Network Security Archives - Page 6 of 17

Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / April 8, 2021 / Cisco, CVE-2021-1137, CVE-2021-1480, malware, Routers, SD-WAN, Small Business

Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.

Critical F5 BIG-IP vulnerability (CVE-2021-22986) under active attack

Cybersecurity Attacks, Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 22, 2021 / BIG-IP, BIG-IQ, CVE-2021-22986, F5, NCC Group, Networking

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

F5 patches 4 Critical vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 10, 2021 / CVE-2021-22986, CVE-2021-22987, CVE-2021-22991, CVE-2021-22992, F5, iControl, RCE, WAF

F5 has patched two Critical remote code execution (RCE) and another two buffer overflow vulnerabilities that impact BIG-IP and BIG-IQ devices. Moreover, the security firm also addressed two other High severity bugs and one Medium severity flaw.

3 good examples of how to apply the Zero Trust Security Model

Cybersecurity Articles, Network Security, Security Monitoring, System Hardening / By Frank Crast / March 7, 2021 / DAAS, Firewall, IOT, IPS, MFA, NAC, NSA, Privacy, Supply Chain, Zero Trust

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

Cisco patches Critical vulnerabilities on NX-OS and ASE products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / March 1, 2021 / ASE, CVE-2021-1361, CVE-2021-1388, CVE-2021-1393, CVE-2021-1396, Networking, NX-OS, Vulnerabilities

Cisco has patched multiple Critical vulnerabilities in NX-OS and Application Services Engine products. An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

SonicWall releases new firmware updates for SMA 100 Series 10.X And 9.X products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / February 24, 2021 / firmware, SMA, SMA 100, SonicWall, SSLVPN, VPN

SonicWall has released a new firmware update for SMA 100 Series 10.X And 9.X products. The latest update supersedes previous urgent patches that fixed a zero-day vulnerability CVE-2021-20016 earlier this month.

Cisco patches AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / February 18, 2021 / AnyConnect, Cisco, CVE-2021-1366, Mobility, Networking

Cisco has patched a Cisco AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366). An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels”

Cybersecurity Attacks, Identity & Access Management, Network Security, Remote Access / By Frank Crast / February 10, 2021 / critical infrastructure, Florida, Hacker, WTSP

A hacker remotely accessed a Florida city water treatment plant and attempted to increase the chemical level to “dangerous levels” before the cyberattack was thwarted.

Cisco patched Critical vulnerabilities in Small Business routers

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / February 8, 2021 / Cisco, CVE-2021-1159, CVE-2021-1160, CVE-2021-1161, CVE-2021-1289, CVE-2021-1290, CVE-2021-1291, CVE-2021-1292, CVE-2021-1293, CVE-2021-1294, CVE-2021-1295, CVE-2021-3156, RV160, RV160W, RV260, Small Business, sudo

Cisco has patched multiple remote code execution vulnerabilities in Small Business router models RV160, RV160W, RV260, RV260P and RV260W VPN Routers.

Urgent patch for SonicWall SMA 100 Series zero-day vulnerability (CVE-2021-20016)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 4, 2021 / Appliance, CVE-2021-20016, SMA, SMA 100, SonicWall

SonicWall has released an urgent patch for a Critical SonicWall SMA 100 Series version 10.x zero-day vulnerability CVE-2021-20016.