Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Specula Tool Leveraging Registry to Turn Outlook Into a C2 Server
Specula tool utilizes a Registry to turn Microsoft Outlook Into a C2 Server capable of executing arbitrary commands. Fundamentally, Specula is a C2 framework that uses the Outlook home page feature. ... Read more
-
TheCyberThrone
Apache OfBiz Vulnerability CVE-2024-32113 Exploited in wild
Security researchers have observed up ticking reconnaissance attempts for the CVE-2024-32113 vulnerability in Apache OFBiz. The vulnerability, described as a path traversal issue, poses significant ri ... Read more
-
AttackIQ
Emulating the Politically Motivated North Korean Adversary Andariel – Part 2
On December 11, 2023, Cisco Talos reported the discovery of an activity led by Andariel, a North Korean state-sponsored known to be a subgroup of the notorious Lazarus group, which employed three new ... Read more
-
Zero Day Initiative
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
The number of vulnerabilities that we see through the program provides significant insight into the attack surfaces of each product that we purchase bugs in. These submissions sometimes reveal not onl ... Read more
-
Cyber Security News
20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation
Microsoft has issued a significant security alert regarding a vulnerability in VMware ESXi hypervisors, which ransomware operators have actively exploited. According to the Shadowserver Foundation, th ... Read more
-
Dark Reading
Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research
Source: Yuri Arcurs via Alamy Stock PhotoResearchers have discovered three cross-site scripting (XSS) vulnerabilities in Research Electronic Data Capture (REDCap), a Web application developed by Vande ... Read more
-
SentinelOne
More From Our Main Blog: Singularity Cloud Native Security | Eliminate False Positives and Focus On What Matters
Over the past few years, cloud computing has emerged as the de facto infrastructure of choice for the majority of new digital workloads created by organizations. The ease of use, scalability, and dive ... Read more
-
SentinelOne
More From Our Main Blog: Singularity Cloud Native Security | Eliminate False Positives and Focus On What Matters
Over the past few years, cloud computing has emerged as the de facto infrastructure of choice for the majority of new digital workloads created by organizations. The ease of use, scalability, and dive ... Read more
-
Cyber Security News
Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable
A critical vulnerability in GeoServer, an open-source Java-based software server, has put thousands of servers at risk. The flaw, CVE-2024-36401, allows unauthenticated users to execute remote code, p ... Read more
-
TheCyberThrone
Google fixes critical vulnerability CVE-2024-6990 in Chrome
Google has released the latest security update for its Chrome browser, addressing several critical vulnerabilities.The latest advisory includes three significant security fixes, two classified as high ... Read more