Cyber Security News

Cisco SD-WAN Solution CLI command injection [CVE-2018-0433]

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability, which was classified as critical, has been found in Cisco SD-WAN Solution (the affected version is unknown). Affected by this issue is an unknown function of the component CLI . The manipulation with an unknown input leads to a privilege escalation vulnerability (Command Injection).
Categories: Cyber Security News

Cisco SD-WAN Solution Zero Touch Provisioning Crafted Certificate information disclosure

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability, which was classified as problematic, was found in Cisco SD-WAN Solution (the affected version is unknown). This affects an unknown function of the component Zero Touch Provisioning . The manipulation as part of a Crafted Certificate leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200 .
Categories: Cyber Security News

Cisco Umbrella Enterprise Roaming Client privilege escalation

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability was found in Cisco Umbrella Enterprise Roaming Client (the affected version is unknown). It has been declared as critical. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a privilege escalation vulnerability. The CWE definition for the vulnerability is CWE-269 .
Categories: Cyber Security News

Cisco Data Center Network Manager Web Interface HTTP Request privilege escalation

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability classified as critical has been found in Cisco Data Center Network Manager (the affected version is unknown). This affects an unknown function of the component Web Interface . The manipulation as part of a HTTP Request leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-269 .
Categories: Cyber Security News

Cisco Packaged Contact Center Enterprise Web-based Management Interface cross site request forgery

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability, which was classified as problematic, has been found in Cisco Packaged Contact Center Enterprise (the affected version is unknown). This issue affects an unknown function of the component Web-based Management Interface . The manipulation with an unknown input leads to a cross site request forgery vulnerability.
Categories: Cyber Security News

Cisco Industrial Network Director Web-based Management Interface cross site request forgery

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability, which was classified as problematic, was found in Cisco Industrial Network Director (the affected version is unknown). Affected is an unknown function of the component Web-based Management Interface . The manipulation with an unknown input leads to a cross site request forgery vulnerability.
Categories: Cyber Security News

Cisco Email Security Appliance Anti-Spam Protection Mechanism Messages privilege escalation

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability has been found in Cisco Email Security Appliance (the affected version is unknown) and classified as critical. Affected by this vulnerability is an unknown function of the component Anti-Spam Protection Mechanism . The manipulation as part of a Messages leads to a privilege escalation vulnerability.
Categories: Cyber Security News

Cisco Digital Network Architecture Center Identity Management Request weak authentication

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability was found in Cisco Digital Network Architecture Center (the affected version is unknown) and classified as critical. Affected by this issue is an unknown function of the component Identity Management . The manipulation as part of a Request leads to a weak authentication vulnerability.
Categories: Cyber Security News

Cisco Data Center Network Manager Web-based Management Interface cross site scripting

Cyber Security News - Sat, 10/06/2018 - 02:46
A vulnerability was found in Cisco Data Center Network Manager (the affected version is unknown). It has been classified as problematic. This affects an unknown function of the component Web-based Management Interface . The manipulation with an unknown input leads to a cross site scripting vulnerability.
Categories: Cyber Security News

MacBook Pro: Apple verhindert Reparaturen durch Drittanbieter – wegen Sicherheitschip

Cyber Security News - Sat, 10/06/2018 - 02:41
zertifizierte Reparaturspezialisten können bei MacBook Pro 2018 und dem iMac Pro bestimmte Reparaturen nicht mehr durchführen. Beim iMac Pro sind davon Reparaturmaßnahmen hinsichtlich von Logicboard und Flash-Speicher betroffen. Beim MacBook Pro hindert Apple darüber hinaus Drittanbieter an....
Categories: Cyber Security News

英國情報機構GCHQ:沒有理由質疑蘋果和亞馬遜否認伺服器遭入侵的合理性

Cyber Security News - Sat, 10/06/2018 - 02:38
陳端武; 2018-10-06 13:32. 彭博(Bloomberg)於10月4日報導蘋果(Apple)、亞馬遜(Amazon)所使用的部分伺服器疑遭植入間諜晶片。對此,英國國家網路安全機構政府通訊總部(Government Communicat...
Categories: Cyber Security News

