Collaborate Disseminate
A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. Continue reading Cisco Patches Critical Flaw After PoC Exploit Code Release
A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. Continue reading Cisco Patches Critical Flaw After PoC Exploit Code Release
Windows MSI files provide an opening for attackers even though the bug was mostly patched in July. Continue reading Known Citrix Workspace Bug Open to New Attack
Unidentified hackers are trying to exploit critical vulnerabilities in router software made by Cisco while the networking giant scrambles to address the issues. The bugs, which Cisco revealed Saturday, could allow an attacker to remotely break into a device running the software and exhaust the memory on the device. That, in turn, could destabilize “interior and exterior routing protocols” on an affected network, Cisco said in an advisory. It’s unclear when a patch will be ready; “as soon as possible” is all a Cisco spokesperson would say. The company made recommendations for mitigating the vulnerability until a patch is available. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency encouraged users to check for “indicators of compromise’ or signs of malicious cyber activity. It’s unclear who is attempting to exploit the vulnerability. With the advisory out, cybersecurity incident responders will be watching for any additional hacking. Justin Elze, a […]
The post Cisco says it will issue patch ‘as soon as possible’ for bugs hackers are trying to exploit appeared first on CyberScoop.
A default password would let anyone access the Cisco Smart Software Manager On-Prem Base platform, even if it’s not directly connected to the internet. Continue reading Critical Cisco Bug Opens Software Licencing Manager to Remote Attack
Researchers from an enterprise firmware security startup have found an issue with a key component in various Supermicro motherboards that could allow attackers to remotely access some of an organization’s most valuable assets. Issues in the baseboard management controllers of Supermicro’s X9, X10 and X11 platforms that could allow an attacker to easily connect to a server and mount a virtual disk drive to the BMC, according to researchers from Eclypsium. After mounting a drive, an attacker could modify a server, implant malware, or even disable the device entirely. “Threats operating at this level can easily subvert traditional security measures and put the device and the integrity of all its data at risk,” Eclypsium notes in its research, which was released Tuesday. “As such, organizations should begin to treat these layers of security with the attention that it deserves.” The BMC is a processor that measures the physical state of a […]
The post Supermicro BMCs were susceptible to remote attacks, according to firmware security startup appeared first on CyberScoop.
Cisco Systems has issued two critical advisories addressing flaws in its 900 Series Routers and its Cisco Prime Home server. Continue reading Cisco Patches Critical Bugs in 900 Series Routers, Prime Home Server
Researchers were able to remotely brake Tesla model cars as well as freeze control panels and open the rear hatch while driving. Continue reading Tesla Fixes Critical Remote Hack Vulnerability