Home Tags Attack

Tag: Attack

Bug patched in March is still being exploited to take full control of servers.

Should CISOs Be Hackers?

Justin Calmus, Chief Security Officer at OneLogin, believes that cybersecurity professionals - including CISOs and other security team leaders - can be much more effective at their jobs if they stay actively engaged with hacking communities that keep t...
Researchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.
While established cyber-attack vectors, such as malware and ransomware, continue to be a challenge for IT security pros, a panel of experts at the SANS Institute detailed new and emerging threats.
VIDEO: Ondrej Vlcek CTO of Avast explains the causes of the CCleaner security incident and shares best practices so other companies can avoid the same fate.
A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerabil...
A vulnerability in Cisco WebEx Connect IM could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parame...
A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scr...
A vulnerability in the Login screen of the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the w...
A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. The vulnerability...
At the RSA Conference 2018, Symantec reveals a potential iOS attack vector that Apple has already taken steps to mitigate.
NEWS ANALYSIS: A massive Russian-sponsored cyber-attack campaign is targeting routers, switches and other infrastructure devices to enable man-in-the-middle, espionage, hijacking and other attacks, according to U.S. and UK cyber-security authorities.