HackDig : Dig high-quality web security articles

Multiple Cisco products exposed to DoS attack due to a Snort issue

Cisco announced that a vulnerability in the Snort detection engine exposes several of its products to denial-of-service (DoS) attacks. Cisco announced this week that several of its products are exposed to denial-of-service (DoS) attacks due to a vulnerability in the Snort detection engine. The vulnerability resides in the Ethernet Frame Decoder of the
Publish At:2021-03-06 20:48 | Read:306 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

Cisco fixes three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS

Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Cisco released security updates to address over a dozen vulnerabilities affecting multiple products, including three critical flaws impacting its ACI Multi-Site Orchestrator, Applicati
Publish At:2021-02-25 18:24 | Read:336 | Comments:0 | Tags:Breaking News Security CISCO Hacking information security ne

Cisco fixes critical remote code execution issues in SMB VPN routers

Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to execute arbitrary code as root on vul
Publish At:2021-02-04 04:13 | Read:403 | Comments:0 | Tags:Breaking News Hacking Security CISCO hacking news informatio

A week in security (January 18 – January 24)

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if Ti
Publish At:2021-01-25 12:06 | Read:478 | Comments:0 | Tags:A week in security Malwarebytes news bec Brave chrome Cisco

Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI

Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices. These vulnerabilities impact de
Publish At:2021-01-21 04:49 | Read:451 | Comments:0 | Tags:Breaking News Security CISCO command injection attacks Hacki

Cisco addresses a High-severity flaw in CMX Software

Cisco addressed tens of high-severity flaws, including some flaws in the AnyConnect Secure Mobility Client and in its small business routers. This week Cisco released security updates to address 67 high-severity vulnerabilities, including issues affecting Cisco’s AnyConnect Secure Mobility Client and small business routers (i.e. Cisco RV110W, RV130,
Publish At:2021-01-14 08:30 | Read:559 | Comments:0 | Tags:Breaking News Security CISCO CMX Hacking hacking news inform

Cisco addresses critical RCE vulnerability in Jabber

Cisco addressed a new critical RCE vulnerability that affects several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco has released security updates to address a critical remote code execution (RCE) flaw affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco Jabber is an instant messaging and
Publish At:2020-12-10 17:48 | Read:852 | Comments:0 | Tags:Breaking News Hacking CISCO hacking news information securit

Cisco fixes exploitable RCEs in Cisco Security Manager

Cisco released security updates to fix multiple pre-authentication RCE flaws with public exploits affecting Cisco Security Manager. Cisco has released security updates to address multiple pre-authentication remote code execution vulnerabilities with public exploits affecting Cisco Security Manager (CSM). CSM provides a comprehensive management solution fo
Publish At:2020-12-07 18:20 | Read:432 | Comments:0 | Tags:Breaking News Security CISCO Cisco Security Manager Hacking

Expert publicly discloses PoC code for critical RCE issues in Cisco Security Manager

Cisco released multiple advisories related to security issues in Cisco Security Manager (CSM) that affect the recently released 4.22 version. Cisco published multiple security advisories related to critical vulnerabilities affecting the Cisco Security Manager (CSM), including the recently released version 4.22. Cisco Security Manager provides a compreh
Publish At:2020-11-17 19:54 | Read:669 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

Cisco addresses 17 high-severity flaws in security appliances

Security Advisory Bundled Publication for October 2020 – Cisco announced the release of patches for 17 high-severity flaws in its security appliances. Cisco announced the release of security patches for 17 high-severity vulnerabilities in its security appliances as part of its Security Advisory Bundled Publication for October 2020. The vulnerabil
Publish At:2020-10-22 12:36 | Read:1031 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

Cisco addresses three high-severity issues in Webex, IP Cameras and ISE

Cisco fixed three high-severity flaws in Webex video conferencing system, Video Surveillance 8000 Series IP Cameras and Identity Services Engine. Cisco has addressed three high-severity flaws and eleven medium-severity vulnerabilities in its Webex video conferencing system, Video Surveillance 8000 Series IP Cameras and Identity Services Engine. The mos
Publish At:2020-10-09 16:23 | Read:906 | Comments:0 | Tags:Breaking News Hacking Security CISCO CISCO ISE hacking news

Cisco fixes actively exploited issues in IOS XR Network OS

Cisco addressed two actively exploited DoS vulnerabilities that reside in the IOS XR software that runs on multiple carrier-grade routers. Cisco addressed two high severity memory exhaustion DoS vulnerabilities that reside in the IOS XR Network OS that runs on multiple carrier-grade routers. The company confirmed that both vulnerabilities are actively
Publish At:2020-09-30 10:02 | Read:700 | Comments:0 | Tags:Breaking News Hacking Security CISCO hacking news informatio

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was firs
Publish At:2020-09-17 18:57 | Read:733 | Comments:0 | Tags:Ne'er-Do-Well News anvisoft APT41 Barium Chengdu 404 Cisco C

Cisco addresses critical code execution flaw in Cisco Jabber for Windows

Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495, that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client
Publish At:2020-09-02 17:23 | Read:857 | Comments:0 | Tags:Breaking News Hacking Security CISCO Cisco Jabber hacking ne

Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers

Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that ru
Publish At:2020-08-31 14:37 | Read:931 | Comments:0 | Tags:Breaking News Security CISCO Cisco IOS XR DOS Hacking hackin