Security Alerts & News
by Tymoteusz A. Góral

History
#1478 Cisco warns of second firewall bug exposed by Shadow Brokers
Cisco is scrambling to patch another vulnerability in many of its products that was exposed as part of the Shadow Brokers dump last month. The latest vulnerability affects many different products, including all of the Cisco PIX firewalls.

The latest weakness lies in the code that Cisco’s IOS operating system uses to process IKEv1 packets. IKE is used in the IPSec protocol to help set up security associations, and Cisco uses it in a number of its products. The company said in an advisory that many versions of its IOS operating system are affected, including IOS XE and XR.

“A vulnerability in IKEv1 packet processing code in Cisco IOS, Cisco IOS XE and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information,” the advisory says.
Read more
#1486 DDoS mitigation firm has history of hijacks
#1485 Data-stealing Qadars Trojan malware takes aim at 18 UK banks
#1484 Vulnerability patched in WordPress theme that allows unrestricted uploads
#1483 324,000 payment cards breached, CVVs included
#1482 Fake AV makes it onto Google Play
#1481 Cisco IOS Software Checker
#1480 Untangling the Ripper ATM malware
#1479 Ransomware's next target: Your car and your home
#1478 Cisco warns of second firewall bug exposed by Shadow Brokers
#1477 Mozilla patching Firefox certificate pinning vulnerability
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12