CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
BadRAM: $10 hack unlocks AMD encrypted memory
Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, aka BadRAM) affecting ADM processors that can be triggered by rogue memory modules to unlock the chips’ encrypted memory. The ... Read more
-
security.nl
Windows LDAP-kwetsbaarheden maken remote code execution mogelijk
Verschillende kritieke kwetsbaarheden in het Windows Lightweight Directory Access Protocol (LDAP) maken remote code execution door ongeauthenticeerde aanvallers mogelijk, zo waarschuwt Microsoft, dat ... Read more
-
security.nl
Ivanti waarschuwt voor kritiek CSA-lek dat aanvaller admin-toegang geeft
Softwarebedrijf Ivanti waarschuwt voor een kritieke 'authentication bypass' in Ivanti Cloud Services Application (CSA) waardoor een ongeauthenticeerde aanvaller op afstand admin-toegang kan krijgen. D ... Read more
-
security.nl
Microsoft verhelpt actief aangevallen kwetsbaarheid in CLFS-driver Windows
Tijdens de laatste patchdinsdag van 2024 heeft Microsoft een actief aangevallen kwetsbaarheid in Common Log File System (CLFS) driver van Windows verholpen. Een onderdeel waar in het verleden vaker b ... Read more
-
TheCyberThrone
CISA adds CVE-2024-49138 to its KEV Catalog
The US CISA adds Microsoft vulnerability to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.The vulnerability tracked as CVE-2024-49138 with a CVSS score of 7. ... Read more
-
The Hacker News
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 7 ... Read more
-
The Hacker News
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), ... Read more
-
RIPE Labs
Zeros Are Heroes: NSEC3 Parameter Settings in the Wild
Hashed authenticated denial of existence appeared back in 2008 to prevent DNS zone walking. Since then, best practices have changed and were updated in RFC 9276. This article examines how the current ... Read more
-
The Register
US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls The attack was made possi ... Read more
-
Cybersecurity News
CVE-2024-11639 (CVSS 10) – Critical Flaw in Ivanti Cloud Services Application: Immediate Patch Recommended
Ivanti, a leading provider of IT management and security solutions, has released critical security updates for the Ivanti Cloud Services Application (CSA). These updates address vulnerabilities that c ... Read more