Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cloudsecurityalliance.org
Return of the RCE: Addressing the regreSSHion Vulnerability – CVE-2024-6378
Originally published by Pentera. A Regrettable Resurgence On July 1, 2024, the Qualys Threat Research Unit (TRU) published their discovery of an unauthenticated remote code execution (RCE) vulnerabili ... Read more
-
TheCyberThrone
PoC for IvantiTM vulnerability CVE-2024-7593 released
To limit the exploitability of this vulnerability, Ivanti recommends limiting Admin Access to the Management Interface internal to the network through the private / corporate network.The researchers a ... Read more
-
Cyber Security News
New Kubernetes Vulnerability Allows Attackers to Access Clusters Remotely
A critical vulnerability tracked as CVE-2024-7646, has been uncovered in the widely used ingress-nginx Kubernetes controller. The flaw allows attackers to bypass annotation validation, poses a signifi ... Read more
-
Cyber Security News
Microsoft macOS Apps Vulnerability Allows Hackers to Record Audio/Video
Cisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries. These vulnerabi ... Read more
-
Cyber Security News
Windows Secure Channel RCE Vulnerability Let Attackers Inject Malicious Files Remotely
A recent analysis of a security vulnerability in Microsoft’s Secure Channel revealed a critical flaw that could be exploited for remote code execution. The vulnerability was initially identified as an ... Read more
-
Cyber Security News
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory
Researchers uncovered a vulnerability in the Linux kernel’s dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory ... Read more
-
Cybersecurity News
HookChain: The Technique That Bypass Exposes EDR in 94% of Security Solutions
Image Credit: M4v3r1ckIn an ever-evolving cybersecurity landscape, where threats are becoming more sophisticated by the day, the focus on Endpoint Detection and Response (EDR) systems has never been m ... Read more
-
The Hacker News
Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CV ... Read more
-
The Register
RansomHub-linked EDR-killing malware spotted in the wild
in brief Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific. Discovered by Sophos analysts a ... Read more
-
Cybersecurity News
Beware of Fake PoC Exploits for 0-Click RCE CVE-2024-38063 on GitHub
Security researchers have discovered a series of fake proof-of-concept (PoC) exploit codes for the critical CVE-2024-38063 vulnerability affecting Windows systems. These fraudulent exploits, which hav ... Read more