#cisco

Lilith >_> of Cisco Talos discovered these vulnerabilities.  Cisco Talos recently discovered a memory corruption vulnerability in the uClibC library that could affect any Unix-based devices that use this library. uClibC and uClibC-ng are lightweight replacements for the popular gLibc library, which is the GNU Project's implementation of the C standard library.  TALOS-2022-1517 (CVE-2022-29503 - CVE-2022-29504) is a memory corruption vulnerability in uClibC and uClibc-ng that can occur if a malicious user repeatedly creates threads.  Many embedded devices utilize this library, but Talos specifically confirmed that the Anker Eufy Homebase 2, version 2.1.8.8h, is affected by this vulnerability. Anker confirmed that they’ve patched for this issue. However, uClibC has not issued an official fix, though we are disclosing this vulnerability in accordance with Cisco’s 90-day vulnerability disclosure policy. Talos tested and confirmed the following software is affected by these vulnerabilities:...

By Deeba Ahmed Dubbed AttachMe by researchers; the vulnerability was a severe one since it targeted all OIC customers. This is a post from HackRead.com Read the original post: AttachMe – Oracle Patches “Severe” Vulnerability in its Cloud Infrastructure

Overall SASE Spend on Pace to Top $6 Billion in 2022.

By Owais Sultan Phishing scams are sneaky and often difficult to detect. These types of cyber attacks involve cybercriminals sending emails,… This is a post from HackRead.com Read the original post: The Types of Phishing Attacks and How to Dodge All of Them

Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. "This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others," the San Francisco-based

The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways.

Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."

By Waqas Unconfirmed reports claim an 18-year-old kid is behind the massive Uber hack. This is a post from HackRead.com Read the original post: Uber Hack – Ride-hailing Giant Investigating Large-Scale Data Breach

Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities. The New York Times first reported the incident. The hack is said to have forced the company to take its internal communications and engineering systems offline as it investigated the extent of the breach.

A stunning three-quarters of companies are looking to consolidate their security products this year, up from 29% in 2020, suggesting fiercer competition among cybersecurity vendors.