Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads

The threat of VBA macros has diminished since Microsoft prevented the execution of macros in Microsoft Office documents downloaded from the internet, but not all users are using the latest up-to-date Office versions and can still be vulnerable.

TALOS
#web#mac#windows#google#microsoft#amazon#cisco#js#git#php#backdoor#vmware#auth#ssh
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework. "If successful, the adversary could gain any privileges already granted to the affected

Cisco ASA Directory Traversal

This Metasploit module exploits a directory traversal vulnerability in Ciscos Adaptive Security Appliance (ASA) software and Firepower Threat Defense (FTD) software. It lists the contents of Ciscos VPN web service which includes directories, files, and currently logged in users.

Linksys E1500 Directory Traversal

This Metasploit module exploits a directory traversal vulnerability which is present in different Linksys home routers, like the E1500.

Cisco IKE Information Disclosure

A vulnerability in Internet Key Exchange version 1 (IKEv1) packet processing code in Cisco IOS, Cisco IOS XE, and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

Cisco DLSw Information Disclosure Scanner

This Metasploit module implements the DLSw information disclosure retrieval. There is a bug in Ciscos DLSw implementation affecting 12.x and 15.x trains that allows an unauthenticated remote attacker to retrieve the partial contents of packets traversing a Cisco router with DLSw configured and active.

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to

What kind of summer has it been?

As we head into the final third of 2024, we caught up with Talos' Nick Biasini to ask him about the biggest shifts and trends in the threat landscape so far. Turns out, he has two major areas of concern.