Security Alerts & News
by Tymoteusz A. Góral

#703 Cisco patches critical TelePresence vulnerability
isco Systems said it has patched a critical flaw tied to its TelePresence hardware that allowed unauthorized third-parties to access the system via an API bug. The networking behemoth also alerted customers to a duo of denial of service attack vulnerabilities that represent a high risk for its FirePOWER firewall hardware.

The United States Computer Emergency Readiness Team (US-CERT) issued an alert on Wednesday and said Cisco has provided patches for the affected products.

The most serious of the flaws is tied to Cisco’s TelePresence XML application programming interface and allows hackers to bypass the authentication process for its TelePresence EX, MX, SX and VX hardware. Hackers with knowledge of the vulnerability are able to perform unauthorized configuration changes or issue control commands to TelePresence hardware running affected software.

Cisco issued a patch (CVE-2016-1387) for the TelePresence bug. Cisco wrote: “The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API.”
Read more
#713 Qualcomm software flaw exposes Android user data
#712 Diary of a ransomware victim
#711 Petya: the two-in-one trojan
#710 Kaspersky: IT threat evolution in Q1 2016 report (PDF)
#709 Malware may abuse Android’s accessibility service to bypass security enhancements
#708 IBM just made a powerful research tool available to everyone for free
#707 Big data breaches found at major email services - expert
#706 Public exploits available for ImageMagick vulnerabilities
#705 Identity thieves used leaked PII to steal ADP payroll Info
#704 Apple updates Xcode’s Git implementation
#703 Cisco patches critical TelePresence vulnerability
#702 Microsoft unveils new effort to make its developer, IT documentation great again
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12