August 9, 2024 at 07:54AM The US cybersecurity agency CISA warned about threat actors targeting improperly configured Cisco devices. Malicious actors abuse features like Smart Install to acquire system configuration files and exploit weak password types. Meanwhile, Cisco faces critical vulnerabilities in its IP phones, without releasing patches due to end-of-life products. Multiple exploits and … Read more
July 2, 2024 at 09:22AM Cisco has patched a command-line injection flaw (CVE-2024-20399, CVSS 6.0) in its NX-OS software, used for managing switches in data centers. The flaw can allow authenticated attackers to execute arbitrary commands as root. It has been exploited by the China-backed threat group Velvet Ant. Cisco has released updates to patch … Read more
May 14, 2024 at 10:07AM Attackers are exploiting DNS tunneling to track victims’ network activity and infrastructure vulnerabilities. This advanced technique enables them to hide malicious data within legitimate outbound DNS traffic, evading traditional detection methods. Researchers have identified campaigns using DNS tunneling for tracking user behavior and network scanning, urging organizations to control resolver … Read more
February 21, 2024 at 10:41AM VMware has urged network administrators to remove an out-of-date plug-in for its VSphere due to two critical flaws — CVE-2024-22245 and CVE-2024-22250. These vulnerabilities allow attackers to hijack cloud computing sessions. The company has released a security advisory with instructions on removal, as the plug-in is no longer supported. VMware … Read more
December 18, 2023 at 10:09AM CISA conducted a cybersecurity assessment for a healthcare and public health organization, finding no significant exploitable conditions but identifying weak passwords and other security issues. CISA is sharing the results with the sector to improve cybersecurity posture. The report includes mitigation recommendations and urges organizations to review and apply them. … Read more