Network Security Archives - Page 7 of 17

SQL Server malware “MrbMiner” attacks

Cloud Security, Cybersecurity Attacks, Malware, Network Security / By Frank Crast / January 25, 2021 / Cryptocurrency, Cryptomining, Database, MrbMiner, SQL Server

Security researchers have identified the source of a SQL Server malware “MrbMiner” attacks allegedly tied to an Iranian software firm.

Cisco patches 8 Critical SD-WAN vulnerabilities and flaws in other network products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 23, 2021 / Cisco, CVE-2021-1260, CVE-2021-1261, CVE-2021-1262, CVE-2021-1263, CVE-2021-1298, CVE-2021-1299, SD-WAN

Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.

DNSpooq: Dnsmasq vulnerabilities open up network and Linux devices to attack

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 19, 2021 / CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687, DHCP, DNS, DNS cache poisoning, dnsmasq, DNSpooq, JSOF

Security researchers have discovered seven Dnsmasq vulnerabilities that open up many network and Linux devices to DNS cache poisoning attacks or remote code execution.

NSA issues new guidance on encrypted DNS

Configuration Management, Cryptography, Cybersecurity Articles, Network Security / By Frank Crast / January 18, 2021 / DNS, DoH, NSA

The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed “DoH.”

Cisco patches High risk vulnerabilities in Small Business routers and other products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 15, 2021 / AnyConnect, Cisco, CMX, CVE-2021-1144, CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1159, CVE-2021-1160, CVE-2021-1161, CVE-2021-1237, PSIRT, Router, Small Business

Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

Authentication, Network Security, Vulnerabilities & Exploits / By Frank Crast / January 11, 2021 / CVE-2020-29583, Firewall, VPN, ZyXEL

Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.

QNAP fixes Command Injection vulnerability in QTS and QuTS hero

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / December 31, 2020 / Command Injection, CVE-2020-25847, NAS, QNAP, QSnatch, QTS, QuTS, storage, Vulnerabilities

QNAP has fixed a High severity Command Injection vulnerability CVE-2020-25847 in QTS and QuTS hero.

Hackers target 50K vulnerable Fortinet devices to steal passwords

Cybersecurity Attacks, Network Security, Password Management, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 27, 2020 / CISA, CVE-2018-13379, Fortinet, FortiOS, VPN

Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.

Cisco patches 3 Critical vulnerabilities in IMC, DNA Spaces Connector and IoT products

Internet of Things (IoT), Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 19, 2020 / CVE-2020-3470, CVE-2020-3531, CVE-2020-3586, DNA, FND, IMC, IOT, Rest API

Cisco has patched three Critical vulnerabilities in Cisco Integrated Management Controller (IMC), DNA Spaces Connector and IoT Field Network Director (FND) products.

Cisco patches 3 Security Manager vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 18, 2020 / Cisco, CVE-2020-27125, CVE-2020-27130, CVE-2020-27131, Security Manager

Cisco has patched three Cisco Security Manager vulnerabilities, one rated Critical and two High severity, that could allow a remote attacker to exploit and obtain sensitive information.