HackDig : Dig high-quality web security articles for hacker

WikiLeaks Dumps Docs on CIA’s Hacking Tools

WikiLeaks on Tuesday dropped one of its most explosive word bombs ever: A secret trove of documents apparently stolen from the U.S. Central Intelligence Agency (CIA) detailing methods of hacking everything from smart phones and TVs to compromising Internet routers and computers. KrebsOnSecurity is still digesting much of this fascinating data cache, but here
Publish At:2017-03-09 08:50 | Read:4177 | Comments:0 | Tags:Other Bloomberg Bugcrowd Casey Ellis Center for Cyber Intell

Authentication Bypass Vulnerability found in Cisco Prime Home product

The experts at Cisco have discovered a critical authentication bypass vulnerability in the Cisco Prime Home during an internal security testing. Cisco has released a security update for CISCO Prime Home remote management and provisioning solution to fix a flaw that could be exploited to authentication bypass. The experts at Cisco have discovered the critical
Publish At:2017-02-03 16:25 | Read:3507 | Comments:0 | Tags:Breaking News Hacking Authentication Bypass Vulnerability CI

CVE-2017-3792 – Cisco TelePresence MCU affected by a Remote Code Execution issue

A critical flaw tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform, MCU 5300 Series, MSE 8510 and MCU 4500. A critical vulnerability tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform. Cisco TelePresence MCU platform is a high-definition multimedia conferencing bridge tha
Publish At:2017-01-29 07:30 | Read:3663 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco TelePresence MCU CVE-2017-

VERT Threat Alert: Cisco WebEx Browser Extension Remote Code Execution

Vulnerability DescriptionA vulnerability in the Cisco WebEx Browser extension for Chrome, Firefox, and Internet Explorer could be used to execute code on a victim system. It is trivial to exploit the vulnerability and sample exploit code has been released publicly. The vulnerability leverages command execution in the launch_meeting message via a message even
Publish At:2017-01-26 04:00 | Read:6360 | Comments:0 | Tags:Vulnerability Management Cisco remote code execution threat

A flaw in the Cisco WebEx Extension allows Remote Code Execution

Tavis Ormandy, a security expert at Google Project Zero, has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Cisco’s initial fix does not appear to be complete, which
Publish At:2017-01-24 17:00 | Read:4272 | Comments:0 | Tags:Breaking News Hacking Security CISCO RCE WebEx

A flaw in Cisco CloudCenter Orchestrator exploited by hackers in the wild

Cisco is warning customers about a critical privilege escalation flaw that has been exploited in attacks against the Cisco CloudCenter Orchestrator systems. Cisco has warned its customers of a critical privilege escalation flaw in Cisco CloudCenter Orchestrator systems, tracked as CVE-2016-9223, that has been exploited in cyber attacks. The Cisco CloudCenter
Publish At:2016-12-23 20:10 | Read:4349 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco CloudCenter Orchestrator C

Hello, You’ve Been Compromised: Upward Attack Trend Targeting VoIP Protocol SIP

VoIP Attacks by the Numbers There are numerous protocols used in voice-over-IP (VoIP) communications. According to IBM Managed Security Services (MSS) data, the most targeted VoIP protocol is Session Initiation Protocol (SIP), which accounted for over 51 percent of the security event activity analyzed in the last 12 months. SIP is one of the most commonly
Publish At:2016-11-30 16:55 | Read:4609 | Comments:0 | Tags:Threat Intelligence Vulns / Threats X-Force Research Cisco I

Cisco data leak – Job applications portal leaked personal information

Cisco data leak – Cisco has fixed a security vulnerability in the company Professional Careers portal that exposed personal information of the users. Cisco data leak – Cisco has fixed a security vulnerability existing in the company Professional Careers portal that may have leaked personal information. Cisco has notified the issue to the affected
Publish At:2016-11-07 23:35 | Read:4314 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach CISCO CISCO data leak

