CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
KL-001-2024-012: VICIdial Authenticated Remote Code Execution
Full Disclosure mailing list archives KL-001-2024-012: VICIdial Authenticated Remote Code Execution From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 10 Sep 20 ... Read more
-
seclists.org
KL-001-2024-011: VICIdial Unauthenticated SQL Injection
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 10 Sep 2024 14:28:59 -0500 KL-001-2024-011: VICIdial Unauthenticated SQ ... Read more
-
BleepingComputer
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps admin ... Read more
-
BleepingComputer
Microsoft fixes Windows Smart App Control zero-day exploited since 2018
Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018. On vulnerable systems, threat actors have abused the vulnera ... Read more
-
BleepingComputer
Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws
Today is Microsoft's September 2024 Patch Tuesday, which includes security updates for 79 flaws, including four actively exploited and one publicly disclosed zero-days. This Patch Tuesday fixed seven ... Read more
-
Zero Day Initiative
The September 2024 Security Update Review
We’ve reached September and the pumpkin spice floats in the air. While they aren’t pumpkin-spiced, Microsoft and Adobe have released their latest spicy security patches – including some zesty 0-days. ... Read more
-
The Hacker News
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South Amer ... Read more
-
Cybersecurity News
Ivanti Issues Patch for Critical Vulnerabilities in Endpoint Manager, Including CVE-2024-29847 (CVSS 10.0)
Ivanti has released a series of critical updates for its widely used Ivanti Endpoint Manager (EPM), addressing several vulnerabilities that pose significant security risks to organizations. The most s ... Read more
-
Help Net Security
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploite ... Read more
-
security.nl
Kritiek lek in SonicWall-firewalls gebruikt bij ransomware-aanvallen
Een kritieke kwetsbaarheid in de firewalls van SonicWall wordt gebruikt bij ransomware-aanvallen, zo stellen verschillende securitybedrijven. De kwetsbaarheid (CVE-2024-40766) is aanwezig in de manage ... Read more