CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
WikiLoader Malware Evolves with SEO Poisoning, Targets GlobalProtect Users
A cloned GlobalProtect page that directs users to download spoofed GlobalProtect installers | Image: Unit 42Please enable JavaScriptIn a recent investigation, the Unit 42 Managed Threat Hunting (MTH) ... Read more
-
Kaspersky
Head Mare: adventures of a unicorn in Russia and Belarus
Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter)[1]. In their public posts, the attackers reveal information about some of their victims, ... Read more
-
tripwire.com
Tripwire Patch Priority Index for August 2024
Tripwire's August 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Adobe and Google.First on the list are patches for Microsoft Edge and Google Chromium that re ... Read more
-
Cybersecurity News
CVE-2024-43044: Critical Jenkins Vulnerability Exposes Servers to RCE, PoC Exploit Published
A security researcher from Conviso Labs published the technical details and a proof-of-concept (PoC) exploit for a critical CVE-2024-43044 vulnerability in Jenkin.Jenkins is integral to many developme ... Read more
-
Cybersecurity News
CVE-2024-45488: Flaw in Safeguard for Privileged Passwords Enables Unauthorized Access
In a recent security bulletin, a critical vulnerability has been identified in One Identity’s Safeguard for Privileged Passwords, a key solution designed to protect and manage privileged credentials w ... Read more
-
Cybersecurity News
Proof-of-Concept Exploit Released for WhatsUp Gold Authentication Bypass (CVE-2024-6670)
Researcher Sina Kheirkhah of the Summoning Team has published the technical details and a proof-of-concept (PoC) exploit for a critical vulnerability, identified as CVE-2024-6670, affecting Progress S ... Read more
-
Cybersecurity News
AISURU Botnet Identified in Massive DDoS Attack on Steam
A massive, coordinated DDoS attack disrupted Steam services globally and the Perfect World Esports platform in China on the weekend of August 24-26, coinciding with the launch of the highly anticipate ... Read more
-
InfoSec Write-ups
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855
Recently, during a routine security assessment, I uncovered a significant flaw in the Deep Sea Electronics DSE855 device. This vulnerability, identified as CVE-2024–5947, pertains to an authentication ... Read more
-
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program
A few months ago, during one of my late-night bug bounty hunting sessions, I stumbled upon a critical vulnerability that could lead to a full server takeover. The target was a well-known program, and ... Read more
-
Darktrace
What you need to know about FAA Security Protection Regulations 2024
Cyber attacks on internet-facing systemsIn the first half of 2024, the Darktrace Threat Research team observed multiple campaigns of threat actors targeting vulnerabilities in internet-facing systems, ... Read more