Cyber Security Newsfeeds from around the world
Do you ever feel that the web is breaking? When shopping online for a toaster, you can expect an ad for that thing to stalk you from site to site. If you have just a few web browser tabs open, your laptop battery drains rapidly. And don’t get me starte…
Continue Reading. Hackers are using the infrastructure, meant to transmit data between applications, for command and control. The security tools and strategies financial services organizations use to protect their data could be leveraged by cybercriminals who sneak in…
Continue ReadingToday increasingly sophisticated cyber attacks are crafted, honed, and improved by shady groups of hackers, often using custom tools that are directed at high value people, businesses, or even countries. From daring cyber heists that cause cash machine…
Continue ReadingA vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker co…
Continue ReadingA vulnerability in the process of uploading new application images to the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to…
Continue ReadingA vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid user session identifier. The vulnerability exists bec…
Continue ReadingA vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affect…
Continue Reading#1218588: Android’s MysteryBot Found to be a Combination of Several Malware. BRI comment: both LokiBot, as well as MysteryBot, were found to be running on the very same C&C server. Android’s MysteryBot Found to be a Combination of Several Malware Andro…
Continue ReadingCurrent Description. A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against a user of the web UI of the affected software. The vulnerab…
Continue ReadingCurrent Description. A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attac…
Continue Reading