• Cybersecurity News

A new report from Trend Micro has revealed that Earth Preta, the notorious cyber espionage group, has significantly evolved its tactics and malware arsenal, posing a heightened threat to government en ... Read more

• Cybersecurity News

The popular open-source content management system (CMS), SPIP, is facing a critical security vulnerability that could allow unauthenticated attackers to execute malicious code on affected servers. The ... Read more

• Cybersecurity News

In the latest security advisory, HAProxy revealed that CVE-2024-45506, a vulnerability in its popular load balancing and proxy software, is now actively exploited. The vulnerability, which has a CVSS ... Read more

• europa.eu

Cyber Brief (August 2024)September 4, 2024 - Version: 1.0TLP:CLEARExecutive summaryWe analysed 249 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, th ... Read more

• Cybersecurity News

Security researcher Zeyad Azima from SecureLayer7 published the proof-of-concept exploit for arbitrary file write vulnerability (CVE-2024-22263) in Spring Cloud Data Flow, a widely-used tool for cloud ... Read more

• Cybersecurity News

Image: Horizon3Please enable JavaScriptTwo critical vulnerabilities have been discovered in the popular GPS tracking system Traccar, which is used for both personal and corporate applications. The vul ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day v ... Read more

• Cybersecurity News

Credential harvester prompt spawned by `AntiSpam.exe | Image: Rapid7 Recently, cybersecurity firm Rapid7 identified a series of sophisticated intrusion attempts linked to an ongoing social engineering ... Read more

• security.nl

Tijdens de patchdinsdag van augustus heeft Microsoft zes kwetsbaarheden in Office en Windows verholpen die actief zijn misbruikt voordat de updates beschikbaar waren. Drie van de beveiligingslekken ma ... Read more

• The Cyber Express

Microsoft has released its August 2024 Patch Tuesday update, addressing multiple vulnerabilities across its software ecosystem. This month’s update features fixes for a total of 90 vulnerabilities, in ... Read more

• The Hacker News

Windows Security / Vulnerability Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of th ... Read more

• TheCyberThrone

Microsoft patched 90 CVEs in its August 2024 Patch Tuesday release, with seven rated critical, 82 rated as important, and one rated as moderate.This includes updates for vulnerabilities in Microsoft O ... Read more

• Cybersecurity News

Microsoft’s August 2024 Patch Tuesday release addresses 88 vulnerabilities, including seven critical flaws and 10 zero-day vulnerabilities. Among these, six are currently being actively exploited in t ... Read more

• The Register

Patch Tuesday Microsoft has disclosed 90 flaws in its products – six of which have already been exploited – and four others that are listed as publicly known. There's another dozen in the list from th ... Read more

• Help Net Security

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under ... Read more

• TheCyberThrone

The FreeBSD Project disclosed a critical vulnerability in OpenSSH, could allow a determined attacker to execute arbitrary code remotely with root privileges, potentially compromising the entire system ... Read more

• Help Net Security

A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and req ... Read more

• security.nl

Microsoft waarschuwt voor een spoofing-kwetsbaarheid in Microsoft Office 2016, 2019, LTSC 2021 en Microsoft 365 Apps for Enterprise waardoor een aanvaller NTLM-hashes van gebruikers kan stelen. Een be ... Read more

• Cybersecurity News

In a recent advisory published on August 8th, Microsoft disclosed a high-severity zero-day vulnerability affecting multiple versions of its Office software suite. The vulnerability tracked as CVE-2024 ... Read more

• TheCyberThrone

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 10, 2024.Google Fixes Android Zero ... Read more

• TheCyberThrone

Researchers have published a report on an older vulnerability in AMD processors that could potentially allow an attacker to disable critical memory protections in the Ryzen and Epyc CPU lines, potenti ... Read more

• Cyber Security News

Microsoft has disclosed a significant security vulnerability in its Office suite, identified as CVE-2024-38200, which could potentially allow attackers to access sensitive information. This spoofing v ... Read more

• TheCyberThrone

Microsoft has disclosed the details of an unpatched zero-day in office that could result in unauthorized disclosure of sensitive information to malicious actors.The vulnerability, tracked as CVE-2024- ... Read more

• The Hacker News

Vulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicio ... Read more

• BleepingComputer

​Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. Tracked as CVE-2024-38200, this security flaw is caused by an infor ... Read more

• BleepingComputer

Update with further information from Microsoft.​ Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-382 ... Read more