Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.

Continue Reading Cisco patches vulnerabilities in SD-WAN, Small Business routers and other products

Critical F5 BIG-IP vulnerability under active attack

Security researchers are warning of mass scans and active exploits of a Critical vulnerability on F5 BIG-IP and BIG-IQ infrastructure. F5 patched the Critical remote code execution vulnerability CVE-2021-22986 nearly two weeks ago when the networking company confirmed an unauthenticated attacker could exploit the vulnerability.

Continue Reading Critical F5 BIG-IP vulnerability under active attack

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

Continue Reading 3 good examples of how to apply the Zero Trust Security Model

SonicWall releases new firmware updates for SMA 100 Series 10.X And 9.X products

SonicWall has released a new firmware update for SMA 100 Series 10.X And 9.X products. The latest update supersedes previous urgent patches that fixed a zero-day vulnerability CVE-2021-20016 earlier this month.

Continue Reading SonicWall releases new firmware updates for SMA 100 Series 10.X And 9.X products

Cisco patches AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366)

Cisco has patched a Cisco AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366). An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

Continue Reading Cisco patches AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366)

Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels”

A hacker remotely accessed a Florida city water treatment plant and attempted to increase the chemical level to "dangerous levels" before the cyberattack was thwarted.

Continue Reading Hacker remotely accesses Florida water treatment plant, bumps chemical level to “dangerous levels”