Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in lua-http library
CVE ID CVE-2023-4540 Publication date 05 September 2023 Vendor Daurnimator Product lua-http Vulnerable versions All including 0.4 before ddab283 commit Vulnerability type (CWE) Improper Handling of Ex ... Read more
-
huntress.com
How Businesses Should Be Scaling Their Security
Small and medium businesses are changing their security stance for the better. There are still some stragglers, but they tend to be brought forward by insurance companies requiring at least a shred of ... Read more
-
huntress.com
Another PaperCut: CVE-2023-39143 Remote Code Execution | Huntress
On August 5, Huntress was made aware of the recently uncovered vulnerability tracked as CVE-2023-39143. For overall statistics, in our partner base we have over 1,000 vulnerable servers across 812 dif ... Read more
-
0patch.com
Micropatches Released For Denial of Service in Microsoft Message Queuing (CVE-2023-28302, CVE-2023-21769)
April 2023 Windows Updates brought fixes for a number of vulnerabilities in Microsoft Message Queuing Service. We first issued patches for the "Queuejumper" remote code execution vulnerability (CVE-20 ... Read more
-
huntress.com
Move It on Over: Reflecting on the MOVEit Exploitation | Huntress
In late May 2023, customers running the popular MOVEit file transfer software faced multiple, unexplained intrusions. As previously documented by Huntress, MOVEit customers found themselves the victim ... Read more
-
0patch.com
Micropatches Released For DHCP Server Service Remote Code Execution (CVE-2023-28231)
April 2023 Windows Updates brought a fix for CVE-2023-28231, a remote code execution vulnerability in DHCP Server service. The vulnerability was reported to Microsoft by security researcher YanZiShuan ... Read more
-
curatedintel.org
CL0P likes to MOVEit MOVEit
CL0P likes to MOVEit MOVEit BackgroundFor the last couple of years, the threat actors associated with the CL0P ransomware group have occasionally ditched encryption in favour of exploiting file transf ... Read more
-
huntress.com
Calm In The Storm: Reviewing Volt Typhoon
Network owners, operators and defenders find themselves in an increasingly contentious and hostile space, with entities ranging from opportunistic criminal elements to state-directed organizations eng ... Read more
-
huntress.com
MOVEit Transfer Critical Vulnerability CVE-2023-34362 Rapid Response
UPDATED: 1 June 2023 @ 1733 ET - Added shareable Huntress YARA rule for assistance in detection effort UPDATED: 1 June 2023 @ 2023 ET - Added Kostas community Sigma rule to assist in detection efforts ... Read more
-
huntress.com
Critical Vulnerabilities in PaperCut Print Management Software | Huntress
Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.UPDATE #1 - 4/25/ ... Read more