Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Cisco Unified Customer Voice Portal Interactive Voice Response Connection DOS Vulnerability(CVE-2018-0139)

Description: A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) condition. The vulnerability is due to improper handling of a TCP...

Read more

0
25 Feb 2018
in Security Advisories & Alerts

Cisco Elastic Services Controller Service Portal Authentication Bypass Vulnerability(CVE-2018-0121)

Description: A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper security restrictions that are imposed by...

Read more

0
25 Feb 2018
in Security Advisories & Alerts

Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability (CVE-2018-0124)

Description: A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. The vulnerability is due to insecure key generation during application configuration. An attacker could exploit this vulnerability by using a known insecure key value...

Read more

0
25 Feb 2018
in News Clipping

Why Businesses Should Care About Ransomware [source: cloudwards]

In the past couple of years, there has been a proliferation of ransomware attacks affecting individuals and organizations, ranging from government institutions to corporations, and small businesses. It’s a fairly popular attack tactic among hackers, mostly because of its sheer capability to easily extort from victims. But, what exactly are we talking...

Read more

0
25 Feb 2018
in News Clipping

IBM X-Force IRIS Uncovers Active Business Email Compromise Campaign [securityintelligence]

IBM X-Force Incident Response and Intelligence Services (IRIS) assesses that threat groups of likely Nigerian origin are engaged in a widespread credential harvesting, phishing and social engineering campaign designed to steal financial assets. Beginning in the fall of 2017, X-Force IRIS experienced a significant increase in clients reporting instances of...

Read more

0
25 Feb 2018
Page 1 of 5912345...102030...Last »