Pierluigi Paganini
May 18, 2018
Cisco has issued security updates to address three critical vulnerabilities in its DNA Center appliance, admins need to update their installs as soon as possible. Cisco has issued security updates to address three critical vulnerabilities in its Digital Network Architecture (DNA) Center appliance. The DNA Center is a network management and administration tool, experts discovered […]
Pierluigi Paganini
April 23, 2018
Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language (SAML). The CVE-2018-0229 flaw could be exploited by an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. “A vulnerability in the implementation of Security […]
Pierluigi Paganini
April 19, 2018
Rockwell Automation is warning that its Allen-Bradley Stratix and ArmorStratix industrial switches are exposed to hack due to security vulnerabilities in Cisco IOS. According to Rockwell Automation, eight flaws recently discovered recently in Cisco IOS are affecting its products which are used in many sectors, including the critical manufacturing and energy. The list of flaws includes […]
Pierluigi Paganini
April 09, 2018
Last week, the hacking crew “JHT” launched a hacking campaign exploiting Cisco CVE-2018-0171 flaw against network infrastructure in Russia and Iran. Last week, the hacking crew “JHT” launched a hacking campaign against CISCO devices in Russian and Iranian networks. The hackers exploited the Cisco CVE-2018-0171 Smart Install to reset the routers to the startup-config and reboot […]
Pierluigi Paganini
April 06, 2018
Cisco PSIRT has published a new security advisory for abuse of the Smart Install protocol, the IT giant has identified hundreds of thousands of exposed devices online. Cisco is advising organizations that hackers could target its switches via the Smart Install protocol. The IT giant has identified hundreds of thousands of exposed devices and warned critical infrastructure […]
Pierluigi Paganini
March 29, 2018
This week Cisco patched three critical vulnerabilities affecting its operating system IOS XE, two of them are remote code execution flaws that could be exploited by an attacker to gain full control over vulnerable systems. Cisco March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication addressed 22 vulnerabilities, 3 of them rated as […]
Pierluigi Paganini
March 08, 2018
The set of security updates recently released by Cisco also includes two advisories for critical vulnerabilities, a hardcoded password, and a Java deserialization flaw. The lasters set of security updates released by Cisco also includes two advisories for critical vulnerabilities. The first issue is a hardcoded password, tracked as CVE-2018-0141, that affects Cisco’s Prime Collaboration Provisioning […]
Pierluigi Paganini
February 11, 2018
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild and a Proof-of-concept exploit code is available online. This week, Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. This is the second the tech giant issued a security patch to fix the […]
Pierluigi Paganini
February 08, 2018
Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. At the end of January, the company released security updates the same flaw in Cisco ASA software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger […]
Pierluigi Paganini
January 30, 2018
Cisco released security updates to address a critical security vulnerability, tracked as CVE-2018-0101, in Cisco ASA software Cisco addressed a critical security flaw, tracked as CVE-2018-0101, in Adaptive Security Appliance (ASA) software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition causing the reload of the […]