Cisco Meeting Server – CVE-2016-6445 flaw allows to impersonate legitimate users

Cisco fixed a critical vulnerability in the Cisco Meeting Server, tracked as CVE-2016-6445,  that allows remote attackers to impersonate legitimate users. A security vulnerability in Cisco Meeting Server, tracked as CVE-2016-6445, could be exploited by attackers to impersonate legitimate users. Experts from Cisco uncovered the vulnerability during a routine
Publish At:2016-10-14 23:25 | Read:3884 | Comments:0 | Tags:Breaking News Hacking Acano Server CISCO Cisco Meeting Serve

Over 840,000 Cisco systems affected by the Equation Group’s flaw CVE-2016-6415

The Shadowserver Foundation has conducted a scan of the Internet for CISCO devices running IOS software affected by the CVE-2016-6415 vulnerability. Recently experts from CISCO discovered a vulnerability, tracked as CVE-2016-6415, in IOS system,while investigating the Equation Group‘s exploits leaked by the Shadow Broker hacker group. In particular, ex
Publish At:2016-09-21 08:45 | Read:3533 | Comments:0 | Tags:Breaking News Hacking Reports Security BENIGNCERTAIN CISCO C

CVE-2016-6415 – CISCO confirms a new Zero-Day linked to Equation Group hack

Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. This summer a group of hackers known as Shadow Brokers hacked into the arsenal of the NSA-linked group Equation Group and leaked roughly 300 Mb of exploits, implants, and hacking tools. The existence of
Publish At:2016-09-19 20:10 | Read:3577 | Comments:0 | Tags:Breaking News Hacking Security BENIGNCERTAIN CISCO CVE-2016-

Cisco releases multiple Security Updates, it fixed a nasty RCE in WebEx Meetings servers

Cisco has released several Security Updates to fix many vulnerabilities in its products, including a nasty RCE in WebEx Meetings servers. Cisco has issued a patch to address the remote code execution flaw (CVE-2016-1482) that affects company WebEx Meetings servers. The remote code execution flaw (CVE-2016-1482) could be exploited by remote, unauthenticated a
Publish At:2016-09-16 19:00 | Read:3689 | Comments:0 | Tags:Breaking News Hacking Security CISCO network security Pierlu

CVE-2016-6399 – CISCO disclosed unpatched flaw in ACE products

Cisco disclosed the existence of the CVE-2016-6399 flaw that can be exploited by remote unauthenticated attackers to trigger DoS conditions in ACE products. Experts at Cisco have disclosed the existence of a high-severity vulnerability, tracked as CVE-2016-6399, that can be exploited by remote unauthenticated attackers to trigger DoS conditions in some of Ap
Publish At:2016-09-10 17:00 | Read:4258 | Comments:0 | Tags:Breaking News Hacking Security ACE Application Control Engin

NSA BENIGNCERTAIN tool can obtain VPN Passwords from CISCO PIX

Researchers tested the BENIGNCERTAIN tool included in the NSA data dump that allows attackers to extract VPN passwords from certain Cisco devices. Following the disclosure of the NSA dump, IT vendors Cisco and Fortinet issued security patches to fix the flaws exploited by the Equation Group in their products. Now, security researchers have uncovered another
Publish At:2016-08-21 03:35 | Read:3385 | Comments:0 | Tags:Breaking News Hacking BENIGNCERTAIN CISCO Equation group hac

Cisco, Fortinet issue fixes against Equation Group exploits

Customers of Cisco and Fortinet security firms need to patch their products to fix the flaws exploited by the Equation Group exploits and hacking tools. While security experts are analyzing the hacking tools leaked in the data dump by the Shadow Brokers, security firms are working to fix the vulnerabilities exploited by the Equation Group toolsets. Both Fort
Publish At:2016-08-18 20:45 | Read:4775 | Comments:0 | Tags:Breaking News Cyber warfare Hacking CISCO cyber weapon Equat

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud