CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. T ... Read more
-
Cybersecurity News
CVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover
In a critical security advisory, Cisco has disclosed a command injection vulnerability in its Unified Industrial Wireless Software used for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. ... Read more
-
The Cyber Express
Google Addresses Two Android Zero-Days Used in Targeted Attacks
In its November security update, Google has patched two critical Android zero-days actively exploited in targeted attacks, along with 49 additional vulnerabilities. Google flagged these zero-day flaws ... Read more
-
security.nl
Duizenden toegangssystemen Linear eMerge E3 via kritiek lek over te nemen
Duizenden systemen waarmee organisaties de toegang tot gebouwen beheren zijn door middel van een kritieke kwetsbaarheid op afstand door een ongeauthenticeerde aanvaller over te nemen. De fabrikant wer ... Read more
-
Kaspersky
New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency
Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox”. Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows servi ... Read more
-
The Register
China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks
Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators. The digital brea ... Read more
-
Cybersecurity News
PoC Exploit Releases for Critical Symlink Flaw in Apple’s iOS – CVE-2024-44258
In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled dae ... Read more
-
Cybersecurity News
Google Chrome Patches Two High-Severity Vulnerabilities: Update Now!
Google has just released an update for its Chrome web browser, addressing two high-severity vulnerabilities that malicious actors could exploit. Users are strongly urged to update their browsers immed ... Read more
-
Cybersecurity News
Stealc Malware: The Infostealer Targeting Credentials, Crypto Wallets, and More
In a recent analysis, the SonicWall Capture Labs threat research team revealed the insidious capabilities of Stealc, an infostealer malware designed to steal credentials, cryptocurrency, and other sen ... Read more
-
Cybersecurity News
AWS IAM Roles Anywhere: A Potential Backdoor for Attackers?
Example of script that automates IAM Roles Anywhere configuration | Image: AdanIn a recent publication, cybersecurity engineer Adan explores a potentially underappreciated security risk in Amazon Web ... Read more