CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
huntress.com
Rapid Response: Mass Exploitation of On-Prem Exchange Servers | Huntress
UPDATED 14 April:Huntress is aware of the new Microsoft Exchange vulnerabilities disclosed in the Microsoft April Security Update. Our team has yet to detect exploits targeting these new vulnerabiliti ...
-
objective-see.org
CVE-2020–9854: "Unauthd"
CVE-2020–9854: "Unauthd" (three) logic bugs ftw! by: Ilias Morad / August 1, 2020 In this guest blog post, security researcher Ilias Morad aka A2nkF, describes a lovely exploit chain, composed of seve ...
-
objective-see.org
CVE-2020–9934: Bypassing TCC for Unauthorized Access
CVE-2020–9934: Bypassing TCC ...for unauthorized access to sensitive user data! by: Matt Shockley / July 28, 2020 In this guest blog post, security researcher Matt Shockley describes a lovely security ...
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ...
-
blogspot.com
If You Can't Patch Your Email Server, You Should Not Be Running It
CVE-2020-0688 Scan Results, per Rapid7 tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It." I read a disturbing story today with the following new ...
-
huntress.com
Validating the SolarWinds N-central “Dumpster Diver” Vulnerability
Update 1/26/2020: MITRE assigned CVE-2020–7984 for this vulnerability.Update 12:55pm 1/24/2020: SolarWinds has released two hotfixes for the vulnerabilities! You can find these fixes on their support ...
-
huntress.com
Validating the Bishop Fox Findings in ConnectWise Control | Huntress
In computer security, responsible disclosure is a vulnerability disclosure model in which an issue is publicly disclosed only after a period of time that allows for the affected party to patch/resolve ...
-
huntress.com
Keeping up with BlueKeep
Remote Desktop Services (RDS) benefit employees and IT administrators alike. With employees often working from anywhere, remote desktop reduces the physical burden of carrying a work laptop home 🏠. It ...
-
Comae Technologies
How to Solve the Blindspots of Event-Driven Detection
A while back, I discussed how memory could be used as an ultimate form of the log as long as the analysis workflow and process is smooth.This blog post will start by explaining the blind spots created ...
-
carnal0wnage.com
Jenkins - CVE-2018-1000600 PoC
second exploit from the blog post https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.html Chained with CVE-2018-1000600 to a Pre-auth Fully-responded SSRF https://jenkins. ...