Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Valeo Networks Acquires Next I.T.

Next I.T. is the sixth and largest acquisition to date for Valeo Networks.

DARKReading
Open in Source
#mac#microsoft#cisco#dell
Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild

Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. "A successful exploit could allow

Threat Source newsletter (May 19, 2022) — Why I'm missing the days of iPods and LimeWire

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  I will openly admit that I still own a “classic” iPod — the giant brick that weighed down my skinny jeans in high school and did nothing except play music. There are dozens of hours of music on there that I... [[ This is only the beginning! Please visit the blog for the complete entry ]]

MITRE Creates Framework for Supply Chain Security

System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.

The BlackByte ransomware group is striking users all over the globe

News summary Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam.The FBI released a joint cybersecurity advisory in February 2022 warning about this group,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

TorchLight Expands Cybersecurity Services With MDR Sentinel in Partnership With Microsoft

MDR Sentinel expands TorchLight’s leading managed detection and response (MDR) services with turnkey SIEM and SOAR capabilities from Microsoft; TorchLight also announces it attains elite Microsoft Gold Partner Status

CVE-2022-28190: Security Bulletin: NVIDIA GPU Display Driver - May 2022

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service.

Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver

Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card.  NVIDIA graphics... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Open Source Security Gets $150M Boost From Industry Heavy Hitters

Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security.