Cisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature

Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.

Continue ReadingCisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.

Continue ReadingHigh risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.

Continue ReadingNIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations