Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
objective-see.org
Analysis of CVE-2021-30860
Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild by: Tom McGuire / September 16, 2021 Objective-See's research, tools, and writing, are supported by the ... Read more
-
huntress.com
Threat Advisory: Hackers Are Exploiting CVE-2021-40444 | Huntress
On September 7, Huntress was made aware of a new threat against Windows operating systems and Microsoft Office products. With the identifier CVE-2021-40444, the MSHTML engine is vulnerable to arbitrar ... Read more
-
huntress.com
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit | Huntress
Attackers are actively scanning for vulnerable Microsoft Exchange servers and abusing the latest line of Microsoft Exchange vulnerabilities that were patched earlier this year. Back in March, we saw m ... Read more
-
huntress.com
The Hunt to Find Origins of Kaseya's VSA Mass Ransomware Incident | Huntress
Kaseya has a customer base of roughly 35,000 businesses and organizations. These consist of approximately 17,000 managed service providers, 18,000 direct/VAR customers and a significant number of end ... Read more
-
huntress.com
Critical Vuln.: PrintNightmare Exposes Windows Servers to RCE | Huntress
On June 29, Huntress was made aware of CVE-2021-1675 (now termed CVE-2021-34527), a critical remote code execution and local privilege escalation vulnerability dubbed “PrintNightmare.”Microsoft releas ... Read more
-
shostack.org
Colonial Pipeline, Darkside and Models
Shostack + Associates > Blog > Colonial Pipeline, Darkside and Models Shostack + Friends Blog The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can't delve into all of it ... Read more
-
huntress.com
Rapid Response: Mass Exploitation of On-Prem Exchange Servers | Huntress
UPDATED 14 April:Huntress is aware of the new Microsoft Exchange vulnerabilities disclosed in the Microsoft April Security Update. Our team has yet to detect exploits targeting these new vulnerabiliti ... Read more
-
objective-see.org
CVE-2020–9854: "Unauthd"
CVE-2020–9854: "Unauthd" (three) logic bugs ftw! by: Ilias Morad / August 1, 2020 In this guest blog post, security researcher Ilias Morad aka A2nkF, describes a lovely exploit chain, composed of seve ... Read more
-
objective-see.org
CVE-2020–9934: Bypassing TCC for Unauthorized Access
CVE-2020–9934: Bypassing TCC ...for unauthorized access to sensitive user data! by: Matt Shockley / July 28, 2020 In this guest blog post, security researcher Matt Shockley describes a lovely security ... Read more
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ... Read more