Pierluigi Paganini August 18, 2016
Cisco, Fortinet issue fixes against Equation Group exploits

Customers of Cisco and Fortinet security firms need to patch their products to fix the flaws exploited by the Equation Group exploits and hacking tools. While security experts are analyzing the hacking tools leaked in the data dump by the Shadow Brokers, security firms are working to fix the vulnerabilities exploited by the Equation Group toolsets. Both […]

Pierluigi Paganini June 30, 2016
CISCO fixed severe vulnerabilities in Network Management and Security Products

Cisco released security patches for some of its products that fix critical and high severity flaw that could be remotely exploited by hackers. Cisco has released security patches for a number of high-severity vulnerabilities in the CISCO Management and other security products. One of the flaws, a critical vulnerability in the Cisco Prime Collaboration Provisioning (CVE-2016-1416), […]

Pierluigi Paganini June 16, 2016
Cisco wireless kits are affected by a critical bug but no fix is available

A security advisory recently released by CISCO announce that three Cisco wireless kits are affected by a critical bug, but no fix is available at the moment. SOHO devices are among most targeted network components in the wild, they are often poorly protected or not properly configured exposing users to serious risks. In these cases, […]

Pierluigi Paganini April 16, 2016
JBOSS Backdoor opens 3 million servers at risk of attacks

Experts at Cisco Systems discovered more than 3 million vulnerable servers exposed on the Internet while scanning for the presence of JBOSS Backdoor According to Cisco Systems, more than 3 million servers exposed on the Internet are potentially open to Samsam ransomware-based attacks because they’re running vulnerable software. Attackers are targeting vulnerabilities in servers to […]

Pierluigi Paganini April 14, 2016
CISCO fixed a high risk security flaw in the UCS software

CISCO has recently issued a security update to fix a high-risk security vulnerability affecting the UCS software and exploitable with a simple HTTP poke. Cisco has recently patched a “high” risk security vulnerability (CVE-2016-1352) affecting its Unified Computing System (UCS) Central Software that could allow a remote attacker to gain remote control of the machines. […]

Pierluigi Paganini March 13, 2016
CISCO warns customers of high-severity flaws in modems and gateways

Cisco released a series of software updates to patch several high severity flaws in its cable modems, residential gateways and security appliances. Cisco just patched critical vulnerabilities in its cable modems, residential gateways and security appliances. The security updates released this week fix serious flaws in Cisco residential reported by Kyle Lovett, and Chris Watts from Tech […]

Pierluigi Paganini February 15, 2016
A flaw in CISCO Universal Small Cell allows firmware retrieval

A flaw affecting the Cisco Universal Small Cell devices allows unauthenticated remote users to retrieve devices’ firmware, so Cisco urges patching these systems. Other problems for the IT giant Cisco, the company is asking service providers using its Universal Small Cell solutions to update their systems and install a patch to solve a serious security issue. […]

Pierluigi Paganini January 14, 2016
Cisco wireless points include hardcoded passwords

A number of Cisco wireless devices have been designed with hardcoded passwords, including Wi-Fi gear, WLAN controllers, and ISE.Cisco wireless points designed with hardcoded passwords. Bad days for IT giants, recently an unwanted code was discovered in Juniper appliances and a hardcoded backdoor affects some Fortinet Firewalls. Problems of a different nature, but equally uncomfortable, afflicts Cisco wireless LAN controllers, the Cisco […]

Pierluigi Paganini October 09, 2015
Bad actors target entities worldwide via Cisco WebVPN

Experts at Volexity discovered a hacking campaign targeting the CISCO WebVPN VPN product, attackers aim to steal corporate login credentials. A virtual private network (VPN) allows to extend a private network across a public connection, they are mainly used to protect users’ privacy and improve security for data in transit. Virtual Private Networks are commonly used many companies and organizations […]

Pierluigi Paganini September 15, 2015
SYNful_Knock malicious ROMMON images discovered in the wild

Mandiant firm has spotted more than a dozen Cisco routers running malicious ROMMON firmware images that allow attackers to control targeted devices. A few weeks ago, CISCO issued an alert to warn enterprise customers about a spike in attacks in which hackers use valid admin credentials on IOS devices to install bogus ROMMON images, which is the bootstrap […]