Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

NIST NVD Halt Leaves Thousands of Vulnerabilities Untagged

By Deeba Ahmed 40% of 2024 CVEs Missing Key Info: NVD Data Gap Raises Security Risks! This is a post from HackRead.com Read the original post: NIST NVD Halt Leaves Thousands of Vulnerabilities Untagged

HackRead
#vulnerability#web#cisco#auth#zero_day
TikTok faces ban in US unless it parts ways with Chinese owner ByteDance

A bill that passed the House of Representatives would ban TikTok from the US unless Chinese owner ByteDance gives up its share of the app.

Cisco Firepower Management Center Remote Command Execution

Cisco Firepower Management Center suffers from an authenticated remote command execution vulnerability. Many versions spanning the 7.x.x.x and 6.x.x.x branches are affected.

Threat actors leverage document publishing sites for ongoing credential and session token theft

Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks.

Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft

March’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.”

Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws

By Deeba Ahmed Cisco announced patches for high-severity vulnerabilities on Wednesday, March 6, 2024. This is a post from HackRead.com Read the original post: Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF

You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam

It’s important to be vigilant about tax-related scams any time these deadlines roll around, regardless of what country you’re in, but it’s not like you need to be particularly more skeptical in March and April.

Badge Launches Partner Program for ‘Enroll Once and Authenticate Any Device’ Software

By cyberwire Badge Launches Partner Program to Expand Availability of its Privacy-Enhancing “Enroll Once and Authenticate on Any Device” Software. This is a post from HackRead.com Read the original post: Badge Launches Partner Program for ‘Enroll Once and Authenticate Any Device’ Software