CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Versa Director Zero-Day Attack: A Non-Critical Vulnerability with Low Exposure Can Still Be Trouble
A zero-day vulnerability in Versa Director servers is proof that a vulnerability doesn’t require a critical severity rating and thousands of exposures to do significant damage. CVE-2024-39717, announc ... Read more
-
Dark Reading
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
Source: Ascannio via Alamy Stock PhotoA security researcher named "Ynwarcs" has published analysis of a proof-of-concept exploit code for a critical zero-click vulnerability in Windows TCP/IP.The vuln ... Read more
-
The Register
Intel's Software Guard Extensions broken? Don't panic
Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated. The issue, highlighted by Positive Technologies Russian researcher Mark Ermolov, would giv ... Read more
-
The Register
Volt Typhoon suspected of exploiting Versa SD-WAN bug since June
update It looks like China's Volt Typhoon has found a new way into American networks as Versa has disclosed a nation-state backed attacker has exploited a high-severity bug affecting all of its SD-WAN ... Read more
-
BleepingComputer
Windows Downdate tool lets you 'unpatch' Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, an ... Read more
-
The Hacker News
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Cyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate ... Read more
-
Cybersecurity News
CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available
Image: securelayer7The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterp ... Read more
-
Help Net Security
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem ... Read more
-
Cybersecurity News
Chinese Hackers Deploy VersaMem Web Shell via Versa Director Zero-Day (CVE-2024-39717)
Overview of the Versa Director exploitation process and the VersaMem web shell functionalityBlack Lotus Labs, a threat intelligence team within Lumen Technologies, has uncovered the active exploitatio ... Read more
-
security.nl
Providers besmet met malware die inloggegevens van klanten steelt
Internetproviders en managed serviceproviders zijn sinds juni het doelwit van aanvallen waarbij een kwetsbaarheid in Versa Director wordt gebruikt om malware te installeren waarmee inloggegevens van k ... Read more