CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches Released For DHCP Server Service Remote Code Execution (CVE-2023-28231)
April 2023 Windows Updates brought a fix for CVE-2023-28231, a remote code execution vulnerability in DHCP Server service. The vulnerability was reported to Microsoft by security researcher YanZiShuan ...
-
curatedintel.org
CL0P likes to MOVEit MOVEit
CL0P likes to MOVEit MOVEit BackgroundFor the last couple of years, the threat actors associated with the CL0P ransomware group have occasionally ditched encryption in favour of exploiting file transf ...
-
huntress.com
Calm In The Storm: Reviewing Volt Typhoon
Network owners, operators and defenders find themselves in an increasingly contentious and hostile space, with entities ranging from opportunistic criminal elements to state-directed organizations eng ...
-
huntress.com
Critical Vulnerabilities in PaperCut Print Management Software | Huntress
Our team is tracking in-the-wild exploitation of zero-day vulnerabilities against PaperCut MF/NG which allow for unauthenticated remote code execution due to an authentication bypass.UPDATE #1 - 4/25/ ...
-
shostack.org
Reflecting on Threats: The Frame
Shostack + Associates > Blog > Reflecting on Threats: The Frame Shostack + Friends Blog Now that the Threats book is out and the first reviews are in (thank you!), I want to talk more about the frame ...
-
shostack.org
Application Security Roundup - March
Shostack + Associates > Blog > Application Security Roundup - March Shostack + Friends Blog The March appsec roundup includes few tools, some thoughts on injection, some standards, and some of my own ...
-
huntress.com
Everything We Know About CVE-2023-23397 | Huntress
Huntress has been tracking CVE-2023-23397, a critical vulnerability/0-day that impacts Microsoft Outlook. Unlike other exploits we’ve seen in the past, this exploit is particularly dangerous because n ...
-
huntress.com
Veeam Backup & Replication CVE-2023-27532 Response | Huntress
UPDATE 03/13/2023 2252 ET: After taking further inventory of our partner's Veeam service binary details to review the version number, we uncovered many more unpatched and vulnerable hosts. We are send ...
-
huntress.com
Investigating Intrusions From Intriguing Exploits
SummaryOn 02 February 2023, an alert triggered in a Huntress-protected environment. At first glance, the alert itself was fairly generic - a combination of certutil using the urlcache flag to retrieve ...
-
huntress.com
OWASSRF Explained: Analyzing the Microsoft Exchange RCE Vulnerability | Huntress
We simply couldn’t end the year 2022 on a calm note—hackers made sure of that with their latest Microsoft Exchange exploit. On December 22, Huntress observed a significant increase in malicious PowerS ...