Author Archives: CIRT Team



CIRT Team

in News Clipping

Cisco Fixes RCE Bug Rated 10 Out of 10 on Severity Scale[source: bleepingcomputer]

Cisco has released software patches that fix a major vulnerability affecting Cisco devices running Adaptive Security Appliance (ASA) Software. Cisco ASA Software is the core operating system for the Cisco ASA Family, a class of security-centric networking devices that combine firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities....

Read more

0
31 Jan 2018
in Security Advisories & Alerts

A Vulnerability in Mozilla Firefox Could Allow for Arbitrary Code Execution (CVE-2018-5124)

Description: A vulnerability has been identified in Mozilla Firefox, which could allow for arbitrary code execution. A Content Security Policy (CSP) is not properly enforced on chrome-privileged documents, which are used by extensions in Mozilla FireFox. An attacker could exploit this vulnerability by enticing a user running a vulnerable version...

Read more

0
31 Jan 2018
in Security Advisories & Alerts

ISC BIND announced CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

Description: CVE-2017-3145 is a denial-of-service vector which can potentially be exploited against ISC BIND servers, causing them to crash. The underlying flaw has existed since BIND 9.0.0 but is not known to be reachable in any version prior to those containing the fix for CVE-2017-3137 [9.9.9-P8 to 9.9.11, 9.10.4-P8 to...

Read more

0
31 Jan 2018
in Security Advisories & Alerts

Cisco Email Security and Content Security Management Appliance Privilege Escalation Vulnerability (CVE-2018-0095)

Description: A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a...

Read more

0
31 Jan 2018
in Security Advisories & Alerts

Critical Alert: A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution (CVE-2017-2741)

Description: A vulnerability has been discovered in HP products, which could allow for arbitrary code execution. Depending on the printer’s placement on the network, an attacker could potentially install programs; view, change, or delete data; or create new accounts with full user rights. Impact: This vulnerability could potentially be exploited...

Read more

0
31 Jan 2018
in News Clipping

Authentication today: Moving beyond passwords [source: helpnetsecurity]

A new global study from IBM Security examining consumer perspectives around digital identity and authentication, found that people now prioritize security over convenience when logging into applications and devices. Authentication methods perceived as most secure (global perspective) Generational differences also emerged showing that younger adults are putting less care into traditional password hygiene,...

Read more

0
30 Jan 2018
Page 30 of 82« First...1020...2829303132...405060...Last »