Chinesische Spionage: Deutschlands Cyber-Sicherheitsbehörde schlägt nach Bericht über Spionage-Chips Alarm

Cyber Security News - Sat, 10/06/2018 - 02:38
Berlin Der Bericht des Magazins „Businessweek“ liest sich wie ein wahrgewordener Alptraum der Tech-Branche: Chinesischen Militärhackern sei es gelungen Spionage-Chips in Server für Apple und Amazon einzubauen. Die Unternehmen halten mit ungewöhnlich scharfen Dementis dagegen. Damit ist die Geschichte jedoch noch lange nicht aus der Welt.
Categories: Cyber Security News

Industry Reactions to Chinese Spy Chips: Feedback Friday

Cyber Security News - Sat, 10/06/2018 - 02:37
#1231979: Industry Reactions to Chinese Spy Chips: Feedback Friday. Bloomberg reported this week that the Chinese government planted tiny chips in Super Micro servers to spy on Amazon, Apple and tens of other important organizations in the United States.
Categories: Cyber Security News

Trojans go after MS Office vulnerabilities and China hacks US hardware

Cyber Security News - Sat, 10/06/2018 - 02:33
. Danabot opens a US account. After making its presence felt in Australia and European banks, Danabot, a modular Trojan horse has made its way to the States . Written in Delphi, the perpetual beta modular malware can take screenshots, log keys and stealing form data from infected computers.
Categories: Cyber Security News

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Cyber Security News - Sat, 10/06/2018 - 02:33
From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation alleging that Chinese cyber spies had used a U.
Categories: Cyber Security News

Mandia: Tipping Point Now Here for Rules of Cyber Engagement - Dark Reading

Cyber Security News - Sat, 10/06/2018 - 02:25
Kevin Mandia believes cybersecurity has reached a critical juncture globally. "My gut is everyone is escalating in cyber. It feels different now," Mandia said in an interview this week about current nation-state hacking activity. "We're going to have to do something, have some kind of international dialog," he said.
Categories: Cyber Security News

Cyber Week in Review: October 5, 2018 - Council on Foreign Relations (blog)

Cyber Security News - Sat, 10/06/2018 - 02:25
The four alleged GRU operatives implicated in the cyber operations against the OPCW and international sporting bodies. Dutch Ministry of Defense/via Reuters. This week: Chinese supply chain attacks, Russian military intelligence under the microscope, and fake news in Indonesia.
Categories: Cyber Security News

Odd WIFI signal on EVERY tram (Melbourne)

Cyber Security News - Sat, 10/06/2018 - 02:22
so there is this odd wifi signal on the Melbourne and its just called "0" it has WEP protection so its not very secure but the MAC address changes every stop making it very hard to hack any know what the hell this is. People in Melbourne, go to a tram and check it out. A subreddit dedicated to hacking and hackers.
Categories: Cyber Security News

Apple, Amazon deny Bloomberg report on Chinese hardware attack

Cyber Security News - Sat, 10/06/2018 - 02:11
Inc and Amazon .com Inc denied a Bloomberg Businessweek report on Thursday that said their systems had been infiltrated by malicious computer chips inserted by Chinese intelligence agents. Bloomberg cited 17 unidentified sources from intelligence agencies and business to support claims that Chinese....
Categories: Cyber Security News

Feds Indict 7 Russians for Hacking and Disinformation - BankInfoSecurity.com

Cyber Security News - Sat, 10/06/2018 - 01:52
Four of the accused Russian hackers traveled to the Netherlands in April to conduct reconnaissance of the Organization for the Prohibition of Chemical Weapons, carrying specialized equipment for hacking WiFi networks, the Dutch government says. See related story: See Also: Live Webinar | BSIMM: How To Assess Your Software Security Initiative The U.
Categories: Cyber Security News

Pages