Curated Cybersecurity RSS Feeds

CyberSec News: Curated Sources | Latest Trends | Showing last 24h

X

Vulnerability Prioritization & the Magic 8 Ball

Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?

X

6 Simple Steps to Eliminate SOC Analyst Burnout

The current SOC model relies on a scarce resource: human analysts. These professionals are expensive, in high demand, and increasingly difficult to retain. Their work is not only highly technical and high-risk, but also soul-crushingly repetitive, dealing with a constant flood of...

X

Microsoft: BYOD, QR Codes Lead Rampant Education Attacks

The average higher education institution is getting hit once a week now, and as one University of Oregon attack shows, the sector often lacks the resources to keep pace.

X

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide. The flaw, identified as CVE-2024-43047, is a use-after-free vulnerability resulting from memory corruption in the DSP Services while maintaining memory maps of HLOS memo...

X

Critical Vulnerabilities in Palo Alto Networks Expedition Could Expose Firewall Credentials, Patch Available

Critical Vulnerabilities in Palo Alto Networks Expedition Could Expose Firewall Credentials, Patch Available Palo Alto Networks has released patches addressing a set of critical vulnerabilities in its Expedition tool, which, if left unpatched, could lead to severe security risks...

X

Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat.  Given the memory corruption vulnerability, attackers could execute arbitrary cod...

X

Wireshark 4.4.1 Released, What’s new!

Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a host of bug fixes and updates to enhance user experience and functionality. Hosted by the Wireshark Foundation, this tool is indispensable for troubleshooting, analysis, developm...

X

CVE-2024-9466 Flaw in Palo Alto Networks’ Expedition Exposes Sensitive Credentials to Attackers, PoC Published

A recent analysis by security researcher Zach Hanley of Horizon3.ai has uncovered a critical vulnerability, CVE-2024-9466, in Palo Alto Networks’ Expedition tool. This vulnerability, with a CVSS score of 8.2,... The post CVE-2024-9466 Flaw in Palo Alto Networks’ Expedition Expos...

X

CVE-2024-47223 (CVSS 9.4): SQLi Flaw in Mitel MiCollab Poses Severe Risk to Enterprises

Mitel, a global leader in business communications, has issued a critical security advisory concerning a high-severity SQL injection vulnerability in its MiCollab software, specifically affecting the Audio, Web, and Video... The post CVE-2024-47223 (CVSS 9.4): SQLi Flaw in Mitel...

X

Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access

VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access. The vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, affect both VMware NSX and VMware Cloud Foundation. According t...