Security Alerts & News
by Tymoteusz A. Góral

History
#1499 More than 840,000 Cisco devices are vulnerable to NSA-related exploit
More than 840,000 Cisco networking devices from around the world are exposed to a vulnerability that's similar to one exploited by a hacking group believed to be linked to the U.S. National Security Agency.

The vulnerability was announced by Cisco last week and it affects the IOS, IOS XE, and IOS XR software that powers many of its networking devices. The flaw allows hackers to remotely extract the contents of a device's memory, which can lead to the exposure of sensitive information.

The vulnerability stems from how the OS processes IKEv1 (Internet Key Exchange version 1) requests. This key exchange protocol is used for VPNs (Virtual Private Networks) and other features that are popular in enterprise environments.
Read more
#1502 Cisco warns of command injection flaw in Cloud platform
#1501 Don’t plug it in! Scammers post infected USB sticks through letterboxes
#1500 A bite of Python
#1499 More than 840,000 Cisco devices are vulnerable to NSA-related exploit
#1498 Bug that hit Firefox and Tor browsers was hard to spot—now we know why
#1497 SWIFT confirms banks still being targeted, announces mitigation tool
#1496 IoT devices being increasingly used for DDoS attacks
#1495 Future attack scenarios against ATM authentication systems
#1494 Massive web attack hits security blogger
#1493 Malware evades detection with novel technique
#1492 Yahoo is expected to confirm a massive data breach, impacting hundreds of millions of users
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12