%20(1)%20(1).webp?w=324&resize=324,235&ssl=1 "Cisco IOS XR Software Flaw Let Attackers Exhaust Memory, DoS & Elevate Privileges")
Cisco IOS XR Software Flaw Let Attackers Exhaust Memory, DoS & Elevate Privileges
A critical vulnerability has been identified in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software, posing significant risks to network stability and security.
This flaw allows unauthenticated, remote attackers to exhaust...
%20(1).webp?w=324&resize=324,235&ssl=1 "Cisco Web-Based Management Interface Vulnerability Allows Privilege Escalation")
Cisco Web-Based Management Interface Vulnerability Allows Privilege Escalation
Cisco has disclosed a critical vulnerability in the JSON-RPC API feature used by the web-based management interfaces of several products, including Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340...
.webp?w=324&resize=324,235&ssl=1 "Cisco Systems Manager for Windows Vulnerability Let Attackers Escalate Privilege")
Cisco Systems Manager for Windows Vulnerability Let Attackers Escalate Privilege
Cisco Systems has issued a critical security advisory for a vulnerability in the Cisco Meraki Systems Manager (SM) Agent for Windows.
The flaw, identified as CVE-2024-20430, allows authenticated local attackers to execute arbitrary code...
.webp?w=324&resize=324,235&ssl=1 "Cisco to Acquire AI Application Security Platform Robust Intelligence")
Cisco to Acquire AI Application Security Platform Robust Intelligence
Cisco has announced its intent to acquire Robust Intelligence, a leader in AI application security. This acquisition aligns with Cisco's commitment to enhancing IT infrastructure and security in the face of AI's transformative potential,...
Cisco iPXE Signature Bypass Vulnerability Allow Attackers To Boot Unverified Software
Cisco has identified a critical vulnerability in the iPXE boot function of its IOS XR software. This vulnerability stems from insufficient image verification during the iPXE boot process, which could allow an authenticated, local...
Cisco VPN Routers Flaw Let Attackers Execute Remote Code
Cisco recently disclosed that its RV340 and RV345 Dual WAN Gigabit VPN Routers have a significant flaw in the upload module. This flaw could allow a remote, authenticated attacker to run arbitrary code on an...
Hackers Using Weaponized Cisco Webex Meetings App To Deliver Malware
A novel information-stealing campaign detailing the attackers' tactics, techniques, and procedures (TTPs) throughout the attack lifecycle, where the Mitre ATT&CK framework is used to classify these TTPs and identify potential detection points.
By examining the...
Cisco Webex Meetings Meeting Flaw Let Attackers Gain Unauthorized Access
Cisco has disclosed a significant security vulnerability in its Webex Meetings platform that allowed unauthorized access to meeting information and metadata.
The issue, identified in early May 2024, affected certain customers hosted in Cisco's...
Florida Man Arrested For Selling Fake Cisco Device To U.S. Military
Onur Aksoy, a forty-year-old resident of Florida and dual citizen of Turkey and the United States, was found guilty of running a large-scale, multi-year fraud scheme to traffic in fake and counterfeit Cisco networking...
Cisco IMC Command Injection Vulnerability Under Active Attack
An attacker with read-only or higher privileges on a Cisco Integrated Management Controller (IMC) can exploit a command injection vulnerability (CVE-2024-20295) to gain full control (root access) of the underlying operating system.
The vulnerability exists...
Recent Posts
.webp?w=324&resize=324,235&ssl=1 "Web Server Hardening Best Practices For Organizations Across Industries")
Web Server Hardening Best Practices For Organizations Across Industries
Web server hardening is a critical security process that reduces an organization's attack surface and helps defend against ransomware, malware, and other cyberthreats.
In...