CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation
Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a core element integrated into several of its products. If exploited, ...
-
Cybersecurity News
cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers
AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware called cShell, which specifically targets poorly managed Linux SSH servers. The malware exploits weak credentials ...
-
Cybersecurity News
Earth Koshchei’s Rogue RDP Campaign: A Sophisticated APT Attack Targets Governments and Enterprises
Trend Micro has unveiled a large-scale rogue remote desktop protocol (RDP) campaign conducted by the threat group Earth Koshchei. Known for their espionage operations, Earth Koshchei leveraged spear-p ...
-
TheCyberThrone
CISA adds BeyondTrust CVE-2024-12356 to its KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-12356: Command Injection Vulnerability in BeyondTrust PRA and RSO ...
-
Dark Reading
Fortinet Addresses Unpatched Critical RCE Vector
Source: Konstantin Nechaev via Alamy Stock PhotoNEWS BRIEFFortinet has finally patched a critical security vulnerability in its Wireless LAN Manager (FortiWLM) that could allow unauthenticated sensiti ...
-
CrowdStrike.com
December 2024 Patch Tuesday: 16 Critical and One Zero-Day Among 71 Vulnerabilities
Microsoft has released security updates for 71 vulnerabilities in its December 2024 Patch Tuesday rollout. Among these are 16 Critical vulnerabilities and one zero-day affecting the Windows Common Log ...
-
Dark Reading
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
Source: ZUMA Press, Inc. via Alamy Stock PhotoA critical, stubborn new vulnerability in Apache Struts 2 may be under active exploitation already, and fixing it isn't as simple as downloading a patch.S ...
-
BleepingComputer
Fortinet warns of FortiWLM bug giving hackers admin privileges
Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially c ...
-
BleepingComputer
BeyondTrust says hackers breached Remote Support SaaS instances
Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company ...
-
TheCyberThrone
Fortinet fixes several vulnerabilities including CVE-2023-34990
Fortinet has released patches for vulnerabilities affecting its popular products, including FortiClient VPN, FortiManager, and FortiWLM. These flaws range from password exposure to remote code executi ...