HackDig : Dig high-quality web security articles for hackers

CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files
Publish At:2020-07-24 09:24 | Read:162 | Comments:0 | Tags:Breaking News Hacking Security CISCO ASA Cisco FTD CVE-2020-

The leak of NSA hacking tools was caused by a staffer mistake

A US investigation into the leak of the NSA hacking tools used by the Agency is focusing on a theory that it was caused by a staffer mistake. The hack of the NSA-linked group Equation Group and the leakage of the NSA hacking tools in its arsenal it probably one the most disconcerting events of the year. Sources close to the investigation revealed that the NS
Publish At:2016-09-23 15:35 | Read:3220 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence CISCO ASA E

NSA EXTRABACON exploit still threatens tens of thousands of CISCO ASA boxes

Two security experts from the Rapid 7 firm revealed that tens of thousands of CISCO ASA boxes are still vulnerable to the NSA EXTRABACON exploit. A few weeks ago the Shadow Brokers hacker group hacked into the arsenal of the NSA-Linked Equation Group leaked online data dumps containing its exploits. ExtraBacon is one of the exploits included in the NSA arsen
Publish At:2016-09-06 03:30 | Read:3707 | Comments:0 | Tags:Breaking News Hacking CISCO ASA Equation group exploit Extra

The Equation Group’s exploit ExtraBacon works on newer Cisco ASA

Security experts have improved the ExtraBacon exploit included in the NSA Equation Group arsenal to hack newer version of CISCO ASA appliance. The data dump leaked online by ShadowBrokers is a treasure for security experts and hackers that are analyzing every tool it contains. Cisco and Fortinet have confirmed their network appliance are vulnerable to the ex
Publish At:2016-08-24 23:00 | Read:5578 | Comments:0 | Tags:Breaking News Cyber Crime Hacking CISCO ASA Equation group e

Cisco ASA version grabber (CVE-2014-3398)

Was catching up on blogs and re-reading some things and re-came across this blog post and Ruxcon slideshttp://breenmachine.blogspot.com/2014/10/cisco-asa-ssl-vpn-backdoor-poc-cve-2014.htmlhttps://ruxcon.org.au/assets/2014/slides/Breaking%20Bricks%20Ruxcon%202014.pdfWhile looking for some of the POCs I found this separate issue:http://blog.spiderlabs.com/2014
Publish At:2015-02-02 13:30 | Read:5166 | Comments:0 | Tags:cisco cisco asa Metasploit Pentesting


Share high-quality web security related articles with you:)