CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Trend Micro
The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409
Introduction CVE-2024–6387, also known as “regreSSHion,” is a vulnerability that exists in OpenSSH, a widely-used suite of secure networking utilities based on the SSH protocol. This vulnerability, wh ...
-
huntress.com
MFT Exploitation and Adversary Operations | Huntress
Threat actors of varying types continue to target managed file transfer (MFT) applications for exploitation. The latest concerning MFT vulnerability was identified by Converge Technology Solutions, or ...
-
Kaspersky
Zero-day vulnerability in Internet Explorer | Kaspersky official blog
As part of its latest Patch Tuesday, Microsoft has released patches for 142 vulnerabilities. Among them were four zero-day vulnerabilities. While two of them were already publicly known, the other two ...
-
Zero Day Initiative
Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD
On patch Tuesday last week, Microsoft released an update for CVE-2024-38112, which they said was being exploited in the wild. We at the Trend Micro Zero Day Initiative (ZDI) agree with them because th ...
-
Trend Micro
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
Exploits & Vulnerabilities Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer usin ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 28
The Good | Feds Dismantle Major GenAI-Based Bot Farm Spreading Pro-Russian DisInformation Campaigns In a joint international operation led by the FBI, law enforcement have seized two domain names and ...
-
AttackIQ
Emulating the Long-Term Extortionist Nefilim Ransomware
Nefilim is a Ransomware-as-a-Service (RaaS) operation that emerged in March 2020 and is believed to have evolved from the Nemty ransomware family. This attribution is due to the fact that Nefilim aros ...
-
The Cloudflare Blog
Application Security report: 2024 update
2024-07-1111 min readThis post is also available in 简体中文, 繁體中文, 日本語, 한국어, Deutsch, Español and Français. Over the last twelve months, the Internet security landscape has changed dramatically. Geopolit ...
-
seclists.org
CVE-2024-33326
Full Disclosure mailing list archives From: Rodolfo Tavares via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 9 Jul 2024 16:59:14 -0300 =====[ Tempest Security Intelligence - ADV-6/2024 ] ...
-
seclists.org
CVE-2024-33327
Full Disclosure mailing list archives From: Rodolfo Tavares via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 9 Jul 2024 16:57:54 -0300 =====[ Tempest Security Intelligence - ADV-6/2024 ] ...