Daily Live Feed

Palo Alto Networks has issued critical advisories regarding two actively exploited vulnerabilities in their PAN-OS software, posing significant risks to organizations relying on the platform for network security. These flaws,... The post CVE-2024-0012 and CVE-2024-9474: Actively Exploited Vulnerabilities Impact Palo Alto Networks PAN-OS appeared first on Cybersecurity News. Read more »

You need to be logged in to view this content. Please Log In. Not a Member? Join Us The post CVE Alert on November 18th, 2024 appeared first on Cybersecurity News. Read more »

In the fast-evolving landscape of cybersecurity, staying ahead of vulnerabilities has become a daily struggle for website and network administrators. With thousands of new vulnerabilities reported every day, even the... The post SecurityOnline.info Launches CVE Alert: A Vulnerability Notification Service for Enhanced Cybersecurity Posture appeared first on Cybersecurity News. Read more »

Trend Micro researchers have unveiled the operations of a sophisticated botnet, dubbed “Water Barghest.” By October 2024, this threat actor had compromised over 20,000 IoT devices, leveraging them to establish... The post “Water Barghest” Botnet Hijacks 20,000 IoT Devices for Profit appeared first on Cybersecurity News. Read more »

Two vulnerabilities in Citrix’s “Virtual Apps and Desktops” remote access solution, CVE-2024-8068 and CVE-2024-8069, are actively being exploited in the wild, according to a report from Johannes B. Ullrich, Ph.D.,... The post Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited appeared first on Cybersecurity News. Read more »

In the world of cybersecurity, penetration testers and red teams need sophisticated tools to assess and improve an organization’s security posture. One such tool gaining traction is Shadow Dumper, an... The post Introducing Shadow Dumper: A Powerful Tool for LSASS Memory Extraction appeared first on Cybersecurity News. Read more »

Security researcher Sina Kheirkhah from watchTowr recently published technical details and a proof-of-concept (PoC) exploit for a critical zero-day vulnerability, dubbed “FortiJump” (CVE-2024-47575). With a CVSS score of 9.8, this... The post PoC Exploit Releases for Zero-Day CVE-2024-47575 Flaw in Fortinet FortiManager appeared first on Cybersecurity News. Read more »

In a comprehensive analysis released by Check Point Research (CPR), the WezRat infostealer has been identified as a sophisticated tool in the arsenal of the Iranian cyber group Emennet Pasargad,... The post WezRat: The Modular Infostealer Weaponized by Iranian Cyber Group Emennet Pasargad appeared first on Cybersecurity News. Read more »

Sonatype has issued two security advisories for its Nexus Repository Manager 2.x, a popular repository manager used by organizations worldwide to store and distribute software artifacts, warning users of two... The post Sonatype Nexus Repository 2 Hit By RCE (CVE-2024-5082) and XSS (CVE-2024-5083) Flaws appeared first on Cybersecurity News. Read more »

In October 2024, Huntress analysts uncovered a previously unreported ransomware strain, dubbed SafePay, deployed across two distinct incidents. This ransomware has unique characteristics, including the use of .safepay as the... The post SafePay Ransomware: A New Threat with Sophisticated Techniques appeared first on Cybersecurity News. Read more »