Cyber Security Newsfeeds from around the world
A nation-state backed group of attackers that Cisco Talos is identifying as Sea Turtle, have been actively exploiting domain name information, by going after domain registries for entire countries. Cisco Talos is warning of a new attacker group it has …
Continue ReadingFor at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised. The domain name…
Continue ReadingDescription. A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is du…
Continue ReadingDescription. A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validatio…
Continue ReadingDescription. A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affecte…
Continue ReadingDescription. A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbi…
Continue ReadingDescription. A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (…
Continue ReadingCisco has issued a security patch for a flaw in some of its routers that can be exploited by miscreants to potentially rifle through telecommunications networks. Switchzilla says the vulnerable kit – the ASR 9000, a family of high-end gear aimed at car…
Continue ReadingInternet domain registrars and at least one registry were hijacked to change certain websites’ DNS settings so that visitors to said sites were in fact directed to password-stealing phishing pages, researchers detailed on Wednesday. It is believed this…
Continue ReadingNews and articles about cyber security, information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, trojans.
Original release date: April 17, 2019. Cisco has released a security update t…
Continue Reading