EwDoor Botnet attacking AT&T network edge devices
An attacker has been targeting unpatched AT&T network edge devices via a brand new botnet dubbed EwDoor.
Network
Cisco fixes 29 High risk security bugs in Cisco IOS and IOS XE software, Aironet and other network products
Cisco has patched 26 High severity Cisco IOS and IOS XE software vulnerabilities for multiple network products. The company also patched one Catalyst 9200 switch vulnerability and two Cisco Aironet Access Point security bugs.
Cisco patches Critical default credentials vulnerability (CVE-2020-3446) in network appliances
Cisco patched a Critical default credentials vulnerability CVE-2020-3446 in Cisco vWAAS for Cisco ENCS 5400-W Series and CSP 5000-W Series network appliances.
Cisco patches vulnerabilities in multiple products
Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.
Cisco patches critical bugs in Data Center Network Manager
Cisco has patched two critical vulnerabilities that affects its Data Center Network Manager (DCNM) product. Both are rated very high CVSS score of 9.8 and could be exploited without authentication.
Cisco patches Critical Vulnerability, warns of known public exploits
Cisco released security updates to patch critical vulnerabilities in multiple Cisco IOS products as well as high severity bugs in Cisco Wireless LAN, IOS, and other products. Two advisories have been updated with known public vulnerability exploits as recently evealed in Sea Turtle DNS hijacking campaign.
Germany Publishes New Broadband Router Security Guidelines
The German government Federal Office for Information Security published technical security guidelines for broadband routers commonly used in Small Office and Home Office (SOHO) environments. The new guideline provides recommendations to manufacturers on designing and implementing routing products with “adequate state-of-the -art security features.”
Home routers exploited via IoT botnet
Security researchers warn that an IoT botnet has been scanning the internet and exploiting nearly 100,000 routers exposed with a five year old UPnP vulnerability.
MicroTik router infections spread, cause surge in CoinHive
Security researchers recently spotted a surge in CoinHive infected MikroTik network devices in Brazil.
Bluetooth vulnerability alert
NCCIC has issued a security advisory and mitigation guidance for a bluetooth vulnerability that impacts Bluetooth firmware and operating system software drivers from multiple vendors.