On October 16, Cisco’s Talos group highlighted an active threat campaign exploiting a zero-day vulnerability, CVE-2023-20198, in the web UI component of Cisco IOS XE software. This software operates on a broad spectrum of Cisco networking devices. The exploitation of this vulnerability can lead to a total system takeover by an attacker. What is CVE-2023-20198?… Continue reading How to fix zero-day CVE-2023-20198 in Cisco IOS XE software
Cisco has announced patches for CVE-2023-20238, a critical-severity authentication bypass vulnerability in the BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform. Here’s what you need to know: What is CVE-2023-20238? The vulnerability affecting the BroadWorks calling and collaboration platform, specifically within its single sign-on (SSO) implementation, has the potential to be exploited by a… Continue reading How to fix CVE-2023-20238 in Cisco’s BroadWorks platform
The ongoing voyages of the Federation Support Ship [REDACTED] First Officer’s log, Terrestrial date, 20230116. Officer of the Deck reporting. The technical team at Starbase 998 was able to complete their review of the [REDACTED]’s systems in good time, giving the ship a clean bill of health and confirming our own team had managed to… Continue reading Robots, Cisco end-of-life vulnerabilities and more: first officer’s blog – week 34
First Officer’s log, Terrestrial date, 20220919. Officer of the Deck reporting. Ongoing communications from the mission team on [REDACTED] have shown steady progress, but the project has been running into more and more unexpected complexity. Though, in hindsight, we should have expected at least this much of a challenge. The people of [REDACTED] are technically… Continue reading Cisco End-of-Life threat and more: first officer’s log – week 17
If you need to know how to fix the Cisco router vulnerability, CVE-2021-1289, you’ve come to the right place. Frankly, if you need to know how to fix just about any CVE, we’re going to let you in on a secret weapon in the fight against bad cyber hygiene. Using remediation intelligence gathered from Vulcan… Continue reading Fix the Cisco vulnerability, CVE-2021-1289
Over the past couple of weeks, we’ve seen some high profile security threats that require your immediate attention. In this digest we’ve rounded them all up. Now in order to help you address these threats, I’ve added actionable steps for you to follow in order to mitigate these risks.
As 2019 draws to a close, we want to look back at the year’s biggest security breaches. Some we chose because of the damage they caused, others because of how easily they could have been avoided, just by using stronger passwords or paying attention to warnings. Even the more complex ones could have been prevented… Continue reading Looking Back at 2019’s Nastiest Software Vulnerabilities