Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: In 2024, data relating to an unknown service referred to as "Hopamedia" and dating back to 2020 appeared in a publicly exposed database. The data included almost 24M records of email address, name, phone number, the country of the individual and their telecommunications carrier.
December 18th, 2024 (4 months ago)
|
CVE-2024-45337 |
Description: A security issue was identified in the NanoProxy project related to the golang.org/x/crypto dependency. The project was using an outdated version of this dependency, which potentially exposed the system to security vulnerabilities that have been addressed in subsequent updates.
Impact:
The specific vulnerabilities in the outdated version of golang.org/x/crypto could include authorization bypasses, data breaches, or other security risks. These vulnerabilities can be exploited by attackers to compromise the integrity, confidentiality, or availability of the system.
Resolution:
The issue has been fixed in NanoProxy by upgrading the golang.org/x/crypto dependency to version 0.31.0. Users are strongly encouraged to update their instances of NanoProxy to include this fix and ensure they are using the latest secure version of all dependencies.
Fixed Version:
golang.org/x/crypto upgraded to version 0.31.0.
References
https://github.com/ryanbekhen/nanoproxy/security/advisories/GHSA-7prj-hgx4-2xc3
https://nvd.nist.gov/vuln/detail/CVE-2024-45337
https://github.com/advisories/GHSA-7prj-hgx4-2xc3
EPSS Score: 0.05%
December 12th, 2024 (4 months ago)
|
|
|
Description: US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]
December 12th, 2024 (4 months ago)
|
|
|
Description: Threat actors punch holes in the company's online ordering systems, tripping up doughnut deliveries across the US after a late November breach.
December 11th, 2024 (4 months ago)
|
|
|
Description: The Romanian National Cybersecurity Directorate (DNSC) says the Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. [...]
December 11th, 2024 (4 months ago)
|
|
|
Description: High-profile security incidents provide examples of how common vulnerabilities can be exploited. If you pay attention, you can learn from others' mistakes.
December 11th, 2024 (4 months ago)
|
|
|
Description: Hackers are constantly evolving, and so too should our security protocols.
December 11th, 2024 (4 months ago)
|
|
|
Description: U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. [...]
December 10th, 2024 (4 months ago)
|
|
|
Description: Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...]
December 10th, 2024 (4 months ago)
|
|
|
Description: Radiant Capital now says that North Korean threat actors are behind the $50 million cryptocurrency heist that occurred after hackers breached its systems in an October 16 cyberattack. [...]
December 9th, 2024 (4 months ago)
|