Cisco said its RV wireless routers and firewalls are vulnerable to remote code execution at root level. A Q3 2016 firmware update will patch the flaw.
Tag Archives: Cisco
MiniUPnP Vulnerability Clears Way for Stack Smashing Attack
Cisco has demonstrated an attack against Stack Smashing Protection in Linux systems that is facilitated by a critical vulnerability in MiniUPnP.
Cisco Jabber Client Vulnerable to Man-in-the-Middle Attack
Researchers at Synacktiv have disclosed a vulnerability in the Cisco Jabber Client for various platforms that exposes devices to man-in-the-middle attacks.
Researchers Disrupt Angler Exploit Kit Ecosystem, Derail $30M Ransomware Campaign
Researchers took a big step towards eradicating the Angler exploit kit, disrupting a large ransomware campaign connected to the kit that purportedly netted a hacker behind it more than $60 million annually.
Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100
A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of Michigan used their Zmap tool, which can scan the Internet in about […]
Attackers Replacing Firmware on Cisco Routers
Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to maintain persistence on the victim’s network. Such a technique […]
Cisco Patches File Overwrite Bug in IMC Supervisor and UCS Director
Cisco has patched a remote file-overwrite vulnerability in a couple of its products that could allow an attacker to replace arbitrary files and cause target systems to become unstable. The vulnerability affects the Cisco Integrated Management Controlled Supervisor and UCS Director software. The company has fixed the bug in new versions of the software, 1.0.0.1 […]
AutoIt Used in Targeted Attacks to Move RATs
Researchers at Cisco spotted targeted attacks moving remote access Trojans via the AutoIt administration and scripting tool.
Cisco Warns Customers About Attacks Installing Malicious IOS Bootstrap Images
Cisco is warning enterprise customers about a spike in attacks in which hackers use valid credentials on IOS devices to log in as administrators and then upload malicious ROMMON images to take control of the devices. The ROM Monitor is the program that initializes the hardware and software on IOS devices, and an attacker who […]
Windows 10 Upgrade Spam Carries CTB-Locker Ransomware
Spam messages spoofing Microsoft and promising a free Windows 10 upgrade instead drop the CTB-Locker crypto-ransomware on compromised machines.