EwDoor Botnet attacking AT&T network edge devices
An attacker has been targeting unpatched AT&T network edge devices via a brand new botnet dubbed EwDoor.
An attacker has been targeting unpatched AT&T network edge devices via a brand new botnet dubbed EwDoor.
Cisco has patched 26 High severity Cisco IOS and IOS XE software vulnerabilities for multiple network products. The company also patched one Catalyst 9200 switch vulnerability and two Cisco Aironet Access Point security bugs.
Cisco patched a Critical default credentials vulnerability CVE-2020-3446 in Cisco vWAAS for Cisco ENCS 5400-W Series and CSP 5000-W Series network appliances.
Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.
Cisco has patched two critical vulnerabilities that affects its Data Center Network Manager (DCNM) product. Both are rated very high CVSS score of 9.8 and could be exploited without authentication.
Cisco released security updates to patch critical vulnerabilities in multiple Cisco IOS products as well as high severity bugs in Cisco Wireless LAN, IOS, and other products. Two advisories have been updated with known public vulnerability exploits as recently evealed in Sea Turtle DNS hijacking campaign.
The German government Federal Office for Information Security published technical security guidelines for broadband routers commonly used in Small Office and Home Office (SOHO) environments. The new guideline provides recommendations to manufacturers on designing and implementing routing products with “adequate state-of-the -art security features.”
Security researchers warn that an IoT botnet has been scanning the internet and exploiting nearly 100,000 routers exposed with a five year old UPnP vulnerability.
Security researchers recently spotted a surge in CoinHive infected MikroTik network devices in Brazil.
NCCIC has issued a security advisory and mitigation guidance for a bluetooth vulnerability that impacts Bluetooth firmware and operating system software drivers from multiple vendors.