Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Cybercriminals Exploit DocuSign API to Send Convincing Phishing Invoices at Scale
Use of DocuSign's official templates, complete with legitimate branding | Image: WallarmIn a sophisticated twist on phishing, cybercriminals are now leveraging DocuSign’s API to send fraudulent invoic ... Read more
-
Cybersecurity News
New Privilege Escalation Vulnerability in Veritas NetBackup on Windows: Update Required to Mitigate Risks
Veritas has issued a security advisory addressing a significant privilege escalation vulnerability impacting its NetBackup software on Windows systems. This vulnerability, which affects NetBackup’s pr ... Read more
-
BleepingComputer
Cisco bug lets hackers run commands as root on UWRB access points
Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivit ... Read more
-
BleepingComputer
New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. T ... Read more
-
Cybersecurity News
CVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover
In a critical security advisory, Cisco has disclosed a command injection vulnerability in its Unified Industrial Wireless Software used for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. ... Read more
-
The Cyber Express
Google Addresses Two Android Zero-Days Used in Targeted Attacks
In its November security update, Google has patched two critical Android zero-days actively exploited in targeted attacks, along with 49 additional vulnerabilities. Google flagged these zero-day flaws ... Read more
-
security.nl
Duizenden toegangssystemen Linear eMerge E3 via kritiek lek over te nemen
Duizenden systemen waarmee organisaties de toegang tot gebouwen beheren zijn door middel van een kritieke kwetsbaarheid op afstand door een ongeauthenticeerde aanvaller over te nemen. De fabrikant wer ... Read more
-
Kaspersky
New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency
Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox”. Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows servi ... Read more
-
The Register
China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks
Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators. The digital brea ... Read more
-
Cybersecurity News
PoC Exploit Releases for Critical Symlink Flaw in Apple’s iOS – CVE-2024-44258
In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled dae ... Read more