Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar
Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million […]
news
news
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The
news
HPE Aruba Networking fixes critical flaws impacting Access Points
HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points.
news
EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these
news
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack
news
Threat landscape for industrial automation systems, Q2 2024
Statistics across all threats In the second quarter of 2024, the percentage of ICS computers on which malicious objects were
news
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting,
news
Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could
news
Cisco SD-WAN vEdge Software UDP Packet Validation Denial of Service Vulnerability
A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to
news
Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated,
news
Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow
news
Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform
news
Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could
news
Cisco IOS XE Software Protocol Independent Multicast Denial of Service Vulnerability
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker
news
Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated,
news
Cisco IOS XE Software HTTP Server Telephony Services Denial of Service Vulnerability
A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could
news
Cisco IOS XE Software for Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an
news
Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010,
news
Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated,
news
Cisco Catalyst Center Static SSH Host Key Vulnerability
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker