Networking

Sandworm threat actors using new malware Cyclops Blink to target SOHO devices

Sandworm threat actors, also known as Voodoo Bear, are now using a new malware dubbed Cyclops Blink, a replacement for VPNFilter malware previously exposed in 2018, to target small office/home office (SOHO) routers and network attached storage (NAS) devices.

Sandworm threat actors using new malware Cyclops Blink to target SOHO devices Read More »

Cisco releases Critical security update for multiple vulnerabilities in Small Business RV Routers

Cisco has released a Critical security update for multiple vulnerabilities in Small Business RV Routers. Several of those vulnerabilities are rated Critical severity and have the highest rated CVSS score of 10.0.

Cisco releases Critical security update for multiple vulnerabilities in Small Business RV Routers Read More »

Cisco fixes 5 High risk Cisco IOS XR Software vulnerabilities in multiple products

Cisco has fixed five High risk Cisco IOS XR Software vulnerabilities in multiple network products, as well as a security update for OpenSSL vulnerabilities.

Cisco fixes 5 High risk Cisco IOS XR Software vulnerabilities in multiple products Read More »

Netgear patches Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches

Researchers have discovered a Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches.

Netgear patches Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches Read More »

Cisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature

Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.

Cisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature Read More »

Juniper Networks releases out-of-cycle emergency patch for FragAttack WiFi vulnerability

Juniper Networks has released an out-of-cycle emergency patch that fixes a “FragAttack” WiFi vulnerability in Juniper Networks Mist Access Points (APs).

Juniper Networks releases out-of-cycle emergency patch for FragAttack WiFi vulnerability Read More »

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated)

CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated) Read More »

NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks

Security researchers have discovered nine vulnerabilities collectively dubbed NAME:WRECK than can break DNS implementations in TCP/IP stacks and lead to denial of service or remote code execution. The experts also provided guidelines to organization on how to fix the issues.

NAME:WRECK vulnerabilities can break DNS implementations in TCP/IP stacks Read More »