CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Intel's Software Guard Extensions broken? Don't panic
Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated. The issue, highlighted by Positive Technologies Russian researcher Mark Ermolov, would giv ...
-
The Register
Volt Typhoon suspected of exploiting Versa SD-WAN bug since June
update It looks like China's Volt Typhoon has found a new way into American networks as Versa has disclosed a nation-state backed attacker has exploited a high-severity bug affecting all of its SD-WAN ...
-
BleepingComputer
Windows Downdate tool lets you 'unpatch' Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, an ...
-
The Hacker News
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Cyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate ...
-
Cybersecurity News
CISA Warns of Actively Exploited Apache OFBiz CVE-2024-38856 Vulnerability, PoC Available
Image: securelayer7The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited security flaw in Apache OFBiz, a popular open-source enterp ...
-
Help Net Security
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem ...
-
Cybersecurity News
Chinese Hackers Deploy VersaMem Web Shell via Versa Director Zero-Day (CVE-2024-39717)
Overview of the Versa Director exploitation process and the VersaMem web shell functionalityBlack Lotus Labs, a threat intelligence team within Lumen Technologies, has uncovered the active exploitatio ...
-
security.nl
Providers besmet met malware die inloggegevens van klanten steelt
Internetproviders en managed serviceproviders zijn sinds juni het doelwit van aanvallen waarbij een kwetsbaarheid in Versa Director wordt gebruikt om malware te installeren waarmee inloggegevens van k ...
-
krebsonsecurity.com
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typho ...
-
Ars Technica
Hackers infect ISPs with malware that steals customers’ credentials
"HIGHLY SIGNIFICANT" — Zero-day that was exploited since June to infect ISPs finally gets fixed. Getty Images Malicious hackers likely working on behalf of the Chinese government have been exploiti ...