CISCO

Pierluigi Paganini June 16, 2016
Cisco wireless kits are affected by a critical bug but no fix is available

A security advisory recently released by CISCO announce that three Cisco wireless kits are affected by a critical bug, but no fix is available at the moment. SOHO devices are among most targeted network components in the wild, they are often poorly protected or not properly configured exposing users to serious risks. In these cases, […]

Pierluigi Paganini April 16, 2016
JBOSS Backdoor opens 3 million servers at risk of attacks

Experts at Cisco Systems discovered more than 3 million vulnerable servers exposed on the Internet while scanning for the presence of JBOSS Backdoor According to Cisco Systems, more than 3 million servers exposed on the Internet are potentially open to Samsam ransomware-based attacks because they’re running vulnerable software. Attackers are targeting vulnerabilities in servers to […]

Pierluigi Paganini April 14, 2016
CISCO fixed a high risk security flaw in the UCS software

CISCO has recently issued a security update to fix a high-risk security vulnerability affecting the UCS software and exploitable with a simple HTTP poke. Cisco has recently patched a “high” risk security vulnerability (CVE-2016-1352) affecting its Unified Computing System (UCS) Central Software that could allow a remote attacker to gain remote control of the machines. […]

Pierluigi Paganini March 13, 2016
CISCO warns customers of high-severity flaws in modems and gateways

Cisco released a series of software updates to patch several high severity flaws in its cable modems, residential gateways and security appliances. Cisco just patched critical vulnerabilities in its cable modems, residential gateways and security appliances. The security updates released this week fix serious flaws in Cisco residential reported by Kyle Lovett, and Chris Watts from Tech […]

Pierluigi Paganini February 15, 2016
A flaw in CISCO Universal Small Cell allows firmware retrieval

A flaw affecting the Cisco Universal Small Cell devices allows unauthenticated remote users to retrieve devices’ firmware, so Cisco urges patching these systems. Other problems for the IT giant Cisco, the company is asking service providers using its Universal Small Cell solutions to update their systems and install a patch to solve a serious security issue. […]

Pierluigi Paganini January 14, 2016
Cisco wireless points include hardcoded passwords

A number of Cisco wireless devices have been designed with hardcoded passwords, including Wi-Fi gear, WLAN controllers, and ISE.Cisco wireless points designed with hardcoded passwords. Bad days for IT giants, recently an unwanted code was discovered in Juniper appliances and a hardcoded backdoor affects some Fortinet Firewalls. Problems of a different nature, but equally uncomfortable, afflicts Cisco wireless LAN controllers, the Cisco […]

Pierluigi Paganini October 09, 2015
Bad actors target entities worldwide via Cisco WebVPN

Experts at Volexity discovered a hacking campaign targeting the CISCO WebVPN VPN product, attackers aim to steal corporate login credentials. A virtual private network (VPN) allows to extend a private network across a public connection, they are mainly used to protect users’ privacy and improve security for data in transit. Virtual Private Networks are commonly used many companies and organizations […]

Pierluigi Paganini September 15, 2015
SYNful_Knock malicious ROMMON images discovered in the wild

Mandiant firm has spotted more than a dozen Cisco routers running malicious ROMMON firmware images that allow attackers to control targeted devices. A few weeks ago, CISCO issued an alert to warn enterprise customers about a spike in attacks in which hackers use valid admin credentials on IOS devices to install bogus ROMMON images, which is the bootstrap […]

Pierluigi Paganini July 05, 2015
Cisco Unified CDM platform open to cyber attacks

Cisco Unified CDM software contains a privileged account with a static password that cannot be changed, by using it an attacker can control the platform. A default privileged account with a static password that cannot be changed affect the  Cisco Unified Communications Domain Manager (Cisco Unified CDM) opening the platform for remote attacks. The Cisco […]

Pierluigi Paganini June 26, 2015
Cisco Security Appliances contain a default SSH Key

Security experts at Cisco revealed the existence of a default SSH key in many security appliances, an attacker can exploit it to control the devices. Security experts at Cisco discovered default SSH Key in many Cisco security appliances, an attacker could use them to establish SSH connection and control the devices. The abuse of the […]