Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Law enforcement agencies in Africa arrested as part of 'Operation Serengeti' more than a thousand individuals suspected of being involved in major cybercriminal activities that caused close to $193 million in financial losses all over the world. [...]
November 27th, 2024 (5 months ago)
|
|
|
Description: Want the best VPN with a 74% discount? The NordVPN Black Friday deal is live and runs until December 10. This is the perfect chance to lock in a 2-year plan for the low cost of $2.99 per month, with an extra 3 months for free. [...]
November 27th, 2024 (5 months ago)
|
|
|
Description: A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. [...]
November 27th, 2024 (5 months ago)
|
|
|
Description: Black Friday 2024 is almost here, and great deals are already live in computer security, software, online courses, system admin services, antivirus, and VPN software. These promotions offer deep discounts from various companies and are only available for a limited time. [...]
November 27th, 2024 (5 months ago)
|
|
|
Description: An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. [...]
November 27th, 2024 (5 months ago)
|
|
|
Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.
The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
November 27th, 2024 (5 months ago)
|
|
|
Description: The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.
Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed
November 27th, 2024 (5 months ago)
|
|
|
Description: The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.
"In a successful attack, if a victim browses a web page containing the exploit, an adversary can run arbitrary code – without any user
November 27th, 2024 (5 months ago)
|
|
|
Description: When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel - a free vulnerability intelligence platform designed to help you act fast and prioritize real threats.
What is Intel?
Intel was created to fill a gap in the resources available for tracking emerging
November 27th, 2024 (5 months ago)
|
|
|
Description: Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution.
The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions
November 27th, 2024 (5 months ago)
|