Network Security Archives - Page 7 of 17

SQL Server malware “MrbMiner” attacks

Cloud Security, Cybersecurity Attacks, Malware, Network Security / Frank Crast / January 25, 2021 / Cryptocurrency, Cryptomining, Database, MrbMiner, SQL Server

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.

SQL Server malware “MrbMiner” attacks Read More »

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 23, 2021 / Cisco, CVE-2021-1260, CVE-2021-1261, CVE-2021-1262, CVE-2021-1263, CVE-2021-1298, CVE-2021-1299, SD-WAN

Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products Read More »

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 19, 2021 / CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, DHCP, DNS, DNS cache poisoning, dnsmasq, DNSpooq, JSOF

Security researchers have discovered seven Dnsmasq vulnerabilities that open up many network and Linux devices to DNS cache poisoning attacks or remote code execution.

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack Read More »

NSA issues new guidance on encrypted DNS

Configuration Management, Cryptography, Cybersecurity Articles, Network Security / Frank Crast / January 18, 2021 / DNS, DoH, NSA

The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed “DoH.”

NSA issues new guidance on encrypted DNS Read More »

Cisco patches High risk vulnerabilities in Small Business routers and other products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 15, 2021 / AnyConnect, Cisco, CMX, CVE-2021-1144, CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1159, CVE-2021-1160, CVE-2021-1161, CVE-2021-1237, PSIRT, Router, Small Business

Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.

Cisco patches High risk vulnerabilities in Small Business routers and other products Read More »

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

Authentication, Network Security, Vulnerabilities & Exploits / Frank Crast / January 11, 2021 / CVE-2020-29583, Firewall, VPN, ZyXEL

Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild Read More »

QNAP fixes Command Injection vulnerability in QTS and QuTS hero

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 31, 2020 / Command Injection, CVE-2020-25847, NAS, QNAP, QSnatch, QTS, QuTS, storage, Vulnerabilities

QNAP has fixed a High severity Command Injection vulnerability CVE-2020-25847 in QTS and QuTS hero.

QNAP fixes Command Injection vulnerability in QTS and QuTS hero Read More »

Hackers target 50K vulnerable Fortinet devices to steal passwords

Cybersecurity Attacks, Network Security, Password Management, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 27, 2020 / CISA, CVE-2018-13379, Fortinet, FortiOS, VPN

Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.

Hackers target 50K vulnerable Fortinet devices to steal passwords Read More »

Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products

Internet of Things (IoT), Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 19, 2020 / CVE-2020-3470, CVE-2020-3531, CVE-2020-3586, DNA, FND, IMC, IOT, Rest API

Cisco has patched three Critical vulnerabilities in Cisco Integrated Management Controller (IMC), DNA Spaces Connector and IoT Field Network Director (FND) products.

Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products Read More »

Cisco patches 3 Security Manager vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 18, 2020 / Cisco, CVE-2020-27125, CVE-2020-27130, CVE-2020-27131, Security Manager

Cisco has patched three Cisco Security Manager vulnerabilities, one rated Critical and two High severity, that could allow a remote attacker to exploit and obtain sensitive information.

Cisco patches 3 Security Manager vulnerabilities Read More »