Ivanti waarschuwt voor kritiek CSA-lek dat aanvaller admin-toegang geeft
Softwarebedrijf Ivanti waarschuwt voor een kritieke 'authentication bypass' in Ivanti Cloud Services Application (CSA) waardoor een ongeauthenticeerde aanvaller op afstand admin-toegang kan krijgen. D ... Read more
-
security.nl
Microsoft verhelpt actief aangevallen kwetsbaarheid in CLFS-driver Windows
Tijdens de laatste patchdinsdag van 2024 heeft Microsoft een actief aangevallen kwetsbaarheid in Common Log File System (CLFS) driver van Windows verholpen. Een onderdeel waar in het verleden vaker b ... Read more
-
TheCyberThrone
CISA adds CVE-2024-49138 to its KEV Catalog
The US CISA adds Microsoft vulnerability to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.The vulnerability tracked as CVE-2024-49138 with a CVSS score of 7. ... Read more
-
The Hacker News
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 7 ... Read more
-
The Hacker News
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), ... Read more