Tag
#cisco
Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.
Online Sports Complex Booking System version 1.0 suffers from an ignored default credential vulnerability.
Online Pizza Ordering System version 1.0 suffers from an ignored default credential vulnerability.
File Management System version 1.0 suffers from an insecure direct object reference vulnerability.
Talos' Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer attention to infostealers.
While this issue was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated, and still remained vulnerable when Talos reported it to the vendor.
In my opinion, mandatory enrollment is best enrollment.
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information. A brief description of the two vulnerabilities is below - CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account