CISCO Archives - Page 19 of 20

Pierluigi Paganini July 05, 2015

Cisco Unified CDM platform open to cyber attacks

Cisco Unified CDM software contains a privileged account with a static password that cannot be changed, by using it an attacker can control the platform. A default privileged account with a static password that cannot be changed affect the Cisco Unified Communications Domain Manager (Cisco Unified CDM) opening the platform for remote attacks. The Cisco […]

Pierluigi Paganini June 26, 2015

Cisco Security Appliances contain a default SSH Key

Security experts at Cisco revealed the existence of a default SSH key in many security appliances, an attacker can exploit it to control the devices. Security experts at Cisco discovered default SSH Key in many Cisco security appliances, an attacker could use them to establish SSH connection and control the devices. The abuse of the […]

Pierluigi Paganini March 23, 2015

Some models of Cisco IP Phones vulnerable to eavesdropping

Chris Watts discovered a security flaw affecting some models of Cisco IP Phones that could be exploited to eavesdrop on conversations and make phone calls. Some models of Cisco IP phones for small businesses are affected by a vulnerability, coded as CVE-2015-0670 that could be exploited by a remote attacker to eavesdrop on conversations and make phone calls […]

Pierluigi Paganini March 22, 2015

PoSeidon the most sophisticated PoS malware until now

Cisco Security Team has spotted in the wild a new Point-of-Sale malware dubbed PoSeidon that is more sophisticated than previously detected PoS malware. Expert at Cisco have discovered a new Point-of-Sale (PoS) malware dubbed PoSeidon. The experts have discovered many similarities with the popular Zeus Trojan and use sophisticated methods to find card data respect other POS malware like BlackPoS, which was used […]

Pierluigi Paganini March 13, 2015

Google privacy breach caused by a software defect

Expert at Cisco discovered a privacy breach caused by a software problem, which exposed personal information of users that opted for privacy setting. A software problem occurred at Google have exposed personal information of users that registered their website and had chosen to keep their profile private. The flaw affected the whois database that contains contact […]

Pierluigi Paganini March 04, 2015

GoDaddy accounts compromised to run a campaign based on Angler kit

Experts at Cisco discovered a new technique dubbed Domain Shadowing consisting in the creation of thousand subdomains used to spread the Angler exploit kit Cyber criminals have used hundreds of legitimate domain name accounts registered through GoDaddy to run a malicious campaign using the popular Angler exploit kit. Crooks hacked domain name accounts in order […]

Pierluigi Paganini February 10, 2015

Volume License Trojan Chanitor targets enterprises

Cisco experts discovered a phishing campaign that is spreading fake Volume License Trojan Chanitor to corporate users and is able to evade sandboxes. A few weeks ago, multiple Cisco Managed Threat Defense (MTD) customers received an email that appeared as sent by the Microsoft Volume Licensing Service Center (VLSC), which contains a link to login to the […]

Pierluigi Paganini August 13, 2014

Cisco EnergyWise suite vulnerable to Denial of Service attack

Researchers at BlackHat discovered a Denial of Service Vulnerability in Cisco IOS Software and Cisco IOS XE Software EnergyWise. Researchers from ERNW GMBH revealed that misconfigurations and vulnerabilities in Cisco’s EnergyWise suite could be exploited by attackers to cause huge blackouts. The team has presented the results of their study during the last Black Hat conference […]

Pierluigi Paganini July 17, 2014

Cisco Wireless Residential Gateway Remote Code Execution flaw

Multiple Cisco Wireless Residential Gateway products are affected by a critical flaw that could allow a remote attacker to hijack the devices. A security vulnerability affects multiple Cisco wireless residential Gateway products, the flaw resides on the web server an could be exploited by a remote attacker to hijack the network appliance. The flaw, ranked […]

Pierluigi Paganini July 07, 2014

Cisco warns on combined spear phishing and exploit attacks

Cisco’s Threat Research Analysis and Communications (TRAC) uncovered an extremely targeted spear phish attack on high-profit companies in Europe. A new APT has been discovered by CISCO targeting high-profit companies in Europe, including businesses working in banking, oil and entertainment industries. The attackers adopted as attack vector the email in a spear phishing campaign. According to the alert […]

CISCO

Cisco Unified CDM platform open to cyber attacks

Cisco Security Appliances contain a default SSH Key

Some models of Cisco IP Phones vulnerable to eavesdropping

PoSeidon the most sophisticated PoS malware until now

Google privacy breach caused by a software defect

GoDaddy accounts compromised to run a campaign based on Angler kit

Volume License Trojan Chanitor targets enterprises

Cisco EnergyWise suite vulnerable to Denial of Service attack

Cisco Wireless Residential Gateway Remote Code Execution flaw

Cisco warns on combined spear phishing and exploit attacks

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Allianz Life data breach exposed the data of most of its 1.4M customers

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

QUICK LINKS

CISCO

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!