HackDig : Dig high-quality web security articles

Cisco fixes privilege escalation bug in Cisco Secure Client

Cisco addressed a high-severity flaw in Cisco Secure Client that can allow attackers to escalate privileges to the SYSTEM account. Cisco has fixed a high-severity vulnerability, tracked as CVE-2023-20178 (CVSS Score 7.8), found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) that can be exploited by low-privileged, authenticated, local
Publish At:2023-06-08 07:29 | Read:29769 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

A week in security (May 22-28)

Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11 Malvertising via brand impersonation is back again Update now! App
Publish At:2023-05-29 22:03 | Read:71878 | Comments:0 | Tags:News Cisco Zyxel ChatGPT Malvertising Apple Google insider t

Update now: 9 vulnerabilities impact Cisco Small Business Series

Vulnerabilities have been found and fixed in the web-based user interface of various Cisco products in the Small Business Series. These nine issues are tied to the web-based user interface of the products, and in a worst case scenario could lead to denial of service (DoS) conditions or arbitrary code execution. Affected products The vulnerabilities affe
Publish At:2023-05-22 22:03 | Read:84474 | Comments:0 | Tags:Business Cisco small business series web interface CVE explo

Critical fixed critical flaws in Cisco Small Business Switches

Cisco fixed nine flaws in its Small Business Series Switches that could be exploited to execute arbitrary code or cause a DoS condition. Cisco has released security updates to address nine security vulnerabilities in the web-based user interface of certain Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to exe
Publish At:2023-05-18 07:28 | Read:92657 | Comments:0 | Tags:Breaking News Security CISCO Cisco Small Business Switches H

Update now! May 2023 Patch Tuesday tackles three zero-days

It’s that time of the month again: We're looking at May's Patch Tuesday roundup. Microsoft has released its monthly update, and while the total number of patched vulnerabilities is relatively low at 38, among them are three zero-day vulnerabilities. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exp
Publish At:2023-05-10 22:02 | Read:151473 | Comments:0 | Tags:Exploits and vulnerabilities News Microsoft CVE-2023-29336 C

Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions

Cisco released security updates to address critical security flaws in its Industrial Network Director and Modeling Labs solutions. Cisco released security updates to address critical security vulnerabilities in the Industrial Network Director and Modeling Labs solutions. An attacker can exploit these vulnerabilities to inject arbitrary operating system
Publish At:2023-04-21 07:27 | Read:301714 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news IT Informa

Fancy Bear known to be exploiting vulnerability in Cisco routers

In a joint advisory, the UK National Cyber Security Centre (NCSC), the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released information about APT28’s exploitation of Cisco routers in 2021. Now please don’t stop reading because you think this is old
Publish At:2023-04-20 22:01 | Read:213859 | Comments:0 | Tags:Exploits and vulnerabilities News APT28 Sofacy Fancy Bear GR

Update now! April’s Patch Tuesday includes a fix for one zero-day

It’s Patch Tuesday again. Microsoft and other vendors have released their monthly updates. Among a total of 97 patched vulnerabilities there is one actively exploited zero-day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. The Common Vulnerabilities and Exposures (CV
Publish At:2023-04-12 22:01 | Read:216919 | Comments:0 | Tags:Exploits and vulnerabilities News Microsoft Apple Google Ado

Cisco fixed multiple severe vulnerabilities in its IOS and IOS XE software

Cisco addressed tens of vulnerabilities in its IOS and IOS XE software, six of these issues have been rated ‘high severity’. Cisco published the March 2023 Semiannual IOS and IOS XE Software Security Advisory that addresses several vulnerabilities in IOS and IOS XE software. Below is the list of flaws addressed by the IT giant in this bundled publicat
Publish At:2023-03-23 15:50 | Read:230684 | Comments:0 | Tags:Breaking News Security CISCO CISCO IOS Cisco IOS XE Hacking

Cisco fixed a critical command injection bug in IP Phone Series

Cisco addressed a critical vulnerability, tracked as CVE-2023-20078, impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. Cisco released security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The flaw, tracked as CVE-2023-20078 (rated 9.8 out of 10), is a command injection issue
Publish At:2023-03-02 12:08 | Read:304689 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news IP Phone I

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can
Publish At:2023-02-17 07:54 | Read:224073 | Comments:0 | Tags:Breaking News Security CISCO ClamAV Hacking hacking news inf

Update now! February's Patch Tuesday tackles three zero-days

The Patch Tuesday roundup from Microsoft for February 2023 includes three zero-days. Not exactly what we had in mind for Valentine's Day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. As far as we can tell, only two of the vulnerabilities were actually exploited in th
Publish At:2023-02-15 22:16 | Read:363528 | Comments:0 | Tags:Exploits and vulnerabilities News patch Tuesday Microsoft Ap

Cisco fixed command injection bug in IOx Application Hosting Environment

Cisco fixed a high-severity flaw in the IOx application hosting environment that can be exploited in command injection attacks. Cisco has released security updates to address a command injection vulnerability, tracked as CVE-2023-20076, in the Cisco IOx application hosting environment. “A vulnerability in the Cisco IOx application hosting environ
Publish At:2023-02-03 07:54 | Read:273987 | Comments:0 | Tags:Breaking News Security CISCO hacking news IOx Application Ho

Around 19,500 end-of-life Cisco routers are exposed to hack

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. Cisco recently warned of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devic
Publish At:2023-01-21 08:29 | Read:251838 | Comments:0 | Tags:Breaking News Hacking Security CISCO hacking news IT Informa

Critical bug in Cisco EoL Small Business Routers will receive no patch

Cisco warns of a critical flaw in small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security
Publish At:2023-01-12 18:35 | Read:238338 | Comments:0 | Tags:Breaking News Security CISCO EoL Hacking hacking news inform

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud