Cisco has patched a critical vulnerability in the REST API of Cisco’s Elastic Services Controller that could lead to an attacker bypassing authentication on the REST API.
Cisco released security updates to patch a critical “SSH Key” vulnerability in Cisco Nexus 9000 series software as well as 22 High and 18 Medium severity bugs in multiple products, such as Cisco’s Web Security Appliance, Umbrella, Adaptive Security Appliance, Firepower, Small Business routers and others.
Security experts warn of a new cyber threat campaign dubbed “Sea Turtle” that targets public and private organizations in the Middle East and North Africa. The ongoing operation likely lasted from January 2017 through the first quarter of this year.
The CERT Coordination Center (CERT/CC) has released a security advisory describing multiple vulnerabilities that impact Broadcom WiFi chipset drivers. Four vendors have confirmed they are impacted at the time of the latest published advisory on Wednesday.
The Wi-Fi Alliance® issued a security update confirming the discovery of vulnerabilities in WPA3-Personal by security researchers. The vulnerabilities collectively dubbed “DragonBlood” is based on the underlying Dragonfly handshake used by WPA3.