CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Trend Micro
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
Exploits & Vulnerabilities A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. Summary The critical vu ... Read more
-
Trend Micro
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
Exploits & Vulnerabilities A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. Summary The critical vu ... Read more
-
seclists.org
Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication
Full Disclosure mailing list archives Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication From: "J. Hellenthal via Fulldisclosure" <fulldisclosure () seclists o ... Read more
-
The Cyber Express
Versa Director Zero-Day Attack: A Non-Critical Vulnerability with Low Exposure Can Still Be Trouble
A zero-day vulnerability in Versa Director servers is proof that a vulnerability doesn’t require a critical severity rating and thousands of exposures to do significant damage. CVE-2024-39717, announc ... Read more
-
Dark Reading
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses
Source: Ascannio via Alamy Stock PhotoA security researcher named "Ynwarcs" has published analysis of a proof-of-concept exploit code for a critical zero-click vulnerability in Windows TCP/IP.The vuln ... Read more
-
The Register
Intel's Software Guard Extensions broken? Don't panic
Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated. The issue, highlighted by Positive Technologies Russian researcher Mark Ermolov, would giv ... Read more
-
The Register
Volt Typhoon suspected of exploiting Versa SD-WAN bug since June
update It looks like China's Volt Typhoon has found a new way into American networks as Versa has disclosed a nation-state backed attacker has exploited a high-severity bug affecting all of its SD-WAN ... Read more
-
BleepingComputer
Windows Downdate tool lets you 'unpatch' Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, an ... Read more
-
The Hacker News
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Cyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate ... Read more
-
Cybersecurity News
CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available
Image: securelayer7The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterp ... Read more