CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
huntress.com
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit | Huntress
Attackers are actively scanning for vulnerable Microsoft Exchange servers and abusing the latest line of Microsoft Exchange vulnerabilities that were patched earlier this year. Back in March, we saw m ...
-
huntress.com
The Hunt to Find Origins of Kaseya's VSA Mass Ransomware Incident | Huntress
Kaseya has a customer base of roughly 35,000 businesses and organizations. These consist of approximately 17,000 managed service providers, 18,000 direct/VAR customers and a significant number of end ...
-
huntress.com
Critical Vuln.: PrintNightmare Exposes Windows Servers to RCE | Huntress
On June 29, Huntress was made aware of CVE-2021-1675 (now termed CVE-2021-34527), a critical remote code execution and local privilege escalation vulnerability dubbed “PrintNightmare.”Microsoft releas ...
-
shostack.org
Colonial Pipeline, Darkside and Models
Shostack + Associates > Blog > Colonial Pipeline, Darkside and Models Shostack + Friends Blog The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can't delve into all of it ...
-
huntress.com
Rapid Response: Mass Exploitation of On-Prem Exchange Servers | Huntress
UPDATED 14 April:Huntress is aware of the new Microsoft Exchange vulnerabilities disclosed in the Microsoft April Security Update. Our team has yet to detect exploits targeting these new vulnerabiliti ...
-
objective-see.org
CVE-2020–9854: "Unauthd"
CVE-2020–9854: "Unauthd" (three) logic bugs ftw! by: Ilias Morad / August 1, 2020 In this guest blog post, security researcher Ilias Morad aka A2nkF, describes a lovely exploit chain, composed of seve ...
-
objective-see.org
CVE-2020–9934: Bypassing TCC for Unauthorized Access
CVE-2020–9934: Bypassing TCC ...for unauthorized access to sensitive user data! by: Matt Shockley / July 28, 2020 In this guest blog post, security researcher Matt Shockley describes a lovely security ...
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ...
-
blogspot.com
If You Can't Patch Your Email Server, You Should Not Be Running It
CVE-2020-0688 Scan Results, per Rapid7 tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It." I read a disturbing story today with the following new ...
-
huntress.com
Validating the SolarWinds N-central “Dumpster Diver” Vulnerability
Update 1/26/2020: MITRE assigned CVE-2020–7984 for this vulnerability.Update 12:55pm 1/24/2020: SolarWinds has released two hotfixes for the vulnerabilities! You can find these fixes on their support ...