Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).
The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA's WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack

Headline

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

The Hacker News: Latest News