Cisco fixes critical ‘DNA’ software flaws

IT giant Cisco this week released patches for three critical vulnerabilities in its enterprise networking software, two of which could allow an attacker to bypass authentication measures and access data deep into the network. The affected software, known as the Digital Network Architecture (DNA) Center, serves as a hub for configuring devices across an IT network, allowing administrators to track networking flaws. Each of the vulnerabilities is fixed in more recent versions of the software. One of the vulnerabilities stems from an insecure configuration of a DNA Center management system, Cisco said in an advisory. An attacker with the ability to access the management system’s service port “could execute commands with elevated privileges within provisioned containers,” the company said, potentially resulting in the complete compromise of a container. The San Jose, California-based company said it found two of the three software bugs in internal testing (the third was discovered in […]

The post Cisco fixes critical ‘DNA’ software flaws appeared first on Cyberscoop.

Continue reading Cisco fixes critical ‘DNA’ software flaws

Tech Brief: Leveraging your network to fortify cybersecurity

Enterprise CIOs and CISOs face a constant barrage of challenges, often leaving them little choice but to rely on best-of-breed products to shore up their organization’s cybersecurity posture. In today’s fast-changing threat landscape, however, that can be a dangerous gamble. Whether you’re trying to modernize your IT, lower your operating costs or improve cybersecurity, how you build your network is often the determining factor in whether you succeed or fail. A new CyberScoop Tech Brief, sponsored by Cisco, explores how taking advantage of modern, sensor-aware servers, switches, routers and security devices not only enables a holistic cybersecurity strategy, but also lowers operating costs and improves performance. Realizing the potential modernization and cybersecurity improvements promised by the passage of the Modernizing Government Technology (MGT) Act calls for agencies and commercial enterprises alike to recognize that the key place to start is with the network. Strategically enabling the security features of existing […]

The post Tech Brief: Leveraging your network to fortify cybersecurity appeared first on Cyberscoop.

Continue reading Tech Brief: Leveraging your network to fortify cybersecurity